Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
File: AS214432.roa (raw, json)
Hash identifier: L2ryQkxQosk2+Dfgtz5Wq+E+544813Z4mjkndCZGQGQ=
Subject key identifier: 69:30:99:D9:07:B9:CC:60:56:C0:C1:A8:A8:D1:D0:3E:93:60:09:B9
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7DA81CA08BBDAE6A08497F92D301BE455C269F7A
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
Signing time: Wed 25 Feb 2026 07:57:53 +0000
ROA not before: Wed 25 Feb 2026 07:52:53 +0000
ROA not after: Wed 24 Feb 2027 07:57:53 +0000
asID: 214432
IP address blocks: 82.25.142.0/24 maxlen: 24
82.39.187.0/24 maxlen: 24
82.41.57.0/24 maxlen: 24
82.41.74.0/24 maxlen: 24
82.41.97.0/24 maxlen: 24
178.83.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:a8:1c:a0:8b:bd:ae:6a:08:49:7f:92:d3:01:be:45:5c:26:9f:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 25 07:52:53 2026 GMT
Not After : Feb 24 07:57:53 2027 GMT
Subject: CN=693099D907B9CC6056C0C1A8A8D1D03E936009B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ab:47:eb:19:7e:2a:26:be:c7:7b:39:b9:58:
0f:d4:98:46:d4:40:1e:85:ec:0f:83:21:43:14:22:
1f:f1:81:3e:e5:f6:cc:18:60:df:e0:3a:c3:75:eb:
83:de:31:a2:e5:45:e2:1a:93:62:53:4d:6f:53:c3:
16:52:8c:2e:f0:78:31:e4:95:d7:0d:18:2e:bc:63:
2e:85:89:7e:af:fe:fe:cc:bd:ab:d8:54:0b:32:df:
fe:3e:49:c2:9b:66:25:44:32:bb:41:39:0b:ff:b1:
b9:6a:d9:89:2c:d8:b7:2a:d3:fd:3e:ce:0c:a1:0c:
d3:8e:b9:07:c4:d6:ae:2b:b8:83:63:12:96:35:f5:
b6:b1:08:bc:77:f2:e2:ba:1f:16:d4:0c:0e:a3:ec:
c2:12:7a:12:b5:b0:4a:e8:d5:96:0b:16:24:26:90:
60:f4:14:1f:54:aa:13:ea:45:ca:2e:d7:ee:bc:ae:
5f:1f:42:f3:ea:cf:7c:22:07:92:d3:33:cf:80:bd:
2e:23:a5:c6:e9:57:ee:b1:7a:6f:0c:06:44:da:e1:
e5:02:a2:cf:b4:41:6e:20:61:4f:57:d8:df:e1:21:
1f:a7:5a:e0:f5:1e:ce:77:70:17:d6:1a:de:c1:7e:
9a:95:b8:8d:41:50:c3:46:8a:e9:4a:36:fa:18:66:
15:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:30:99:D9:07:B9:CC:60:56:C0:C1:A8:A8:D1:D0:3E:93:60:09:B9
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.25.142.0/24
82.39.187.0/24
82.41.57.0/24
82.41.74.0/24
82.41.97.0/24
178.83.34.0/24
Signature Algorithm: sha256WithRSAEncryption
38:d1:7b:db:d4:4c:52:f3:31:9c:9b:a7:9e:aa:7c:d8:ec:5e:
21:68:20:52:85:66:00:6e:f0:f5:f5:27:de:d3:0f:f7:4c:29:
65:87:ce:91:f1:d0:72:d9:d5:3f:7e:9c:72:5c:70:88:a6:11:
6c:8f:e3:f7:96:44:81:6e:2f:3f:f0:36:4f:b3:54:01:9b:e2:
76:f6:62:fb:d8:90:99:16:d4:98:7c:9a:eb:50:90:32:48:15:
4a:77:35:3a:bd:80:a3:1a:3d:ab:0e:fd:39:f5:b9:81:c9:4c:
03:bc:7b:f3:f1:5a:4d:99:ee:8e:bd:79:73:92:84:26:e3:e5:
3f:92:e7:26:87:ed:58:72:0a:16:69:a2:26:1d:1a:5d:7e:46:
b6:74:f7:73:41:ab:fd:14:be:8b:d2:60:ef:b0:7d:ac:cf:29:
60:1b:39:ec:fb:51:ca:d2:d3:2c:09:c4:3b:d6:d3:84:50:29:
4a:f7:25:7e:42:20:67:9b:c2:ae:c3:5d:60:6c:b4:03:ae:82:
1d:5f:b7:32:1c:c3:1d:64:b6:e6:dd:13:36:5f:a0:5c:b6:94:
63:2e:7b:7a:20:16:4f:1a:38:7a:df:9c:e3:95:7e:d8:a5:07:
9f:c5:a4:75:8e:fb:82:74:9b:64:73:7b:e9:de:d6:83:1e:a4:
ba:4b:92:62
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUfagcoIu9rmoISX+S0wG+RVwmn3owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAyMjUwNzUyNTNaFw0yNzAyMjQwNzU3NTNaMDMxMTAvBgNV
BAMTKDY5MzA5OUQ5MDdCOUNDNjA1NkMwQzFBOEE4RDFEMDNFOTM2MDA5QjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmq0frGX4qJr7Hezm5WA/UmEbU
QB6F7A+DIUMUIh/xgT7l9swYYN/gOsN164PeMaLlReIak2JTTW9TwxZSjC7weDHk
ldcNGC68Yy6FiX6v/v7MvavYVAsy3/4+ScKbZiVEMrtBOQv/sblq2Yks2Lcq0/0+
zgyhDNOOuQfE1q4ruINjEpY19baxCLx38uK6HxbUDA6j7MISehK1sEro1ZYLFiQm
kGD0FB9UqhPqRcou1+68rl8fQvPqz3wiB5LTM8+AvS4jpcbpV+6xem8MBkTa4eUC
os+0QW4gYU9X2N/hIR+nWuD1Hs53cBfWGt7BfpqVuI1BUMNGiulKNvoYZhXFAgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQUaTCZ2Qe5zGBWwMGoqNHQPpNgCbkwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0NDMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUhmO
AwQAUie7AwQAUik5AwQAUilKAwQAUilhAwQAslMiMA0GCSqGSIb3DQEBCwUAA4IB
AQA40Xvb1ExS8zGcm6eeqnzY7F4haCBShWYAbvD19Sfe0w/3TCllh86R8dBy2dU/
fpxyXHCIphFsj+P3lkSBbi8/8DZPs1QBm+J29mL72JCZFtSYfJrrUJAySBVKdzU6
vYCjGj2rDv059bmByUwDvHvz8VpNme6OvXlzkoQm4+U/kucmh+1YcgoWaaImHRpd
fka2dPdzQav9FL6L0mDvsH2szylgGzns+1HK0tMsCcQ71tOEUClK9yV+QiBnm8Ku
w11gbLQDroIdX7cyHMMdZLbm3RM2X6BctpRjLnt6IBZPGjh635zjlX7YpQefxaR1
jvuCdJtkc3vp3taDHqS6S5Ji
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:45:50 2026 by rpki-client