Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS984.roa
File: AS984.roa (raw, json)
Hash identifier: 0SV6eo8eiOjrvB0Ps+2qPFEvvHCvmp4YFqFhZCvzs6s=
Subject key identifier: C3:2A:D4:76:D6:77:30:59:29:9C:AE:C8:04:38:B7:C4:E4:26:19:DA
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 32E13A017C3BC6D7E27E3F77525A0E6807BB5F39
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS984.roa
Signing time: Sat 11 Oct 2025 06:50:29 +0000
ROA not before: Sat 11 Oct 2025 06:45:29 +0000
ROA not after: Sat 10 Oct 2026 06:50:29 +0000
asID: 984
IP address blocks: 82.21.7.0/24 maxlen: 24
82.23.163.0/24 maxlen: 24
82.24.79.0/24 maxlen: 24
82.24.113.0/24 maxlen: 24
82.24.123.0/24 maxlen: 24
82.26.174.0/24 maxlen: 24
2a13:9500:8c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 05:35:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:e1:3a:01:7c:3b:c6:d7:e2:7e:3f:77:52:5a:0e:68:07:bb:5f:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Oct 11 06:45:29 2025 GMT
Not After : Oct 10 06:50:29 2026 GMT
Subject: CN=C32AD476D6773059299CAEC80438B7C4E42619DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:03:2e:0c:54:82:0b:69:ae:aa:d8:19:03:f9:
c3:da:89:89:cf:30:aa:85:11:f6:3a:ef:b2:9f:97:
f7:b6:1a:ca:b4:35:b1:f1:7f:44:b3:b6:71:75:84:
7f:46:1d:ba:f4:c8:82:e4:f2:f4:81:02:94:1b:20:
45:80:4b:64:38:32:13:9d:fd:f5:74:04:01:84:46:
8b:b2:f1:be:a7:fa:39:32:42:26:11:87:a7:40:f4:
66:8c:1f:3d:c0:7e:32:0f:30:5d:6c:9f:e7:52:ef:
19:c9:84:e6:09:06:f2:67:99:2c:d3:e4:46:33:36:
ec:03:8c:28:69:77:f6:99:5a:cc:55:01:90:50:cc:
72:9c:b0:3f:02:22:0e:1c:42:bd:48:94:80:4f:66:
4f:85:89:24:b2:8d:fd:42:ad:45:6f:6f:8f:5b:90:
cf:00:1c:f8:2c:a8:ba:db:0c:52:15:4c:1b:55:b0:
bf:10:65:28:e6:d3:53:ba:3b:b9:64:bc:ba:51:cb:
45:47:1a:96:9f:c3:9d:7e:62:32:c8:b4:48:d1:cf:
2b:22:67:84:67:5f:11:d8:5f:78:76:a4:65:e0:53:
61:11:be:d1:22:9d:f1:70:d2:ea:32:6e:22:ac:94:
ec:5e:48:1c:fd:51:7f:89:93:df:2a:32:5d:26:50:
da:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:2A:D4:76:D6:77:30:59:29:9C:AE:C8:04:38:B7:C4:E4:26:19:DA
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS984.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.7.0/24
82.23.163.0/24
82.24.79.0/24
82.24.113.0/24
82.24.123.0/24
82.26.174.0/24
IPv6:
2a13:9500:8c::/48
Signature Algorithm: sha256WithRSAEncryption
21:81:cd:c2:0f:b6:a5:be:42:bf:ba:5f:10:6b:1a:4a:8f:01:
fd:8a:5e:3e:3e:f3:5c:38:ad:02:d4:f1:af:dd:59:90:fb:c7:
15:37:be:a4:50:ba:4f:9f:76:44:09:e9:a8:16:ce:a0:fd:10:
df:45:7d:53:76:6a:ff:dd:36:52:a2:b0:88:dc:7f:d1:b7:f1:
9a:07:c3:06:c9:67:44:a7:02:a6:6a:28:8c:24:5c:be:1e:91:
31:9c:87:a3:4c:c9:8e:24:b2:5b:4c:82:c2:fc:77:3b:17:93:
55:8b:77:d4:7c:37:9b:de:b4:4b:0a:17:41:b4:03:f3:4e:0e:
c6:ea:63:c5:e6:6d:d0:3d:41:3b:eb:1a:1f:fe:b5:59:a7:fa:
ae:ce:e3:30:d8:b0:80:a4:f8:ea:59:35:87:5a:4e:f6:36:b6:
de:63:11:17:21:05:72:57:72:5a:dd:ea:cb:b3:a8:a9:b6:93:
aa:af:38:8a:9c:0f:91:96:ba:d8:3c:22:20:4a:c1:94:7f:2a:
db:2e:d9:c4:56:47:24:75:c5:ac:e6:a2:38:b7:85:de:a4:b2:
55:0f:13:f5:3c:7e:a6:18:1a:85:5d:a2:be:ff:36:9c:61:dc:
00:29:30:2b:f4:9f:7d:f6:0a:bc:52:38:45:7f:1d:ba:0c:ef:
25:44:94:b2
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUMuE6AXw7xtfifj93UloOaAe7XzkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEwMTEwNjQ1MjlaFw0yNjEwMTAwNjUwMjlaMDMxMTAvBgNV
BAMTKEMzMkFENDc2RDY3NzMwNTkyOTlDQUVDODA0MzhCN0M0RTQyNjE5REEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOAy4MVIILaa6q2BkD+cPaiYnP
MKqFEfY677Kfl/e2Gsq0NbHxf0SztnF1hH9GHbr0yILk8vSBApQbIEWAS2Q4MhOd
/fV0BAGERouy8b6n+jkyQiYRh6dA9GaMHz3AfjIPMF1sn+dS7xnJhOYJBvJnmSzT
5EYzNuwDjChpd/aZWsxVAZBQzHKcsD8CIg4cQr1IlIBPZk+FiSSyjf1CrUVvb49b
kM8AHPgsqLrbDFIVTBtVsL8QZSjm01O6O7lkvLpRy0VHGpafw51+YjLItEjRzysi
Z4RnXxHYX3h2pGXgU2ERvtEinfFw0uoybiKslOxeSBz9UX+Jk98qMl0mUNqHAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUwyrUdtZ3MFkpnK7IBDi3xOQmGdowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTg0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQAUhUHAwQA
UhejAwQAUhhPAwQAUhhxAwQAUhh7AwQAUhquMA8EAgACMAkDBwAqE5UAAIwwDQYJ
KoZIhvcNAQELBQADggEBACGBzcIPtqW+Qr+6XxBrGkqPAf2KXj4+81w4rQLU8a/d
WZD7xxU3vqRQuk+fdkQJ6agWzqD9EN9FfVN2av/dNlKisIjcf9G38ZoHwwbJZ0Sn
AqZqKIwkXL4ekTGch6NMyY4ksltMgsL8dzsXk1WLd9R8N5vetEsKF0G0A/NODsbq
Y8XmbdA9QTvrGh/+tVmn+q7O4zDYsICk+OpZNYdaTvY2tt5jERchBXJXclrd6suz
qKm2k6qvOIqcD5GWutg8IiBKwZR/Ktsu2cRWRyR1xazmoji3hd6kslUPE/U8fqYY
GoVdor7/Npxh3AApMCv0n332CrxSOEV/HboM7yVElLI=
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:04:12 2025 by rpki-client