Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214143.roa
File: AS214143.roa (raw, json)
Hash identifier: YzA45hn/kn94sPMweAZjZqwrEfeo1EHxak7adYzjevQ=
Subject key identifier: 91:03:30:38:59:FB:9E:1F:D0:18:AD:07:74:CA:DD:78:27:98:0C:0F
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7C4D7D7A2B211C5875D2DDEF4CDF4D5832370C72
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214143.roa
Signing time: Wed 08 Apr 2026 12:35:52 +0000
ROA not before: Wed 08 Apr 2026 12:30:52 +0000
ROA not after: Wed 07 Apr 2027 12:35:52 +0000
asID: 214143
IP address blocks: 82.23.128.0/24 maxlen: 24
82.23.129.0/24 maxlen: 24
82.23.130.0/24 maxlen: 24
82.23.131.0/24 maxlen: 24
82.23.132.0/24 maxlen: 24
82.23.133.0/24 maxlen: 24
82.23.135.0/24 maxlen: 24
82.23.251.0/24 maxlen: 24
82.23.252.0/24 maxlen: 24
82.24.42.0/24 maxlen: 24
82.24.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:4d:7d:7a:2b:21:1c:58:75:d2:dd:ef:4c:df:4d:58:32:37:0c:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 8 12:30:52 2026 GMT
Not After : Apr 7 12:35:52 2027 GMT
Subject: CN=9103303859FB9E1FD018AD0774CADD7827980C0F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:ee:fa:df:fd:1a:f5:a1:31:8f:74:f7:7a:d4:
55:8c:4c:7d:a3:ee:04:25:0e:7f:e8:57:c3:3c:bf:
40:5b:2b:32:14:fd:b9:39:8b:43:1b:19:cd:b1:a1:
f0:13:df:05:27:ff:51:b6:fd:14:5f:23:f9:e2:6f:
51:7d:c5:4a:28:59:7c:bb:74:c0:48:54:51:ac:1b:
e0:32:31:eb:77:89:8b:88:90:64:0f:04:ff:6a:95:
be:e1:f0:88:63:91:39:8c:ee:79:13:9d:af:31:97:
64:ff:80:35:b2:1f:9f:35:9f:16:24:66:45:24:d2:
3b:92:32:5c:a2:dd:8a:46:7f:2e:82:6c:0d:80:20:
71:0c:40:ea:97:a9:44:60:c4:ff:b2:d1:19:b6:cd:
7f:f1:eb:c1:23:68:24:94:58:55:70:5b:3a:84:b4:
45:90:bb:37:e2:01:ad:50:b8:04:5c:23:02:7c:60:
78:7d:7e:83:a3:1d:9c:47:e9:0f:06:af:66:49:9f:
3f:45:ad:a5:43:b2:33:c5:a9:4d:9d:41:2f:92:5b:
2b:0e:4c:6d:60:fc:9a:78:e4:ab:32:6a:2a:21:60:
d8:26:eb:db:29:2f:ec:63:b1:42:d7:65:37:5b:7a:
d3:bc:3c:f0:31:b4:cb:96:0a:f6:b2:11:f3:d9:48:
5c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:03:30:38:59:FB:9E:1F:D0:18:AD:07:74:CA:DD:78:27:98:0C:0F
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214143.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.128.0-82.23.133.255
82.23.135.0/24
82.23.251.0-82.23.252.255
82.24.42.0/24
82.24.121.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:0e:29:d6:b6:30:e6:6f:0a:b4:19:d7:b3:ac:50:09:bc:c5:
c8:93:08:f5:79:e0:12:63:85:c0:73:d0:81:58:8f:8f:43:96:
13:ef:60:3c:41:ed:3f:83:7a:84:f6:a6:fc:24:52:27:1f:b7:
fd:eb:6c:3f:ff:11:ff:86:d8:11:ae:46:3c:eb:ee:37:ac:52:
c5:f5:3c:4e:57:30:ca:9b:94:18:bb:01:a2:d0:31:3e:28:e4:
c8:8c:ee:86:e6:87:84:20:6f:29:ac:80:4c:1e:5b:a3:c3:7e:
ee:cf:0d:f1:3f:12:8b:b9:4d:1f:89:7b:30:31:c0:06:06:ab:
e9:4a:f2:f7:0e:4b:63:c5:c5:1f:77:6f:7d:9e:9a:e2:16:77:
a8:5f:e1:e0:f9:43:8e:db:ab:47:d2:62:96:93:00:64:c9:37:
5a:f0:c1:3d:94:3d:22:c9:2c:e8:d1:87:1d:e8:93:09:20:55:
29:94:4d:1c:d1:49:fb:97:aa:d1:4b:00:a7:23:f2:a5:d6:37:
2c:34:dd:32:2c:1e:28:21:92:40:ff:50:15:e0:0c:f0:7a:ed:
64:7e:66:29:92:77:49:19:cb:ac:25:a8:f9:c2:64:a6:1a:7d:
81:5f:f3:c4:1a:1c:9a:4c:32:82:24:f6:52:de:95:b0:64:dc:
8a:f2:20:77
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUfE19eishHFh10t3vTN9NWDI3DHIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MDgxMjMwNTJaFw0yNzA0MDcxMjM1NTJaMDMxMTAvBgNV
BAMTKDkxMDMzMDM4NTlGQjlFMUZEMDE4QUQwNzc0Q0FERDc4Mjc5ODBDMEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDq7vrf/Rr1oTGPdPd61FWMTH2j
7gQlDn/oV8M8v0BbKzIU/bk5i0MbGc2xofAT3wUn/1G2/RRfI/nib1F9xUooWXy7
dMBIVFGsG+AyMet3iYuIkGQPBP9qlb7h8IhjkTmM7nkTna8xl2T/gDWyH581nxYk
ZkUk0juSMlyi3YpGfy6CbA2AIHEMQOqXqURgxP+y0Rm2zX/x68EjaCSUWFVwWzqE
tEWQuzfiAa1QuARcIwJ8YHh9foOjHZxH6Q8Gr2ZJnz9FraVDsjPFqU2dQS+SWysO
TG1g/Jp45KsyaiohYNgm69spL+xjsULXZTdbetO8PPAxtMuWCvayEfPZSFzPAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUkQMwOFn7nh/QGK0HdMrdeCeYDA8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0MTQzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAdS
F4ADBAFSF4QDBABSF4cwDAMEAFIX+wMEAFIX/AMEAFIYKgMEAFIYeTANBgkqhkiG
9w0BAQsFAAOCAQEASw4p1rYw5m8KtBnXs6xQCbzFyJMI9XngEmOFwHPQgViPj0OW
E+9gPEHtP4N6hPam/CRSJx+3/etsP/8R/4bYEa5GPOvuN6xSxfU8TlcwypuUGLsB
otAxPijkyIzuhuaHhCBvKayATB5bo8N+7s8N8T8Si7lNH4l7MDHABgar6Ury9w5L
Y8XFH3dvfZ6a4hZ3qF/h4PlDjturR9JilpMAZMk3WvDBPZQ9Isks6NGHHeiTCSBV
KZRNHNFJ+5eq0UsApyPypdY3LDTdMiweKCGSQP9QFeAM8HrtZH5mKZJ3SRnLrCWo
+cJkphp9gV/zxBocmkwygiT2Ut6VsGTcivIgdw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:18:17 2026 by rpki-client