Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS212027.roa
File: AS212027.roa (raw, json)
Hash identifier: mwTmCqgr/BINwa+LRLW7yo0HSDw8DAufEvQaH4pf++8=
Subject key identifier: A5:54:E8:AA:C7:82:7C:A9:20:4F:64:31:37:1F:8F:D0:EF:CB:67:D8
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 7824D99FCD83CA7861E93522D1D204D402BF8AC0
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS212027.roa
Signing time: Mon 13 Apr 2026 11:45:09 +0000
ROA not before: Mon 13 Apr 2026 11:40:09 +0000
ROA not after: Mon 12 Apr 2027 11:45:09 +0000
asID: 212027
IP address blocks: 82.139.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:24:d9:9f:cd:83:ca:78:61:e9:35:22:d1:d2:04:d4:02:bf:8a:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Apr 13 11:40:09 2026 GMT
Not After : Apr 12 11:45:09 2027 GMT
Subject: CN=A554E8AAC7827CA9204F6431371F8FD0EFCB67D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b3:e1:34:c9:c7:15:1c:23:a9:79:7a:00:e3:
e5:cf:b3:99:ca:12:88:81:83:3e:53:95:97:68:da:
e7:f5:31:41:b0:7d:87:80:99:19:56:e6:c5:38:e7:
f3:6c:19:e1:cf:e0:bd:c5:03:ed:71:ce:84:09:17:
70:bf:7c:fa:b3:85:05:52:af:29:2d:5b:44:93:e6:
77:57:c3:d8:66:5b:d3:76:e5:46:1a:3f:b0:60:65:
e9:60:f5:69:81:f1:b5:b0:12:e2:4d:53:bb:df:52:
42:4c:0f:2d:cd:82:88:61:be:9c:86:32:10:d1:59:
00:50:88:46:6a:ed:90:42:8c:da:7f:61:6a:30:4d:
11:70:7c:93:8d:1a:9f:a6:17:24:26:af:cf:99:5e:
f5:e8:e6:88:72:2a:75:3f:fc:45:05:1f:27:a5:24:
96:0c:42:f9:67:4f:c1:94:f5:71:56:c0:7d:5b:13:
76:41:da:5b:4a:54:c9:4c:d2:ea:61:fa:ad:22:d9:
79:b9:d2:5f:2a:16:82:00:e3:af:a9:2d:7f:a0:85:
fa:92:42:ec:93:46:f5:51:19:42:85:d2:9d:6a:64:
bc:5a:9a:65:ba:3d:20:66:20:18:8b:18:34:a0:cc:
a6:54:f4:f1:2e:f5:7d:d2:44:00:a8:e2:52:0b:26:
7f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:54:E8:AA:C7:82:7C:A9:20:4F:64:31:37:1F:8F:D0:EF:CB:67:D8
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS212027.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.139.192.0/24
Signature Algorithm: sha256WithRSAEncryption
75:5f:c6:b8:da:9c:ca:9b:f0:b0:b8:58:5e:72:57:ed:fd:28:
8e:3d:83:6d:c5:12:d6:b1:38:df:79:ac:74:81:e6:96:9c:2d:
3d:2b:c3:c9:9a:6d:78:49:d9:2c:a4:54:76:fa:0f:94:a3:c3:
a2:64:d8:23:f3:70:4b:1e:ee:ca:a5:55:7e:1a:d9:98:81:a2:
f6:58:ac:fb:04:85:5f:3e:c6:95:ef:0c:93:0a:6d:dc:75:bb:
4b:4a:27:e5:0f:bb:df:93:cd:d1:8b:55:30:c4:a4:89:8d:41:
f6:d1:df:8a:db:1a:40:76:dd:d5:45:5c:dc:a8:dc:86:e2:a0:
f3:7c:95:f7:a5:8e:15:ac:5a:fb:28:42:d9:1d:09:5c:33:15:
9d:3b:6d:9f:62:43:54:ca:0f:e8:4b:3c:fa:f9:7d:32:22:f8:
90:6f:33:c4:b6:c4:e2:e5:72:ef:6f:b8:92:43:dd:f5:06:a7:
84:3b:e3:b6:2f:ea:26:bc:e9:e8:23:56:33:3e:b6:d4:e2:f1:
39:b8:dd:8f:28:2c:2d:f5:5f:01:56:bf:8f:a9:37:0d:b4:f8:
ac:cb:5e:9d:cb:29:42:2a:90:18:36:1b:6a:f2:d8:38:82:d9:
d1:19:c0:71:32:48:ba:ab:ab:27:9d:90:6f:7e:f0:fd:d8:a1:
57:bd:21:20
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUeCTZn82Dynhh6TUi0dIE1AK/isAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNjA0MTMxMTQwMDlaFw0yNzA0MTIxMTQ1MDlaMDMxMTAvBgNV
BAMTKEE1NTRFOEFBQzc4MjdDQTkyMDRGNjQzMTM3MUY4RkQwRUZDQjY3RDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCps+E0yccVHCOpeXoA4+XPs5nK
EoiBgz5TlZdo2uf1MUGwfYeAmRlW5sU45/NsGeHP4L3FA+1xzoQJF3C/fPqzhQVS
ryktW0ST5ndXw9hmW9N25UYaP7BgZelg9WmB8bWwEuJNU7vfUkJMDy3NgohhvpyG
MhDRWQBQiEZq7ZBCjNp/YWowTRFwfJONGp+mFyQmr8+ZXvXo5ohyKnU//EUFHyel
JJYMQvlnT8GU9XFWwH1bE3ZB2ltKVMlM0uph+q0i2Xm50l8qFoIA46+pLX+ghfqS
QuyTRvVRGUKF0p1qZLxammW6PSBmIBiLGDSgzKZU9PEu9X3SRACo4lILJn+HAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUpVToqseCfKkgT2QxNx+P0O/LZ9gwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzIyZGI3NTU1LTlhYTQt
NDk4My05MzE2LTczODA5ZGQzNTRiYy8wL0FTMjEyMDI3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUovA
MA0GCSqGSIb3DQEBCwUAA4IBAQB1X8a42pzKm/CwuFheclft/SiOPYNtxRLWsTjf
eax0geaWnC09K8PJmm14SdkspFR2+g+Uo8OiZNgj83BLHu7KpVV+GtmYgaL2WKz7
BIVfPsaV7wyTCm3cdbtLSiflD7vfk83Ri1UwxKSJjUH20d+K2xpAdt3VRVzcqNyG
4qDzfJX3pY4VrFr7KELZHQlcMxWdO22fYkNUyg/oSzz6+X0yIviQbzPEtsTi5XLv
b7iSQ931BqeEO+O2L+omvOnoI1YzPrbU4vE5uN2PKCwt9V8BVr+PqTcNtPisy16d
yylCKpAYNhtq8tg4gtnRGcBxMki6q6snnZBvfvD92KFXvSEg
-----END CERTIFICATE-----
Generated at Sun Apr 19 11:16:26 2026 by rpki-client