Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS216138.roa
File: AS216138.roa (raw, json)
Hash identifier: wjNxlEsB1wA9Yxa02upgjfXqaFOppImXO0zkwnM0zsY=
Subject key identifier: 4B:F4:28:31:BE:E8:EC:3C:A8:2F:70:9E:A0:49:0E:FD:4F:DB:58:91
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3A2C8C33F20BB4823C3276E43318089AFAB7DCFA
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS216138.roa
Signing time: Thu 05 Mar 2026 06:49:13 +0000
ROA not before: Thu 05 Mar 2026 06:44:13 +0000
ROA not after: Thu 04 Mar 2027 06:49:13 +0000
asID: 216138
IP address blocks: 82.26.194.0/24 maxlen: 24
178.83.171.0/24 maxlen: 24
178.83.175.0/24 maxlen: 24
178.83.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:2c:8c:33:f2:0b:b4:82:3c:32:76:e4:33:18:08:9a:fa:b7:dc:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 5 06:44:13 2026 GMT
Not After : Mar 4 06:49:13 2027 GMT
Subject: CN=4BF42831BEE8EC3CA82F709EA0490EFD4FDB5891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:9a:78:1e:83:47:19:bc:60:78:2f:4d:cc:78:
a8:6c:4d:cb:63:e2:64:04:f4:d5:69:b8:36:f7:5c:
bb:08:09:ee:16:a6:49:31:12:99:2b:8c:3f:33:92:
40:f1:61:4d:de:8a:6b:94:fc:5f:74:1e:4f:4d:e8:
85:4b:2d:5b:16:3c:36:3f:09:3b:93:dc:45:66:5c:
90:11:d2:9a:53:13:fb:6c:ca:46:22:4a:f1:fd:11:
d6:8b:c8:28:19:90:73:61:42:62:54:41:3d:62:12:
32:4c:a7:47:8c:3b:5b:b8:bd:a6:34:61:f5:d1:c6:
dc:fe:93:c0:9a:3d:4d:b2:86:49:7d:97:3f:4c:0f:
b9:2b:e3:f1:18:7e:ff:1c:61:bb:d0:c3:24:7b:85:
1a:cb:c0:06:f6:71:f8:8d:7e:62:aa:f7:9c:b5:b3:
f9:a3:01:80:44:6e:f9:db:67:0c:94:a5:9d:f7:6a:
fe:e2:00:49:1c:30:f3:07:9e:c7:62:03:2d:f8:27:
41:4a:bd:ea:ce:40:c4:9e:63:62:bd:cb:50:3e:1f:
35:8d:92:69:ae:d8:ed:1c:06:56:f5:f4:84:f1:b2:
ff:f9:27:f1:33:de:e5:0b:b7:4c:18:71:21:82:7d:
97:b4:fb:be:32:b8:18:6a:d6:93:a2:c0:13:14:c3:
7b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:F4:28:31:BE:E8:EC:3C:A8:2F:70:9E:A0:49:0E:FD:4F:DB:58:91
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS216138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.26.194.0/24
178.83.171.0/24
178.83.175.0/24
178.83.203.0/24
Signature Algorithm: sha256WithRSAEncryption
72:b1:70:98:ba:70:43:6d:c9:f5:9c:be:71:b4:d5:cf:37:ec:
9c:fa:b2:e9:c5:b3:23:49:38:cf:ae:7d:78:a6:9f:51:04:51:
cd:ca:c0:1f:e2:e5:c4:e2:69:d2:fb:e5:e3:ef:2a:c1:aa:02:
81:99:24:21:f3:4e:80:39:75:dd:62:a1:a6:24:66:96:59:99:
0a:f1:4d:7d:30:bd:92:e9:40:b5:ed:b0:17:78:89:b0:9d:48:
3a:e4:28:af:fc:08:21:ba:f9:f3:ae:2f:61:d2:44:b2:e0:ef:
bb:b6:81:1f:ca:ff:49:4e:6d:42:e6:74:9b:ef:26:84:1e:a0:
6b:21:f9:e1:40:7a:da:ba:71:cd:83:30:05:68:92:73:a7:e8:
f5:76:52:94:04:98:7b:d9:d8:f6:b8:ef:6a:42:2b:bd:45:a6:
8d:c3:e0:0c:e5:53:8c:e8:f0:0d:80:e4:41:2b:e7:7e:d8:21:
9b:a4:69:84:e8:2b:8b:1a:4c:4b:8c:bf:cd:3f:0e:01:82:fa:
00:d2:1c:90:60:82:70:31:00:12:12:8a:c1:25:75:4a:74:22:
11:d1:ed:f5:2f:00:51:b5:78:ad:90:ae:05:25:bf:16:78:6b:
4a:e7:ce:f9:79:1f:5b:68:84:22:ca:10:67:4e:3a:72:6e:37:
77:dd:51:39
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUOiyMM/ILtII8MnbkMxgImvq33PowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMDUwNjQ0MTNaFw0yNzAzMDQwNjQ5MTNaMDMxMTAvBgNV
BAMTKDRCRjQyODMxQkVFOEVDM0NBODJGNzA5RUEwNDkwRUZENEZEQjU4OTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCLmngeg0cZvGB4L03MeKhsTctj
4mQE9NVpuDb3XLsICe4WpkkxEpkrjD8zkkDxYU3eimuU/F90Hk9N6IVLLVsWPDY/
CTuT3EVmXJAR0ppTE/tsykYiSvH9EdaLyCgZkHNhQmJUQT1iEjJMp0eMO1u4vaY0
YfXRxtz+k8CaPU2yhkl9lz9MD7kr4/EYfv8cYbvQwyR7hRrLwAb2cfiNfmKq95y1
s/mjAYBEbvnbZwyUpZ33av7iAEkcMPMHnsdiAy34J0FKverOQMSeY2K9y1A+HzWN
kmmu2O0cBlb19ITxsv/5J/Ez3uULt0wYcSGCfZe0+74yuBhq1pOiwBMUw3uvAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUS/QoMb7o7DyoL3CeoEkO/U/bWJEwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE2MTM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUhrC
AwQAslOrAwQAslOvAwQAslPLMA0GCSqGSIb3DQEBCwUAA4IBAQBysXCYunBDbcn1
nL5xtNXPN+yc+rLpxbMjSTjPrn14pp9RBFHNysAf4uXE4mnS++Xj7yrBqgKBmSQh
806AOXXdYqGmJGaWWZkK8U19ML2S6UC17bAXeImwnUg65Civ/Aghuvnzri9h0kSy
4O+7toEfyv9JTm1C5nSb7yaEHqBrIfnhQHraunHNgzAFaJJzp+j1dlKUBJh72dj2
uO9qQiu9RaaNw+AM5VOM6PANgORBK+d+2CGbpGmE6CuLGkxLjL/NPw4BgvoA0hyQ
YIJwMQASEorBJXVKdCIR0e31LwBRtXitkK4FJb8WeGtK5875eR9baIQiyhBnTjpy
bjd33VE5
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:29:05 2026 by rpki-client