Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212027.roa
File: AS212027.roa (raw, json)
Hash identifier: rBS0e+kNZMuSDrTxqQ2ILs1iC2WhQvzXo9EVO/dvWcg=
Subject key identifier: 5E:F6:6F:4A:44:53:40:29:19:76:DA:24:D6:34:2A:5E:B7:30:81:62
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4259D19FF1533BC9C4383B2737D4E03A48DB9B20
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212027.roa
Signing time: Sun 12 Apr 2026 13:30:59 +0000
ROA not before: Sun 12 Apr 2026 13:25:59 +0000
ROA not after: Sun 11 Apr 2027 13:30:59 +0000
asID: 212027
IP address blocks: 82.39.133.0/24 maxlen: 24
2a13:9500:10e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:59:d1:9f:f1:53:3b:c9:c4:38:3b:27:37:d4:e0:3a:48:db:9b:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 12 13:25:59 2026 GMT
Not After : Apr 11 13:30:59 2027 GMT
Subject: CN=5EF66F4A445340291976DA24D6342A5EB7308162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:17:e9:a2:a7:e1:6b:19:15:8d:4a:af:86:b4:
b3:7a:75:96:14:6f:2a:08:0f:dc:35:dc:7a:75:56:
9d:8f:fc:d1:f5:53:f0:b0:42:57:08:90:89:f1:ca:
e6:9b:77:1c:54:74:cb:49:4e:85:61:46:c1:de:3a:
c4:5d:23:1f:dc:57:78:7a:5f:80:86:97:59:37:95:
ee:44:8b:e0:a8:89:cb:8a:a3:d3:4e:20:bd:83:21:
71:17:7b:88:8e:64:d3:03:b1:32:a4:93:9a:b3:0f:
73:3b:2f:54:4b:14:f6:4a:23:0f:29:ea:1a:71:2c:
ab:1a:64:d1:c7:50:e3:54:59:7d:13:e9:82:91:c7:
73:1f:03:f5:91:fe:a0:e1:83:ff:16:45:75:21:d3:
4c:b2:aa:f8:19:91:50:bb:9d:d3:4f:bd:01:3f:50:
54:00:f9:20:a9:14:88:cb:74:01:6b:ea:78:cc:51:
a4:f3:8b:03:29:17:e7:7c:c6:90:1b:1c:7d:67:ff:
12:e5:32:15:f1:f0:76:28:5c:10:b7:9d:c1:48:e2:
fa:39:d1:75:94:bf:e5:af:41:c1:21:d4:aa:e9:9b:
6e:c0:08:89:af:3c:cb:21:d6:e9:fb:c8:d3:9c:11:
a9:11:a3:ce:0b:d5:ba:7d:70:9f:f1:dc:66:af:2b:
23:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F6:6F:4A:44:53:40:29:19:76:DA:24:D6:34:2A:5E:B7:30:81:62
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212027.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.39.133.0/24
IPv6:
2a13:9500:10e::/48
Signature Algorithm: sha256WithRSAEncryption
82:ac:b7:bd:e1:1b:d4:9d:fe:d0:3c:a3:ca:66:3f:a6:22:05:
26:2c:1e:dd:bb:54:e3:f5:30:c0:22:b1:0f:0b:12:22:7b:98:
72:9f:0e:84:3c:aa:80:a1:e3:31:53:f0:20:ab:b1:b1:27:d8:
fb:c3:0d:35:82:35:2b:31:2f:e8:bf:b8:cd:03:80:51:c1:9b:
60:1c:f4:3c:c8:34:b8:cf:8b:e1:92:3a:83:bf:7a:60:4c:b9:
ab:6a:27:64:f3:0e:2b:93:04:9e:2b:53:d6:0e:11:e9:85:79:
5a:0d:bb:0e:69:f7:3c:38:63:20:16:f9:6b:e0:7d:74:e9:0b:
b8:8a:26:9a:05:2c:de:0b:39:4d:64:48:9a:0b:4f:11:9e:d2:
00:b4:a1:40:ab:c0:34:c7:19:75:72:23:62:1f:2c:a2:5a:47:
6a:ba:f4:da:bc:f2:d9:85:c2:50:a5:66:e9:b8:7b:82:f1:3a:
4e:74:76:67:d9:d6:cd:3b:28:0f:da:30:f3:07:fe:a7:9d:58:
48:ba:33:e4:96:f4:6f:ef:54:f7:33:f9:6d:6b:bb:b5:45:95:
9b:6a:9f:8d:d9:44:57:af:78:c9:cf:57:7e:04:06:f9:d0:24:
e7:e8:09:7f:5e:37:cb:65:ba:23:07:06:fb:46:d2:9e:a0:9b:
06:21:c0:8e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUQlnRn/FTO8nEODsnN9TgOkjbmyAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MTIxMzI1NTlaFw0yNzA0MTExMzMwNTlaMDMxMTAvBgNV
BAMTKDVFRjY2RjRBNDQ1MzQwMjkxOTc2REEyNEQ2MzQyQTVFQjczMDgxNjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9F+mip+FrGRWNSq+GtLN6dZYU
byoID9w13Hp1Vp2P/NH1U/CwQlcIkInxyuabdxxUdMtJToVhRsHeOsRdIx/cV3h6
X4CGl1k3le5Ei+CoicuKo9NOIL2DIXEXe4iOZNMDsTKkk5qzD3M7L1RLFPZKIw8p
6hpxLKsaZNHHUONUWX0T6YKRx3MfA/WR/qDhg/8WRXUh00yyqvgZkVC7ndNPvQE/
UFQA+SCpFIjLdAFr6njMUaTziwMpF+d8xpAbHH1n/xLlMhXx8HYoXBC3ncFI4vo5
0XWUv+WvQcEh1Krpm27ACImvPMsh1un7yNOcEakRo84L1bp9cJ/x3GavKyPrAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUXvZvSkRTQCkZdtok1jQqXrcwgWIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEyMDI3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAUieF
MA8EAgACMAkDBwAqE5UAAQ4wDQYJKoZIhvcNAQELBQADggEBAIKst73hG9Sd/tA8
o8pmP6YiBSYsHt27VOP1MMAisQ8LEiJ7mHKfDoQ8qoCh4zFT8CCrsbEn2PvDDTWC
NSsxL+i/uM0DgFHBm2Ac9DzINLjPi+GSOoO/emBMuatqJ2TzDiuTBJ4rU9YOEemF
eVoNuw5p9zw4YyAW+WvgfXTpC7iKJpoFLN4LOU1kSJoLTxGe0gC0oUCrwDTHGXVy
I2IfLKJaR2q69Nq88tmFwlClZum4e4LxOk50dmfZ1s07KA/aMPMH/qedWEi6M+SW
9G/vVPcz+W1ru7VFlZtqn43ZRFeveMnPV34EBvnQJOfoCX9eN8tluiMHBvtG0p6g
mwYhwI4=
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:19:48 2026 by rpki-client