Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213683.roa
File: AS213683.roa (raw, json)
Hash identifier: UJP8jQ2TKUIdP/fET6hYy3sL/B7UysWRoFVrc4hl3zA=
Subject key identifier: FC:BD:84:39:EA:55:41:14:64:89:4D:F3:BF:98:EB:64:6C:E8:52:0E
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4911652A0A5223A31181697C0CCF4A667DA7CFF2
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213683.roa
Signing time: Mon 09 Feb 2026 16:55:37 +0000
ROA not before: Mon 09 Feb 2026 16:50:37 +0000
ROA not after: Mon 08 Feb 2027 16:55:37 +0000
asID: 213683
IP address blocks: 82.22.239.0/24 maxlen: 24
82.23.212.0/24 maxlen: 24
82.23.224.0/24 maxlen: 24
82.24.231.0/24 maxlen: 24
82.25.230.0/24 maxlen: 24
82.26.235.0/24 maxlen: 24
82.26.240.0/24 maxlen: 24
82.27.208.0/24 maxlen: 24
82.27.215.0/24 maxlen: 24
82.27.230.0/24 maxlen: 24
82.29.208.0/24 maxlen: 24
82.29.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:11:65:2a:0a:52:23:a3:11:81:69:7c:0c:cf:4a:66:7d:a7:cf:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 9 16:50:37 2026 GMT
Not After : Feb 8 16:55:37 2027 GMT
Subject: CN=FCBD8439EA55411464894DF3BF98EB646CE8520E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c0:95:34:12:57:9e:a1:2f:fe:d5:75:74:9e:
6d:69:d1:c8:99:a6:c6:37:60:43:70:61:1a:43:4b:
cd:ae:05:e5:88:5c:81:41:e3:ff:d2:c4:b3:63:2f:
d2:6b:b0:b2:a0:f4:9e:de:8e:d8:af:48:00:90:9c:
0a:25:71:26:99:d8:83:0d:5a:96:b0:3b:ab:18:7a:
07:0d:70:0c:3f:4b:e5:58:5c:b3:c5:16:34:b5:6f:
0a:92:ee:a9:df:36:e0:9f:61:7f:e1:ce:f1:cb:9f:
78:95:0a:8b:ae:90:3c:d5:d8:0d:8f:7c:ba:69:91:
41:bd:2d:67:ac:f7:2c:bc:da:e0:70:10:de:ab:8e:
f4:e3:af:2a:33:61:1a:26:c4:fb:a6:33:46:d3:72:
12:cc:c8:0e:19:a5:f1:08:dc:df:80:82:ee:80:db:
73:e1:4a:0e:02:5a:e1:cc:44:8e:a2:87:eb:6d:3b:
20:bc:bd:64:7e:72:78:02:c0:6f:55:c6:a7:d9:77:
08:ac:56:6c:26:68:d7:89:07:d2:07:7a:9b:da:71:
4b:41:9f:52:d3:60:f4:ee:f6:4f:14:14:c1:da:df:
ea:54:5d:7b:2c:87:85:88:6b:4c:56:65:c9:f6:1b:
51:b2:55:da:db:5d:68:6f:bd:e2:b7:d5:0b:b6:20:
06:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:BD:84:39:EA:55:41:14:64:89:4D:F3:BF:98:EB:64:6C:E8:52:0E
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213683.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.239.0/24
82.23.212.0/24
82.23.224.0/24
82.24.231.0/24
82.25.230.0/24
82.26.235.0/24
82.26.240.0/24
82.27.208.0/24
82.27.215.0/24
82.27.230.0/24
82.29.208.0/24
82.29.231.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:0c:1e:9d:ed:01:fe:8d:bc:39:d1:d8:7c:d2:f7:cc:18:af:
e6:08:72:2c:d9:93:aa:77:95:ff:19:c4:fc:3a:85:be:23:af:
73:3d:a0:82:8c:86:80:8c:75:6b:55:8b:52:e7:76:f5:eb:b3:
ac:1c:96:d7:7f:ab:d4:45:3a:ea:be:ea:ae:4b:22:ff:10:d5:
c8:e1:6e:d7:ac:25:02:c9:4c:4d:2b:ea:cb:76:73:70:2e:7b:
5e:14:80:1c:00:34:34:14:5c:db:93:89:32:66:4c:11:55:0e:
27:76:4e:91:1e:c9:3a:2b:3e:9f:75:bb:ff:54:1b:fc:07:e6:
3f:a5:93:8f:7c:b2:01:30:d3:3b:c4:30:20:f4:75:aa:60:f6:
c4:14:e6:6f:2a:f3:f8:7f:56:77:e9:3b:2c:8c:7f:56:fb:90:
98:6a:4f:da:86:52:2d:ed:a5:17:f6:92:67:7e:f4:7b:3c:0e:
96:53:d9:8a:ea:24:60:67:e6:c3:5e:77:09:ba:44:3b:d6:a7:
a9:83:09:27:46:21:54:3a:5b:c4:ad:2b:05:e2:96:98:dd:1e:
95:3e:e1:7b:da:0f:75:29:26:53:61:57:eb:35:23:9c:14:ee:
fc:2d:d8:76:ae:12:36:c8:1b:5a:e1:ac:07:ff:f2:78:a1:03:
84:91:92:1b
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIUSRFlKgpSI6MRgWl8DM9KZn2nz/IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAyMDkxNjUwMzdaFw0yNzAyMDgxNjU1MzdaMDMxMTAvBgNV
BAMTKEZDQkQ4NDM5RUE1NTQxMTQ2NDg5NERGM0JGOThFQjY0NkNFODUyMEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKwJU0EleeoS/+1XV0nm1p0ciZ
psY3YENwYRpDS82uBeWIXIFB4//SxLNjL9JrsLKg9J7ejtivSACQnAolcSaZ2IMN
WpawO6sYegcNcAw/S+VYXLPFFjS1bwqS7qnfNuCfYX/hzvHLn3iVCouukDzV2A2P
fLppkUG9LWes9yy82uBwEN6rjvTjryozYRomxPumM0bTchLMyA4ZpfEI3N+Agu6A
23PhSg4CWuHMRI6ih+ttOyC8vWR+cngCwG9VxqfZdwisVmwmaNeJB9IHepvacUtB
n1LTYPTu9k8UFMHa3+pUXXssh4WIa0xWZcn2G1GyVdrbXWhvveK31Qu2IAaBAgMB
AAGjggJMMIICSDAdBgNVHQ4EFgQU/L2EOepVQRRkiU3zv5jrZGzoUg4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEzNjgzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAUhbv
AwQAUhfUAwQAUhfgAwQAUhjnAwQAUhnmAwQAUhrrAwQAUhrwAwQAUhvQAwQAUhvX
AwQAUhvmAwQAUh3QAwQAUh3nMA0GCSqGSIb3DQEBCwUAA4IBAQCiDB6d7QH+jbw5
0dh80vfMGK/mCHIs2ZOqd5X/GcT8OoW+I69zPaCCjIaAjHVrVYtS53b167OsHJbX
f6vURTrqvuquSyL/ENXI4W7XrCUCyUxNK+rLdnNwLnteFIAcADQ0FFzbk4kyZkwR
VQ4ndk6RHsk6Kz6fdbv/VBv8B+Y/pZOPfLIBMNM7xDAg9HWqYPbEFOZvKvP4f1Z3
6TssjH9W+5CYak/ahlIt7aUX9pJnfvR7PA6WU9mK6iRgZ+bDXncJukQ71qepgwkn
RiFUOlvErSsF4paY3R6VPuF72g91KSZTYVfrNSOcFO78Ldh2rhI2yBta4awH//J4
oQOEkZIb
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:12:14 2026 by rpki-client