Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214025.roa
File: AS214025.roa (raw, json)
Hash identifier: CRUgoPnos5hidcFmmz6zfOAOSPaKrRSvs3EGgd6a/Fw=
Subject key identifier: 5F:3E:13:80:8A:47:13:51:7A:7B:13:1D:DB:4D:52:FE:03:2F:B6:E6
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2522FC9A57A64468AF64240E590B888F45CDD1
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214025.roa
Signing time: Thu 16 Apr 2026 10:53:35 +0000
ROA not before: Thu 16 Apr 2026 10:48:35 +0000
ROA not after: Thu 15 Apr 2027 10:53:35 +0000
asID: 214025
IP address blocks: 82.21.169.0/24 maxlen: 24
82.22.26.0/24 maxlen: 24
82.23.250.0/24 maxlen: 24
82.24.16.0/24 maxlen: 24
82.24.107.0/24 maxlen: 24
82.38.12.0/24 maxlen: 24
82.38.62.0/24 maxlen: 24
82.38.98.0/24 maxlen: 24
82.38.122.0/24 maxlen: 24
82.38.145.0/24 maxlen: 24
82.39.233.0/24 maxlen: 24
82.47.23.0/24 maxlen: 24
82.47.43.0/24 maxlen: 24
82.47.57.0/24 maxlen: 24
82.47.107.0/24 maxlen: 24
82.47.135.0/24 maxlen: 24
82.47.148.0/24 maxlen: 24
82.47.180.0/24 maxlen: 24
82.47.182.0/24 maxlen: 24
82.47.213.0/24 maxlen: 24
82.47.217.0/24 maxlen: 24
82.47.230.0/24 maxlen: 24
84.75.10.0/24 maxlen: 24
84.75.128.0/24 maxlen: 24
84.75.136.0/24 maxlen: 24
84.75.138.0/24 maxlen: 24
84.75.145.0/24 maxlen: 24
84.75.150.0/24 maxlen: 24
84.75.152.0/24 maxlen: 24
84.75.158.0/24 maxlen: 24
84.75.167.0/24 maxlen: 24
84.75.173.0/24 maxlen: 24
84.75.174.0/24 maxlen: 24
84.75.182.0/24 maxlen: 24
84.75.192.0/24 maxlen: 24
84.75.193.0/24 maxlen: 24
84.75.199.0/24 maxlen: 24
84.75.201.0/24 maxlen: 24
84.75.205.0/24 maxlen: 24
84.75.208.0/24 maxlen: 24
84.75.213.0/24 maxlen: 24
84.75.214.0/24 maxlen: 24
84.75.215.0/24 maxlen: 24
84.75.216.0/24 maxlen: 24
84.75.217.0/24 maxlen: 24
178.83.12.0/24 maxlen: 24
178.83.71.0/24 maxlen: 24
178.83.87.0/24 maxlen: 24
178.83.111.0/24 maxlen: 24
178.83.143.0/24 maxlen: 24
178.83.149.0/24 maxlen: 24
178.83.151.0/24 maxlen: 24
178.83.160.0/24 maxlen: 24
178.83.162.0/24 maxlen: 24
178.83.179.0/24 maxlen: 24
178.83.189.0/24 maxlen: 24
178.83.194.0/24 maxlen: 24
178.83.232.0/24 maxlen: 24
178.83.234.0/24 maxlen: 24
178.83.241.0/24 maxlen: 24
178.83.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 20:34:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:22:fc:9a:57:a6:44:68:af:64:24:0e:59:0b:88:8f:45:cd:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 16 10:48:35 2026 GMT
Not After : Apr 15 10:53:35 2027 GMT
Subject: CN=5F3E13808A4713517A7B131DDB4D52FE032FB6E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:82:93:6b:08:99:7c:e6:c1:a6:41:02:57:76:
7c:14:d9:eb:f4:ee:42:b4:4b:43:56:e7:7c:23:b5:
f8:66:6b:13:88:e5:6c:31:d7:18:28:48:0b:43:cd:
15:90:62:d0:1e:6d:06:1b:8c:24:ff:42:93:1e:6c:
81:f3:c5:58:e6:16:40:72:db:74:bf:65:37:8c:f3:
fb:3e:c7:88:18:06:0b:89:b1:f8:95:26:7b:be:ce:
03:97:d9:48:fb:8f:ee:e5:00:ce:fc:64:35:cd:2d:
4e:88:dd:58:71:83:68:7c:12:63:c3:78:5a:57:5d:
1d:a6:0e:21:6c:70:82:d8:96:b1:38:a0:2e:05:b3:
32:51:85:83:0c:0c:53:bc:82:1c:3c:d4:63:41:9e:
56:9c:37:4f:88:91:09:28:f3:b4:d9:ac:a3:10:3c:
e1:45:78:9f:99:31:90:01:e7:5a:ba:63:e6:1e:a3:
ef:b5:28:dc:72:ff:89:79:c8:d5:eb:03:be:5c:c7:
8f:77:ea:12:9e:1b:99:ff:94:c6:2c:10:5c:a2:cf:
14:2d:ed:15:20:d1:01:81:83:58:11:e5:ec:f0:e7:
f6:97:c1:6b:cc:5e:d2:98:36:ac:92:30:e9:af:9c:
50:ce:92:c2:42:38:c7:37:15:66:38:58:ba:f9:70:
30:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:3E:13:80:8A:47:13:51:7A:7B:13:1D:DB:4D:52:FE:03:2F:B6:E6
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214025.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.169.0/24
82.22.26.0/24
82.23.250.0/24
82.24.16.0/24
82.24.107.0/24
82.38.12.0/24
82.38.62.0/24
82.38.98.0/24
82.38.122.0/24
82.38.145.0/24
82.39.233.0/24
82.47.23.0/24
82.47.43.0/24
82.47.57.0/24
82.47.107.0/24
82.47.135.0/24
82.47.148.0/24
82.47.180.0/24
82.47.182.0/24
82.47.213.0/24
82.47.217.0/24
82.47.230.0/24
84.75.10.0/24
84.75.128.0/24
84.75.136.0/24
84.75.138.0/24
84.75.145.0/24
84.75.150.0/24
84.75.152.0/24
84.75.158.0/24
84.75.167.0/24
84.75.173.0-84.75.174.255
84.75.182.0/24
84.75.192.0/23
84.75.199.0/24
84.75.201.0/24
84.75.205.0/24
84.75.208.0/24
84.75.213.0-84.75.217.255
178.83.12.0/24
178.83.71.0/24
178.83.87.0/24
178.83.111.0/24
178.83.143.0/24
178.83.149.0/24
178.83.151.0/24
178.83.160.0/24
178.83.162.0/24
178.83.179.0/24
178.83.189.0/24
178.83.194.0/24
178.83.232.0/24
178.83.234.0/24
178.83.241.0/24
178.83.253.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:0c:93:85:7a:26:b5:47:cc:d2:af:a4:bc:cd:6b:94:4e:e0:
48:2d:c1:0a:fd:89:25:b7:1b:88:cb:f3:9e:3c:45:cd:57:44:
99:07:a5:3a:e7:76:b2:1e:56:70:a4:d8:b0:4f:2a:e2:35:56:
7c:6f:dd:07:da:60:fd:58:66:22:c5:ef:f2:d8:28:49:d8:80:
f1:0c:3d:7f:38:b8:09:4a:c1:e0:41:2c:12:89:ff:08:6b:0a:
8c:90:0b:b7:63:1f:d6:46:ab:5b:ae:ec:c4:8a:6b:8c:31:85:
19:54:e7:93:19:38:73:80:2e:c3:13:30:c1:5b:7e:51:dc:97:
cc:2b:ba:f8:56:7b:29:65:36:05:7c:5e:12:3c:d1:fd:bc:43:
01:30:4f:14:9e:cc:0c:02:18:4f:d4:59:a9:f9:7e:87:10:1d:
66:9f:29:e0:67:e9:cc:20:64:3b:56:e3:77:9e:5e:56:4c:7b:
6c:69:63:9a:99:ca:b5:0f:4c:95:9d:6e:63:6a:9b:d9:68:19:
47:36:51:61:b0:93:80:13:4f:2a:2c:39:0a:31:37:65:3d:65:
c0:c8:e8:8e:4a:48:0a:bd:34:67:6f:ea:18:97:f6:82:71:d2:
2d:57:e8:f0:e2:23:b4:fd:d5:40:c3:64:6d:ef:29:1e:60:45:
1e:5f:ab:5f
-----BEGIN CERTIFICATE-----
MIIGXTCCBUWgAwIBAgITJSL8mlemRGivZCQOWQuIj0XN0TANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEygyMThjYzZlMjQxMDVkZTZjNWM5MDAzZDY1MjQzODkzY2Iz
Y2ZkZDAxMB4XDTI2MDQxNjEwNDgzNVoXDTI3MDQxNTEwNTMzNVowMzExMC8GA1UE
AxMoNUYzRTEzODA4QTQ3MTM1MTdBN0IxMzFEREI0RDUyRkUwMzJGQjZFNjCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL6Ck2sImXzmwaZBAld2fBTZ6/Tu
QrRLQ1bnfCO1+GZrE4jlbDHXGChIC0PNFZBi0B5tBhuMJP9Ckx5sgfPFWOYWQHLb
dL9lN4zz+z7HiBgGC4mx+JUme77OA5fZSPuP7uUAzvxkNc0tTojdWHGDaHwSY8N4
WlddHaYOIWxwgtiWsTigLgWzMlGFgwwMU7yCHDzUY0GeVpw3T4iRCSjztNmsoxA8
4UV4n5kxkAHnWrpj5h6j77Uo3HL/iXnI1esDvlzHj3fqEp4bmf+UxiwQXKLPFC3t
FSDRAYGDWBHl7PDn9pfBa8xe0pg2rJIw6a+cUM6SwkI4xzcVZjhYuvlwMLkCAwEA
AaOCA2gwggNkMB0GA1UdDgQWBBRfPhOAikcTUXp7Ex3bTVL+Ay+25jAfBgNVHSME
GDAWgBQhjMbiQQXebFyQA9ZSQ4k8s8/dATAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS83MThhMWI0Zi1iNjRjLTQwMmMtYmUxNS1kZDgyYTQxYTFh
ZjYvMC8yMThDQzZFMjQxMDVERTZDNUM5MDAzRDY1MjQzODkzQ0IzQ0ZERDAxLmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvSVl6RzRrRUYzbXhja0FQV1VrT0pQTFBQ
M1FFLmNlcjB7BggrBgEFBQcBCwRvMG0wawYIKwYBBQUHMAuGX3JzeW5jOi8vcnN5
bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00
MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvQVMyMTQwMjUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggF7BggrBgEFBQcBBwEB/wSCAWowggFmMIIBYgQCAAEw
ggFaAwQAUhWpAwQAUhYaAwQAUhf6AwQAUhgQAwQAUhhrAwQAUiYMAwQAUiY+AwQA
UiZiAwQAUiZ6AwQAUiaRAwQAUifpAwQAUi8XAwQAUi8rAwQAUi85AwQAUi9rAwQA
Ui+HAwQAUi+UAwQAUi+0AwQAUi+2AwQAUi/VAwQAUi/ZAwQAUi/mAwQAVEsKAwQA
VEuAAwQAVEuIAwQAVEuKAwQAVEuRAwQAVEuWAwQAVEuYAwQAVEueAwQAVEunMAwD
BABUS60DBABUS64DBABUS7YDBAFUS8ADBABUS8cDBABUS8kDBABUS80DBABUS9Aw
DAMEAFRL1QMEAVRL2AMEALJTDAMEALJTRwMEALJTVwMEALJTbwMEALJTjwMEALJT
lQMEALJTlwMEALJToAMEALJTogMEALJTswMEALJTvQMEALJTwgMEALJT6AMEALJT
6gMEALJT8QMEALJT/TANBgkqhkiG9w0BAQsFAAOCAQEAHAyThXomtUfM0q+kvM1r
lE7gSC3BCv2JJbcbiMvznjxFzVdEmQelOud2sh5WcKTYsE8q4jVWfG/dB9pg/Vhm
IsXv8tgoSdiA8Qw9fzi4CUrB4EEsEon/CGsKjJALt2Mf1karW67sxIprjDGFGVTn
kxk4c4AuwxMwwVt+UdyXzCu6+FZ7KWU2BXxeEjzR/bxDATBPFJ7MDAIYT9RZqfl+
hxAdZp8p4GfpzCBkO1bjd55eVkx7bGljmpnKtQ9MlZ1uY2qb2WgZRzZRYbCTgBNP
Kiw5CjE3ZT1lwMjojkpICr00Z2/qGJf2gnHSLVfo8OIjtP3VQMNkbe8pHmBFHl+r
Xw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:32:16 2026 by rpki-client