Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS210554.roa
File: AS210554.roa (raw, json)
Hash identifier: 5RhcmXFL5L4Uaj4eEZZEiSKaDwtZiJpuosVlW9Cx+IA=
Subject key identifier: 4F:C0:A0:3F:2A:B9:8D:73:D1:CD:F6:13:B6:2A:10:4F:BA:26:1C:EA
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 49913967C6826E1FF644EB90C4A3F80353B9029E
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS210554.roa
Signing time: Wed 08 Apr 2026 05:08:42 +0000
ROA not before: Wed 08 Apr 2026 05:03:42 +0000
ROA not after: Wed 07 Apr 2027 05:08:42 +0000
asID: 210554
IP address blocks: 82.21.8.0/24 maxlen: 24
82.38.28.0/24 maxlen: 24
2a13:9500:153::/48 maxlen: 48
2a13:9500:154::/48 maxlen: 48
2a13:9500:160::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:91:39:67:c6:82:6e:1f:f6:44:eb:90:c4:a3:f8:03:53:b9:02:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 8 05:03:42 2026 GMT
Not After : Apr 7 05:08:42 2027 GMT
Subject: CN=4FC0A03F2AB98D73D1CDF613B62A104FBA261CEA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:1e:19:5e:b5:af:5c:ec:fb:82:ae:26:ee:9c:
f5:19:7f:4c:cc:8a:16:22:d7:a0:ce:10:95:7b:77:
69:82:d6:ea:b6:ba:70:b0:72:52:1d:fa:6e:b9:1a:
1a:41:cd:ff:e0:85:4a:d5:82:42:24:c1:8d:9f:f6:
9e:f9:0c:9e:84:81:31:15:cd:b1:0c:f5:04:ab:53:
57:49:78:c7:cd:53:d9:56:42:d3:19:d6:04:3c:b6:
19:e7:9a:a5:45:d5:11:18:70:72:f5:df:a7:ea:f8:
b5:45:77:10:ac:d9:0e:97:e9:ac:3f:7d:45:90:ca:
80:3b:04:f3:2c:3b:34:e4:46:3b:15:02:31:5f:54:
aa:de:63:85:9d:29:26:c8:aa:88:00:17:47:8e:b8:
f9:4e:9e:59:97:da:e2:97:8e:60:2c:ff:f6:02:0e:
96:42:17:11:b4:aa:7b:07:2f:54:87:fa:73:93:8c:
8a:08:c9:48:43:69:c4:e1:f9:10:69:2a:59:91:5a:
dc:34:d1:d8:a5:3d:5f:eb:0c:43:8e:b4:31:a0:13:
78:59:92:f1:bf:79:dd:d1:06:de:57:2e:5c:80:c1:
19:e0:0f:09:f5:0b:9a:c2:75:7d:47:28:aa:d8:e4:
d8:0d:2d:b8:83:38:7e:60:ff:b9:46:fc:58:96:52:
40:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:C0:A0:3F:2A:B9:8D:73:D1:CD:F6:13:B6:2A:10:4F:BA:26:1C:EA
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS210554.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.8.0/24
82.38.28.0/24
IPv6:
2a13:9500:153::-2a13:9500:154:ffff:ffff:ffff:ffff:ffff
2a13:9500:160::/48
Signature Algorithm: sha256WithRSAEncryption
7d:8a:ab:4d:59:41:0d:ee:04:10:e3:1f:8b:d4:0d:3f:ad:c5:
94:ee:b8:16:81:f3:68:f6:7e:36:cb:b1:c2:25:f9:94:70:4f:
67:9a:6e:93:51:af:16:21:21:49:50:68:de:c9:27:e5:9f:b1:
56:15:6c:ef:2d:a8:d0:88:4b:ef:b9:d9:f0:53:00:80:ac:d2:
32:67:01:ee:6b:5d:cc:0a:f7:18:da:22:95:ec:57:30:9b:3e:
a4:2c:92:a2:24:7a:04:d5:7a:91:c2:2f:6e:c0:be:c2:9d:d5:
33:55:b6:52:6e:f1:2d:6d:e8:c9:4f:df:6c:5b:98:c1:03:0c:
4a:cb:d9:e8:db:dd:56:d2:4f:39:1a:f9:44:b9:d2:b6:14:db:
d9:f9:c0:0d:9c:5c:44:17:75:57:77:48:e1:12:50:93:87:a1:
42:6a:1b:d7:df:f6:1c:fa:a2:7a:66:9e:39:9d:e4:e8:86:98:
ea:1e:d9:33:24:49:2b:ff:13:67:e2:68:f2:da:f0:52:26:aa:
74:b0:8a:bf:c4:e7:45:0b:9e:cd:3c:dd:2d:94:08:c9:fb:ff:
bd:a0:e8:61:0f:46:18:eb:3b:82:cd:24:c3:94:51:21:15:d5:
73:e8:9f:88:16:21:d9:ea:a3:94:b1:e2:7f:68:12:b9:45:a3:
81:d6:57:82
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUSZE5Z8aCbh/2ROuQxKP4A1O5Ap4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MDgwNTAzNDJaFw0yNzA0MDcwNTA4NDJaMDMxMTAvBgNV
BAMTKDRGQzBBMDNGMkFCOThENzNEMUNERjYxM0I2MkExMDRGQkEyNjFDRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRHhleta9c7PuCribunPUZf0zM
ihYi16DOEJV7d2mC1uq2unCwclId+m65GhpBzf/ghUrVgkIkwY2f9p75DJ6EgTEV
zbEM9QSrU1dJeMfNU9lWQtMZ1gQ8thnnmqVF1REYcHL136fq+LVFdxCs2Q6X6aw/
fUWQyoA7BPMsOzTkRjsVAjFfVKreY4WdKSbIqogAF0eOuPlOnlmX2uKXjmAs//YC
DpZCFxG0qnsHL1SH+nOTjIoIyUhDacTh+RBpKlmRWtw00dilPV/rDEOOtDGgE3hZ
kvG/ed3RBt5XLlyAwRngDwn1C5rCdX1HKKrY5NgNLbiDOH5g/7lG/FiWUkAbAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUT8CgPyq5jXPRzfYTtioQT7omHOowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEwNTU0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTASBAIAATAMAwQAUhUI
AwQAUiYcMCMEAgACMB0wEgMHACoTlQABUwMHACoTlQABVAMHACoTlQABYDANBgkq
hkiG9w0BAQsFAAOCAQEAfYqrTVlBDe4EEOMfi9QNP63FlO64FoHzaPZ+NsuxwiX5
lHBPZ5puk1GvFiEhSVBo3skn5Z+xVhVs7y2o0IhL77nZ8FMAgKzSMmcB7mtdzAr3
GNoilexXMJs+pCySoiR6BNV6kcIvbsC+wp3VM1W2Um7xLW3oyU/fbFuYwQMMSsvZ
6NvdVtJPORr5RLnSthTb2fnADZxcRBd1V3dI4RJQk4ehQmob19/2HPqiemaeOZ3k
6IaY6h7ZMyRJK/8TZ+Jo8trwUiaqdLCKv8TnRQuezTzdLZQIyfv/vaDoYQ9GGOs7
gs0kw5RRIRXVc+ifiBYh2eqjlLHif2gSuUWjgdZXgg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:00:13 2026 by rpki-client