Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214025.roa
File: AS214025.roa (raw, json)
Hash identifier: mcYz7tgSirmTGfWsY23r5lRypACKth5PQzjk0ALER08=
Subject key identifier: 39:52:12:89:C4:A4:F6:6C:51:2A:EE:C4:24:02:BA:BF:E4:CF:A0:05
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 18879075EB954B07A64CF258EDAB3F31B9400190
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214025.roa
Signing time: Sun 01 Mar 2026 02:54:26 +0000
ROA not before: Sun 01 Mar 2026 02:49:26 +0000
ROA not after: Sun 28 Feb 2027 02:54:26 +0000
asID: 214025
IP address blocks: 82.26.88.0/24 maxlen: 24
82.29.48.0/24 maxlen: 24
178.83.141.0/24 maxlen: 24
178.83.144.0/24 maxlen: 24
178.83.147.0/24 maxlen: 24
178.83.151.0/24 maxlen: 24
178.83.155.0/24 maxlen: 24
178.83.157.0/24 maxlen: 24
178.83.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:87:90:75:eb:95:4b:07:a6:4c:f2:58:ed:ab:3f:31:b9:40:01:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 1 02:49:26 2026 GMT
Not After : Feb 28 02:54:26 2027 GMT
Subject: CN=39521289C4A4F66C512AEEC42402BABFE4CFA005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:be:d6:9e:8e:36:0c:a2:51:98:50:c2:b5:81:
b2:4f:cc:33:17:24:c6:8e:94:ad:8d:a7:c7:4d:1d:
ff:76:6a:72:dd:5a:53:f4:9c:9e:f2:14:60:90:13:
08:fe:c2:a3:ed:de:1c:5e:76:0d:21:a5:80:1f:f0:
da:97:6c:18:a0:c2:6d:3b:8a:d7:98:75:58:ca:9d:
4c:69:a4:8d:49:57:ae:c3:fd:1e:8e:9c:99:9f:f8:
4e:07:c5:37:55:f2:aa:12:09:4d:02:35:28:a7:3f:
b7:49:e4:fa:6a:d3:ea:8f:dd:0e:b8:e9:3d:3c:45:
03:9e:32:dd:e2:c7:1c:df:4c:a0:bd:98:0b:0a:8d:
07:2a:71:a9:b2:2e:ed:6f:9b:73:bc:d0:06:f4:00:
1d:13:9e:3a:29:66:bd:7e:3e:89:03:23:40:cc:9c:
91:62:20:7a:69:c9:f6:57:b7:0f:0b:a5:94:1b:9c:
b4:a0:2c:4f:ee:75:82:fd:b2:3b:52:c9:40:d9:ff:
35:07:d9:d5:01:b4:4f:30:e0:df:8b:fe:36:e5:97:
77:86:46:cc:de:00:50:ca:bc:3b:ad:86:ee:63:3a:
76:73:25:e7:00:dd:1f:d3:82:a4:89:c6:bd:2f:43:
16:c7:f3:0a:f6:70:c6:e4:b9:79:b5:31:91:84:d6:
cf:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:52:12:89:C4:A4:F6:6C:51:2A:EE:C4:24:02:BA:BF:E4:CF:A0:05
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214025.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.26.88.0/24
82.29.48.0/24
178.83.141.0/24
178.83.144.0/24
178.83.147.0/24
178.83.151.0/24
178.83.155.0/24
178.83.157.0/24
178.83.164.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:61:2e:27:ce:0f:40:3e:f1:c0:54:37:0f:92:0e:70:78:41:
9b:29:72:f9:64:0a:2c:64:2d:65:8e:5f:ea:fd:fe:57:7a:35:
b4:0f:1e:2b:a3:92:64:9f:e9:70:a7:bb:7e:a7:ee:9c:5f:a6:
20:6e:3d:9e:b5:ec:4e:f1:08:f4:4d:72:5f:80:4e:f9:b2:78:
3d:02:25:9a:96:0e:ab:a2:2a:dd:24:0d:0c:ac:db:d4:61:5b:
2e:38:82:c4:3a:d5:27:5c:f9:1b:f9:c6:ff:d9:03:e5:c7:55:
ac:f8:49:7d:e1:13:28:92:b7:2e:24:c7:31:84:82:88:28:3e:
c2:f1:a1:d9:ff:42:29:6f:0a:f5:15:ed:67:60:19:03:b6:2c:
31:e7:9b:0c:a6:26:2d:04:3c:7d:28:87:e7:13:ca:ad:48:04:
ee:f6:5c:db:42:bd:07:72:08:fa:5c:6b:e3:3c:24:e8:df:70:
4f:1a:1e:e6:93:2f:b8:9a:f3:c0:64:84:cd:31:84:66:ef:97:
4b:b3:a0:49:47:cc:8a:07:59:8f:f7:d5:8e:ce:4f:ad:1f:a7:
67:05:a6:43:95:f7:09:ae:b2:b9:89:78:07:3f:84:e5:a5:40:
9f:58:df:2a:5d:95:35:5b:04:ba:a2:58:bd:38:d5:cd:fc:7e:
05:0a:86:f8
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIUGIeQdeuVSwemTPJY7as/MblAAZAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMDEwMjQ5MjZaFw0yNzAyMjgwMjU0MjZaMDMxMTAvBgNV
BAMTKDM5NTIxMjg5QzRBNEY2NkM1MTJBRUVDNDI0MDJCQUJGRTRDRkEwMDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrvtaejjYMolGYUMK1gbJPzDMX
JMaOlK2Np8dNHf92anLdWlP0nJ7yFGCQEwj+wqPt3hxedg0hpYAf8NqXbBigwm07
iteYdVjKnUxppI1JV67D/R6OnJmf+E4HxTdV8qoSCU0CNSinP7dJ5Ppq0+qP3Q64
6T08RQOeMt3ixxzfTKC9mAsKjQcqcamyLu1vm3O80Ab0AB0TnjopZr1+PokDI0DM
nJFiIHppyfZXtw8LpZQbnLSgLE/udYL9sjtSyUDZ/zUH2dUBtE8w4N+L/jbll3eG
RszeAFDKvDuthu5jOnZzJecA3R/TgqSJxr0vQxbH8wr2cMbkuXm1MZGE1s/TAgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQUOVISicSk9mxRKu7EJAK6v+TPoAUwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAUhpY
AwQAUh0wAwQAslONAwQAslOQAwQAslOTAwQAslOXAwQAslObAwQAslOdAwQAslOk
MA0GCSqGSIb3DQEBCwUAA4IBAQBsYS4nzg9APvHAVDcPkg5weEGbKXL5ZAosZC1l
jl/q/f5XejW0Dx4ro5Jkn+lwp7t+p+6cX6Ygbj2etexO8Qj0TXJfgE75sng9AiWa
lg6roirdJA0MrNvUYVsuOILEOtUnXPkb+cb/2QPlx1Ws+El94RMokrcuJMcxhIKI
KD7C8aHZ/0Ipbwr1Fe1nYBkDtiwx55sMpiYtBDx9KIfnE8qtSATu9lzbQr0Hcgj6
XGvjPCTo33BPGh7mky+4mvPAZITNMYRm75dLs6BJR8yKB1mP99WOzk+tH6dnBaZD
lfcJrrK5iXgHP4TlpUCfWN8qXZU1WwS6oli9ONXN/H4FCob4
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:34:25 2026 by rpki-client