Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS216138.roa
File: AS216138.roa (raw, json)
Hash identifier: U/ccgPxx76rVbTMrkTDLTq4M4GBaGagrVQ9/tNKHQIE=
Subject key identifier: 87:A6:68:62:D3:F5:56:07:C3:66:39:74:9D:68:34:93:9D:8C:1B:04
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4A02163DCC2AF12DD5EFDAA565ADBAFDA6863244
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS216138.roa
Signing time: Thu 07 May 2026 16:22:45 +0000
ROA not before: Thu 07 May 2026 16:17:45 +0000
ROA not after: Thu 06 May 2027 16:22:45 +0000
asID: 216138
IP address blocks: 82.26.194.0/24 maxlen: 24
82.47.189.0/24 maxlen: 24
82.47.190.0/24 maxlen: 24
82.47.208.0/24 maxlen: 24
82.47.212.0/24 maxlen: 24
82.47.214.0/24 maxlen: 24
82.47.218.0/24 maxlen: 24
82.47.219.0/24 maxlen: 24
82.47.221.0/24 maxlen: 24
82.47.224.0/24 maxlen: 24
82.47.225.0/24 maxlen: 24
82.47.228.0/24 maxlen: 24
82.47.229.0/24 maxlen: 24
82.47.231.0/24 maxlen: 24
82.47.242.0/24 maxlen: 24
82.47.243.0/24 maxlen: 24
82.47.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:02:16:3d:cc:2a:f1:2d:d5:ef:da:a5:65:ad:ba:fd:a6:86:32:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 7 16:17:45 2026 GMT
Not After : May 6 16:22:45 2027 GMT
Subject: CN=87A66862D3F55607C36639749D6834939D8C1B04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:86:21:64:ad:4c:4c:be:1a:c1:a7:4f:55:ca:
7f:5f:0f:f3:5d:7c:18:c2:37:60:49:b8:25:65:e1:
74:40:2c:85:dc:98:32:be:8c:07:57:c7:8c:02:c9:
d5:65:49:f4:d0:0f:91:1f:72:fc:eb:e0:36:47:d3:
7d:7e:de:c4:c8:21:e9:9a:1f:fe:04:48:9b:90:ab:
94:1d:2a:73:ad:82:91:f2:86:82:34:80:29:f4:f6:
0c:91:d2:42:53:45:55:f6:af:36:95:df:9f:b6:a9:
d4:5e:e3:c4:d0:59:4f:41:d8:64:08:22:94:c6:a9:
fb:47:66:0b:c3:68:20:a8:9d:85:f3:1a:a9:9e:69:
d5:db:cf:29:61:0b:05:12:9c:ac:65:2a:29:e0:93:
3e:91:5b:21:fe:8c:6e:43:a9:13:2f:89:60:7c:dd:
cb:32:f5:96:a0:cc:5d:73:d1:46:cc:02:db:e6:0b:
aa:d0:46:17:dc:9e:8f:89:02:5c:6a:b1:6d:8f:08:
f3:53:99:c8:ff:7e:5c:78:e0:5c:6f:ba:2d:bf:31:
37:ec:40:3f:1d:cf:27:dd:f3:73:d6:07:19:88:4e:
44:ca:a1:c9:5d:e8:02:3e:75:1c:f9:11:d1:8f:04:
b1:d1:c6:a8:03:c3:06:18:b3:ca:20:5a:48:2a:6b:
57:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:A6:68:62:D3:F5:56:07:C3:66:39:74:9D:68:34:93:9D:8C:1B:04
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS216138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.26.194.0/24
82.47.189.0-82.47.190.255
82.47.208.0/24
82.47.212.0/24
82.47.214.0/24
82.47.218.0/23
82.47.221.0/24
82.47.224.0/23
82.47.228.0/23
82.47.231.0/24
82.47.242.0/23
82.47.254.0/24
Signature Algorithm: sha256WithRSAEncryption
22:d6:a9:aa:14:8b:66:df:b2:15:77:5d:9f:ac:d9:80:3d:5e:
18:4f:d9:60:70:3d:07:34:07:44:51:26:35:e2:33:78:ca:fc:
a8:e4:3a:f1:d5:1d:44:44:12:85:e8:cc:9b:38:06:ea:fa:79:
13:06:e5:ed:5d:5f:17:44:78:3c:89:71:ca:2c:4f:f3:77:1d:
83:53:61:5d:c4:03:64:64:1e:14:0d:40:5a:01:31:cf:74:30:
ae:b8:30:59:50:71:23:cf:6b:a0:8c:89:fc:72:ea:b1:4e:6d:
2e:e2:42:3c:33:89:9a:49:e2:a8:ad:30:88:58:71:c9:ec:c9:
be:bc:06:e0:16:8c:a2:46:7c:f4:f4:f1:af:05:a9:64:ad:b7:
3a:05:45:df:08:d7:d8:39:21:68:93:9d:e0:ab:6f:13:55:e9:
ae:00:52:c3:d1:fd:3a:d1:75:4e:bf:56:2d:eb:ae:f1:87:2c:
28:83:be:9d:66:9e:86:ce:0c:53:a7:5f:b8:ca:da:8d:6d:03:
4e:c7:a6:84:48:db:14:9e:bb:d6:69:9d:fb:bf:e0:d6:7a:06:
9d:7d:6c:72:ec:88:a1:d3:95:7c:8f:55:d6:c1:c2:aa:e7:23:
42:7a:12:e2:40:8f:f6:c9:2a:f0:2f:c4:12:04:97:ef:dd:1b:
4a:2d:8f:c2
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgIUSgIWPcwq8S3V79qlZa26/aaGMkQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MDcxNjE3NDVaFw0yNzA1MDYxNjIyNDVaMDMxMTAvBgNV
BAMTKDg3QTY2ODYyRDNGNTU2MDdDMzY2Mzk3NDlENjgzNDkzOUQ4QzFCMDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1hiFkrUxMvhrBp09Vyn9fD/Nd
fBjCN2BJuCVl4XRALIXcmDK+jAdXx4wCydVlSfTQD5Efcvzr4DZH031+3sTIIema
H/4ESJuQq5QdKnOtgpHyhoI0gCn09gyR0kJTRVX2rzaV35+2qdRe48TQWU9B2GQI
IpTGqftHZgvDaCConYXzGqmeadXbzylhCwUSnKxlKingkz6RWyH+jG5DqRMviWB8
3csy9ZagzF1z0UbMAtvmC6rQRhfcno+JAlxqsW2PCPNTmcj/flx44Fxvui2/MTfs
QD8dzyfd83PWBxmITkTKocld6AI+dRz5EdGPBLHRxqgDwwYYs8ogWkgqa1eNAgMB
AAGjggJUMIICUDAdBgNVHQ4EFgQUh6ZoYtP1VgfDZjl0nWg0k52MGwQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE2MTM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAUhrC
MAwDBABSL70DBABSL74DBABSL9ADBABSL9QDBABSL9YDBAFSL9oDBABSL90DBAFS
L+ADBAFSL+QDBABSL+cDBAFSL/IDBABSL/4wDQYJKoZIhvcNAQELBQADggEBACLW
qaoUi2bfshV3XZ+s2YA9XhhP2WBwPQc0B0RRJjXiM3jK/KjkOvHVHUREEoXozJs4
Bur6eRMG5e1dXxdEeDyJccosT/N3HYNTYV3EA2RkHhQNQFoBMc90MK64MFlQcSPP
a6CMifxy6rFObS7iQjwziZpJ4qitMIhYccnsyb68BuAWjKJGfPT08a8FqWSttzoF
Rd8I19g5IWiTneCrbxNV6a4AUsPR/TrRdU6/Vi3rrvGHLCiDvp1mnobODFOnX7jK
2o1tA07HpoRI2xSeu9Zpnfu/4NZ6Bp19bHLsiKHTlXyPVdbBwqrnI0J6EuJAj/bJ
KvAvxBIEl+/dG0otj8I=
-----END CERTIFICATE-----
Generated at Tue May 12 23:20:26 2026 by rpki-client