Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS204821.roa
File: AS204821.roa (raw, json)
Hash identifier: yUIpskxLItmeZYIQ8Un78WofGiuWgTmJ+qtso5D142U=
Subject key identifier: 08:CB:DA:8D:CC:46:C2:D0:56:B3:51:AA:3A:2C:9E:A6:AA:9B:C5:CA
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 64E3C348E7B5F3A79C7DAFF58746EF425D6471F7
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS204821.roa
Signing time: Sat 28 Mar 2026 18:14:18 +0000
ROA not before: Sat 28 Mar 2026 18:09:18 +0000
ROA not after: Sat 27 Mar 2027 18:14:18 +0000
asID: 204821
IP address blocks: 82.38.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:e3:c3:48:e7:b5:f3:a7:9c:7d:af:f5:87:46:ef:42:5d:64:71:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 28 18:09:18 2026 GMT
Not After : Mar 27 18:14:18 2027 GMT
Subject: CN=08CBDA8DCC46C2D056B351AA3A2C9EA6AA9BC5CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:08:1b:8c:4c:37:74:00:69:6c:35:85:60:71:
5b:a9:30:3f:95:01:b1:a4:f4:fe:ce:41:04:d9:72:
f9:8f:42:66:12:5d:92:28:d1:c8:a2:e8:d2:ba:d6:
b0:cb:17:94:00:72:e8:fd:4d:b9:32:f4:74:27:38:
41:27:d6:d1:62:d3:b4:df:01:9e:b6:bc:69:96:84:
da:65:59:8b:66:5b:50:d0:85:2f:3a:28:49:a5:f9:
9f:16:f2:67:6f:5c:18:85:1a:4f:5a:42:96:8c:65:
ec:28:c2:20:5e:3e:c5:4e:6e:2f:fb:cc:04:03:17:
3a:56:f6:e8:81:36:40:d1:9f:c8:75:88:d2:10:37:
a5:3e:34:19:6a:80:dd:db:68:43:b4:f1:16:e3:5d:
84:ea:be:07:93:22:c3:fd:b8:b3:75:64:a6:82:7f:
56:47:ec:e5:75:8b:54:ec:4c:ab:61:da:22:11:9b:
2d:77:ff:8c:76:28:56:db:41:86:91:15:3a:b3:53:
6d:21:e3:aa:2f:57:d8:6a:7c:46:07:e4:aa:61:88:
3f:30:0a:2a:d1:f0:b4:2e:34:da:81:a4:c0:36:3c:
03:9e:8d:22:5e:d5:2e:e3:31:2b:b0:54:9b:b4:93:
ef:79:b9:82:71:e7:aa:42:64:8c:d0:34:58:c0:cb:
88:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:CB:DA:8D:CC:46:C2:D0:56:B3:51:AA:3A:2C:9E:A6:AA:9B:C5:CA
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS204821.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.38.121.0/24
Signature Algorithm: sha256WithRSAEncryption
55:6e:9c:9d:80:c7:6a:56:48:54:8f:2b:f5:45:ad:55:f5:43:
ac:af:c2:96:4f:6b:02:db:51:ff:d0:a6:50:9d:b1:d8:5a:fa:
91:10:79:0d:dd:4c:82:ff:27:9e:8f:fc:48:f8:d5:15:b0:0e:
5d:6c:47:f6:70:aa:f8:ad:24:d7:2f:b5:3d:9d:1a:a4:e9:31:
5c:88:d6:e0:89:0b:5a:56:fe:36:47:7c:3a:f6:fc:21:c0:a1:
be:5c:ca:70:82:6a:23:2a:e4:bc:5d:04:94:cb:7b:0e:62:6c:
dd:c5:7a:14:e4:ee:ba:8c:7e:bc:87:3d:61:24:fa:d2:1b:7e:
d1:fa:cc:99:4b:d7:48:c5:a2:c6:5a:f5:1b:87:3e:b8:0d:73:
dc:26:38:43:1a:89:5f:eb:2d:17:0c:44:6e:25:32:88:21:ba:
18:31:6c:c2:66:d3:47:70:1f:8a:28:9e:9e:7f:3d:14:be:92:
e3:b7:0a:71:7b:51:aa:76:8b:6f:c4:4c:d9:0b:5b:88:5f:65:
38:a6:dd:92:55:22:42:5b:95:97:08:98:5b:be:9c:02:c9:15:
fb:07:ca:e4:88:dc:a4:46:4f:18:c3:af:cc:47:32:fb:9e:97:
34:48:52:ca:1b:74:f9:3e:7f:36:3c:be:2c:51:90:93:a0:86:
4b:ff:b2:4d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUZOPDSOe186ecfa/1h0bvQl1kcfcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMjgxODA5MThaFw0yNzAzMjcxODE0MThaMDMxMTAvBgNV
BAMTKDA4Q0JEQThEQ0M0NkMyRDA1NkIzNTFBQTNBMkM5RUE2QUE5QkM1Q0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7CBuMTDd0AGlsNYVgcVupMD+V
AbGk9P7OQQTZcvmPQmYSXZIo0cii6NK61rDLF5QAcuj9Tbky9HQnOEEn1tFi07Tf
AZ62vGmWhNplWYtmW1DQhS86KEml+Z8W8mdvXBiFGk9aQpaMZewowiBePsVObi/7
zAQDFzpW9uiBNkDRn8h1iNIQN6U+NBlqgN3baEO08RbjXYTqvgeTIsP9uLN1ZKaC
f1ZH7OV1i1TsTKth2iIRmy13/4x2KFbbQYaRFTqzU20h46ovV9hqfEYH5KphiD8w
CirR8LQuNNqBpMA2PAOejSJe1S7jMSuwVJu0k+95uYJx56pCZIzQNFjAy4iPAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUCMvajcxGwtBWs1GqOiyepqqbxcowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjA0ODIxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUiZ5
MA0GCSqGSIb3DQEBCwUAA4IBAQBVbpydgMdqVkhUjyv1Ra1V9UOsr8KWT2sC21H/
0KZQnbHYWvqREHkN3UyC/yeej/xI+NUVsA5dbEf2cKr4rSTXL7U9nRqk6TFciNbg
iQtaVv42R3w69vwhwKG+XMpwgmojKuS8XQSUy3sOYmzdxXoU5O66jH68hz1hJPrS
G37R+syZS9dIxaLGWvUbhz64DXPcJjhDGolf6y0XDERuJTKIIboYMWzCZtNHcB+K
KJ6efz0UvpLjtwpxe1GqdotvxEzZC1uIX2U4pt2SVSJCW5WXCJhbvpwCyRX7B8rk
iNykRk8Yw6/MRzL7npc0SFLKG3T5Pn82PL4sUZCToIZL/7JN
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:01:49 2026 by rpki-client