Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS205886.roa
File: AS205886.roa (raw, json)
Hash identifier: 2r9mAHjknu0eRA78LCAVf7oMTkW/LVKxZ8Gr0vyt4t8=
Subject key identifier: 8E:81:D5:B1:65:FE:63:5C:83:6F:1E:F5:0A:89:B1:3B:04:EC:BF:C5
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4C3A7E631688EB7C67EC486F0F7E7FBBCD6BECBD
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS205886.roa
Signing time: Thu 30 Oct 2025 08:23:03 +0000
ROA not before: Thu 30 Oct 2025 08:18:03 +0000
ROA not after: Thu 29 Oct 2026 08:23:03 +0000
asID: 205886
IP address blocks: 82.21.138.0/24 maxlen: 24
82.22.78.0/24 maxlen: 24
82.22.205.0/24 maxlen: 24
82.24.181.0/24 maxlen: 24
82.25.57.0/24 maxlen: 24
82.25.200.0/24 maxlen: 24
82.26.196.0/24 maxlen: 24
82.26.198.0/24 maxlen: 24
82.27.132.0/24 maxlen: 24
82.38.17.0/24 maxlen: 24
82.38.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 09:53:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:3a:7e:63:16:88:eb:7c:67:ec:48:6f:0f:7e:7f:bb:cd:6b:ec:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Oct 30 08:18:03 2025 GMT
Not After : Oct 29 08:23:03 2026 GMT
Subject: CN=8E81D5B165FE635C836F1EF50A89B13B04ECBFC5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a1:68:c7:6a:3d:d6:8f:3d:82:01:b6:b7:4a:
00:2f:7e:94:ea:81:38:5c:99:c0:f7:07:de:87:e8:
a2:70:ac:82:d8:1f:9e:c1:fe:1a:2a:a0:61:33:8c:
88:72:61:1b:d4:5e:44:c9:1a:40:d9:81:ea:71:cf:
b8:45:21:1c:0f:bc:cb:45:88:62:95:0e:13:03:5c:
50:3a:28:88:5b:ab:14:a3:a1:05:ea:81:6b:b8:8b:
3b:5c:cd:30:e3:13:f5:ee:df:f9:cd:fd:2e:8e:68:
77:24:d7:b8:0f:f9:30:41:b4:df:13:51:63:da:b9:
e6:da:c8:1e:b2:34:d0:37:94:50:93:9b:a1:25:71:
67:03:1c:45:71:7f:27:cd:84:85:15:67:20:69:a4:
a2:07:9a:06:ed:57:20:56:f8:85:7d:fd:9f:e0:ab:
e3:4d:6b:97:95:76:85:83:68:0d:0b:64:fe:93:0e:
41:18:f5:a5:b6:55:ba:57:e8:7b:a6:f3:59:b1:58:
6a:50:3b:f7:23:f0:e9:11:87:f5:b3:d7:d9:11:9e:
90:52:88:9e:38:35:c5:ef:ab:07:4b:76:f4:37:82:
02:45:b6:cc:18:30:07:85:fd:52:31:43:0a:18:89:
05:e4:34:45:0d:93:b0:77:ec:31:a1:30:d7:f9:60:
b6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:81:D5:B1:65:FE:63:5C:83:6F:1E:F5:0A:89:B1:3B:04:EC:BF:C5
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS205886.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.138.0/24
82.22.78.0/24
82.22.205.0/24
82.24.181.0/24
82.25.57.0/24
82.25.200.0/24
82.26.196.0/24
82.26.198.0/24
82.27.132.0/24
82.38.17.0/24
82.38.198.0/24
Signature Algorithm: sha256WithRSAEncryption
03:a9:3e:4c:d2:92:0f:2f:4d:fa:ba:39:c9:9f:0a:be:7b:76:
fb:20:28:4d:6a:2f:d5:da:b8:6e:6b:b2:e9:dc:0a:ab:c0:43:
e4:16:32:b5:94:49:56:fb:57:9b:eb:f0:be:16:58:33:b3:84:
e5:e1:58:ff:18:15:94:f6:94:78:c7:04:3e:05:49:05:ee:e7:
99:53:96:a5:7b:f0:1c:37:bd:90:37:a1:2c:b9:b6:ce:69:51:
7e:01:2e:b0:74:9c:6e:8a:a8:44:7d:c9:f6:84:c8:c1:94:e1:
7a:d5:f4:2b:9b:37:dc:30:00:bc:c1:ee:44:0b:e4:bb:41:98:
e7:06:81:59:bd:b7:ba:a8:2b:95:4a:35:eb:3d:ec:98:22:e4:
3d:03:e1:5c:e3:73:bb:04:ff:85:cb:b1:55:e5:7f:0f:68:aa:
ac:d0:26:91:b8:49:11:e2:63:aa:2b:93:18:16:88:7d:fa:b8:
f2:36:8f:3b:8c:53:b1:e9:21:92:aa:dc:98:4b:81:2d:ea:ba:
2f:2e:42:e5:90:f0:bb:40:68:22:96:87:1f:7f:8c:18:e3:77:
a5:16:f9:9b:bb:14:21:da:54:53:9f:2a:8b:84:21:5d:f1:d5:
b6:43:c9:70:62:d1:60:3e:d1:75:67:3d:8f:10:87:81:f7:67:
97:6c:5d:38
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUTDp+YxaI63xn7EhvD35/u81r7L0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEwMzAwODE4MDNaFw0yNjEwMjkwODIzMDNaMDMxMTAvBgNV
BAMTKDhFODFENUIxNjVGRTYzNUM4MzZGMUVGNTBBODlCMTNCMDRFQ0JGQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/oWjHaj3Wjz2CAba3SgAvfpTq
gThcmcD3B96H6KJwrILYH57B/hoqoGEzjIhyYRvUXkTJGkDZgepxz7hFIRwPvMtF
iGKVDhMDXFA6KIhbqxSjoQXqgWu4iztczTDjE/Xu3/nN/S6OaHck17gP+TBBtN8T
UWPauebayB6yNNA3lFCTm6ElcWcDHEVxfyfNhIUVZyBppKIHmgbtVyBW+IV9/Z/g
q+NNa5eVdoWDaA0LZP6TDkEY9aW2VbpX6Hum81mxWGpQO/cj8OkRh/Wz19kRnpBS
iJ44NcXvqwdLdvQ3ggJFtswYMAeF/VIxQwoYiQXkNEUNk7B37DGhMNf5YLbRAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUjoHVsWX+Y1yDbx71ComxOwTsv8UwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjA1ODg2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAUhWK
AwQAUhZOAwQAUhbNAwQAUhi1AwQAUhk5AwQAUhnIAwQAUhrEAwQAUhrGAwQAUhuE
AwQAUiYRAwQAUibGMA0GCSqGSIb3DQEBCwUAA4IBAQADqT5M0pIPL036ujnJnwq+
e3b7IChNai/V2rhua7Lp3AqrwEPkFjK1lElW+1eb6/C+Flgzs4Tl4Vj/GBWU9pR4
xwQ+BUkF7ueZU5ale/AcN72QN6EsubbOaVF+AS6wdJxuiqhEfcn2hMjBlOF61fQr
mzfcMAC8we5EC+S7QZjnBoFZvbe6qCuVSjXrPeyYIuQ9A+Fc43O7BP+Fy7FV5X8P
aKqs0CaRuEkR4mOqK5MYFoh9+rjyNo87jFOx6SGSqtyYS4Et6rovLkLlkPC7QGgi
locff4wY43elFvmbuxQh2lRTnyqLhCFd8dW2Q8lwYtFgPtF1Zz2PEIeB92eXbF04
-----END CERTIFICATE-----
Generated at Wed Nov 5 15:20:15 2025 by rpki-client