Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS206675.roa
File: AS206675.roa (raw, json)
Hash identifier: a6SpnxsiZcVSEner1/ShgGXh+K4Hzj6fdgGDVRjDac0=
Subject key identifier: 6C:E9:92:58:CA:74:DC:B3:9B:14:E6:E2:7A:B4:85:A4:7A:B0:B5:C8
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3A62CB7D7FE10D273CB858F2D74D1E082A9B087D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS206675.roa
Signing time: Tue 09 Jun 2026 05:17:51 +0000
ROA not before: Tue 09 Jun 2026 05:12:51 +0000
ROA not after: Tue 08 Jun 2027 05:17:51 +0000
asID: 206675
IP address blocks: 82.38.23.0/24 maxlen: 24
82.38.42.0/23 maxlen: 24
82.38.46.0/23 maxlen: 24
82.38.80.0/23 maxlen: 24
82.38.105.0/24 maxlen: 24
82.38.215.0/24 maxlen: 24
82.39.136.0/24 maxlen: 24
82.39.245.0/24 maxlen: 24
178.83.82.0/23 maxlen: 24
178.83.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 15:07:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:62:cb:7d:7f:e1:0d:27:3c:b8:58:f2:d7:4d:1e:08:2a:9b:08:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 9 05:12:51 2026 GMT
Not After : Jun 8 05:17:51 2027 GMT
Subject: CN=6CE99258CA74DCB39B14E6E27AB485A47AB0B5C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:34:eb:66:96:23:16:f1:ff:13:dc:c9:96:f1:
c9:dc:a9:31:f4:74:26:c4:fe:7d:4a:f3:41:16:59:
61:88:27:26:d7:c5:87:f6:8f:2e:dd:6a:87:e2:d5:
cd:e9:c6:11:37:3a:06:71:c8:2f:77:84:f8:fc:be:
68:fe:80:73:86:cf:cf:36:20:0f:38:9f:e4:27:47:
eb:52:a8:52:b1:8b:4c:2d:16:0a:62:a7:6c:fb:08:
3e:9b:74:7f:0b:08:5e:8d:d0:c7:e7:ef:54:a3:62:
b4:a9:cb:44:cd:5a:02:c4:40:8e:51:3c:bf:13:30:
b4:ca:d0:8b:82:e7:6a:31:34:b5:87:3e:44:c6:2c:
9e:b9:85:23:0d:0b:75:fd:c5:ce:3b:95:9b:47:b7:
b8:59:1c:b8:db:1d:c3:c7:b6:a6:b3:59:de:2b:bd:
59:d7:30:a3:0e:17:cd:9c:54:7b:d6:46:55:5b:3a:
02:61:e5:0e:60:c4:85:c5:61:3a:85:27:d4:73:07:
e4:8b:56:b1:b7:c9:4a:07:f6:9e:28:8b:d7:f0:86:
9a:f3:ea:19:80:78:f7:2d:0e:6c:2c:d4:ad:eb:5e:
5d:dc:80:6b:7b:be:ca:a6:22:f8:e2:fb:06:39:9f:
6e:87:e4:e5:5c:3c:ab:3f:52:f4:20:5d:56:e2:fe:
57:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:E9:92:58:CA:74:DC:B3:9B:14:E6:E2:7A:B4:85:A4:7A:B0:B5:C8
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS206675.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.38.23.0/24
82.38.42.0/23
82.38.46.0/23
82.38.80.0/23
82.38.105.0/24
82.38.215.0/24
82.39.136.0/24
82.39.245.0/24
178.83.82.0/23
178.83.171.0/24
Signature Algorithm: sha256WithRSAEncryption
64:1a:f6:f1:67:43:67:b0:59:62:57:ae:70:bf:a7:82:66:cb:
cc:2d:15:15:a1:ef:a9:28:88:28:e5:e8:55:a9:a9:74:41:42:
7d:ab:b8:d3:49:b0:c3:18:23:92:52:12:03:20:d4:8c:7c:bc:
2a:a2:d5:d5:97:70:5b:89:38:7b:8f:f6:bc:41:72:e2:47:1b:
ba:e9:d7:f7:f0:0f:18:b8:6a:19:6f:19:d9:06:53:dd:a2:c6:
91:63:2d:f7:44:f7:8a:f9:fb:68:c5:08:22:b1:15:5e:72:8b:
50:6c:33:3c:90:45:8c:8d:db:86:95:9d:12:a6:21:63:30:ab:
9d:17:bd:5e:7e:94:e1:2d:29:b3:46:35:9a:8b:63:03:2f:5e:
e1:83:80:03:bd:f9:d0:ea:b6:16:49:28:04:d6:4f:b4:17:23:
79:94:ae:2a:fe:ca:08:97:83:52:dd:ae:72:1c:68:4d:79:d0:
f6:0c:e3:96:26:8a:73:b0:37:4e:8c:3c:fe:7b:6a:7d:0f:e5:
0f:87:c6:d3:9c:b2:d1:4a:6d:e2:72:24:65:24:ec:83:6c:cb:
2a:e7:04:ac:cf:6f:21:c5:0d:1c:02:a0:6e:b2:ce:af:24:60:
1a:22:34:67:6d:57:14:31:f9:3c:51:ed:4c:fb:70:ee:b1:ef:
2a:3b:cd:eb
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUOmLLfX/hDSc8uFjy100eCCqbCH0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDkwNTEyNTFaFw0yNzA2MDgwNTE3NTFaMDMxMTAvBgNV
BAMTKDZDRTk5MjU4Q0E3NERDQjM5QjE0RTZFMjdBQjQ4NUE0N0FCMEI1QzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnNOtmliMW8f8T3MmW8cncqTH0
dCbE/n1K80EWWWGIJybXxYf2jy7daofi1c3pxhE3OgZxyC93hPj8vmj+gHOGz882
IA84n+QnR+tSqFKxi0wtFgpip2z7CD6bdH8LCF6N0Mfn71SjYrSpy0TNWgLEQI5R
PL8TMLTK0IuC52oxNLWHPkTGLJ65hSMNC3X9xc47lZtHt7hZHLjbHcPHtqazWd4r
vVnXMKMOF82cVHvWRlVbOgJh5Q5gxIXFYTqFJ9RzB+SLVrG3yUoH9p4oi9fwhprz
6hmAePctDmws1K3rXl3cgGt7vsqmIvji+wY5n26H5OVcPKs/UvQgXVbi/le/AgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUbOmSWMp03LObFObierSFpHqwtcgwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjA2Njc1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAUiYX
AwQBUiYqAwQBUiYuAwQBUiZQAwQAUiZpAwQAUibXAwQAUieIAwQAUif1AwQBslNS
AwQAslOrMA0GCSqGSIb3DQEBCwUAA4IBAQBkGvbxZ0NnsFliV65wv6eCZsvMLRUV
oe+pKIgo5ehVqal0QUJ9q7jTSbDDGCOSUhIDINSMfLwqotXVl3BbiTh7j/a8QXLi
Rxu66df38A8YuGoZbxnZBlPdosaRYy33RPeK+ftoxQgisRVecotQbDM8kEWMjduG
lZ0SpiFjMKudF71efpThLSmzRjWai2MDL17hg4ADvfnQ6rYWSSgE1k+0FyN5lK4q
/soIl4NS3a5yHGhNedD2DOOWJopzsDdOjDz+e2p9D+UPh8bTnLLRSm3iciRlJOyD
bMsq5wSsz28hxQ0cAqBuss6vJGAaIjRnbVcUMfk8Ue1M+3Duse8qO83r
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:26:18 2026 by rpki-client