Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
File: AS214432.roa (raw, json)
Hash identifier: GLEQAv//52hh2zq9o3bWBUoiRF7RjlqhUa6Le3ZvRdE=
Subject key identifier: BF:3A:3D:F0:3E:91:25:F4:87:1B:FF:CB:25:18:5D:04:82:D0:A9:FB
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 317830524AB58A3DE5FC56785085DE7E197E0081
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
Signing time: Thu 16 Apr 2026 06:25:47 +0000
ROA not before: Thu 16 Apr 2026 06:20:47 +0000
ROA not after: Thu 15 Apr 2027 06:25:47 +0000
asID: 214432
IP address blocks: 82.21.75.0/24 maxlen: 24
82.21.125.0/24 maxlen: 24
82.25.142.0/24 maxlen: 24
82.27.3.0/24 maxlen: 24
82.27.131.0/24 maxlen: 24
82.39.187.0/24 maxlen: 24
82.40.36.0/24 maxlen: 24
82.41.57.0/24 maxlen: 24
82.41.74.0/24 maxlen: 24
82.41.97.0/24 maxlen: 24
178.83.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:78:30:52:4a:b5:8a:3d:e5:fc:56:78:50:85:de:7e:19:7e:00:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 16 06:20:47 2026 GMT
Not After : Apr 15 06:25:47 2027 GMT
Subject: CN=BF3A3DF03E9125F4871BFFCB25185D0482D0A9FB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:61:a4:f7:3e:00:08:4a:01:72:73:1d:5d:61:
b9:57:61:6b:cf:ce:33:be:b5:2c:db:72:82:35:d9:
17:1f:c5:5d:3f:94:46:c5:40:8d:b1:26:ab:03:12:
10:50:ab:df:2c:ba:e0:7a:b2:95:5b:61:7d:58:fb:
35:d0:49:09:c2:06:e6:90:75:21:ee:27:ac:34:5b:
91:48:89:4b:e6:cd:0e:b5:df:58:95:13:e1:f1:61:
ca:c8:17:39:b5:49:79:c5:a9:f5:88:25:2d:1b:a2:
42:1e:a5:2a:ba:f9:a9:e8:35:86:2a:22:b1:25:7a:
31:77:5c:c4:4e:c0:33:13:8b:e3:7a:f4:e9:df:e9:
3d:35:a6:6c:45:21:c6:f2:41:ef:fb:26:a7:f5:97:
d9:9c:1c:b5:2d:16:83:1c:55:ae:15:3d:50:ea:c2:
fd:62:76:60:a9:4b:6a:6a:90:3f:92:5b:11:55:b8:
ab:fa:ae:3f:57:33:90:37:1e:51:2d:49:d2:6f:94:
84:47:0d:0d:fa:df:a2:0a:e0:29:92:e0:52:7f:60:
83:b9:35:0e:1a:0e:d8:cf:e1:ee:37:00:2b:e5:59:
48:8d:47:b4:a8:9f:99:96:b8:aa:4c:f1:87:1e:51:
63:fd:20:76:da:2e:b2:50:3d:d8:87:e7:59:f4:4d:
47:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:3A:3D:F0:3E:91:25:F4:87:1B:FF:CB:25:18:5D:04:82:D0:A9:FB
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.75.0/24
82.21.125.0/24
82.25.142.0/24
82.27.3.0/24
82.27.131.0/24
82.39.187.0/24
82.40.36.0/24
82.41.57.0/24
82.41.74.0/24
82.41.97.0/24
178.83.16.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:2c:41:b8:60:5f:fc:e0:ec:40:4e:0e:10:58:b2:77:75:cf:
eb:20:f0:8e:c5:dc:7f:a2:c4:3a:70:f7:55:5f:1a:f7:17:64:
ae:71:27:ef:d5:04:d8:32:ed:32:db:68:c6:db:20:e6:94:3a:
3c:11:9b:e1:4c:2c:3b:11:a8:a9:8a:f5:db:b2:b8:00:2a:8b:
99:8f:74:2b:d2:41:f5:81:ef:87:9f:06:75:63:91:a5:c8:1c:
9c:6d:0d:f4:70:d7:63:48:98:ab:97:87:7d:de:4c:ac:5b:4c:
4e:b1:20:2f:51:00:f7:a7:df:2d:55:1e:de:2d:13:ec:15:fb:
eb:cf:94:58:64:55:1b:47:df:9b:36:0c:d8:a4:d8:6d:bd:10:
ff:40:fb:3d:d6:dc:c7:87:1e:cc:ed:97:a2:ae:6b:c8:82:d7:
e5:f2:e2:3f:b4:fe:c3:79:31:95:75:43:30:c8:24:4e:7a:51:
9c:c5:eb:cf:92:46:5f:5c:a3:16:09:16:bb:0c:47:f3:35:22:
1d:fd:87:06:83:d1:87:36:2d:04:20:1e:1e:43:c6:a8:fb:c1:
1c:8d:aa:cf:ce:33:b9:b5:8a:bc:58:5a:ab:22:1f:07:90:7d:
98:be:53:b8:28:68:f8:38:fd:3f:ef:14:28:be:7b:75:aa:c5:
77:4a:ba:15
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUMXgwUkq1ij3l/FZ4UIXefhl+AIEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MTYwNjIwNDdaFw0yNzA0MTUwNjI1NDdaMDMxMTAvBgNV
BAMTKEJGM0EzREYwM0U5MTI1RjQ4NzFCRkZDQjI1MTg1RDA0ODJEMEE5RkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzYaT3PgAISgFycx1dYblXYWvP
zjO+tSzbcoI12RcfxV0/lEbFQI2xJqsDEhBQq98suuB6spVbYX1Y+zXQSQnCBuaQ
dSHuJ6w0W5FIiUvmzQ6131iVE+HxYcrIFzm1SXnFqfWIJS0bokIepSq6+anoNYYq
IrElejF3XMROwDMTi+N69Onf6T01pmxFIcbyQe/7Jqf1l9mcHLUtFoMcVa4VPVDq
wv1idmCpS2pqkD+SWxFVuKv6rj9XM5A3HlEtSdJvlIRHDQ3636IK4CmS4FJ/YIO5
NQ4aDtjP4e43ACvlWUiNR7Son5mWuKpM8YceUWP9IHbaLrJQPdiH51n0TUdfAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUvzo98D6RJfSHG//LJRhdBILQqfswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0NDMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAUhVL
AwQAUhV9AwQAUhmOAwQAUhsDAwQAUhuDAwQAUie7AwQAUigkAwQAUik5AwQAUilK
AwQAUilhAwQAslMQMA0GCSqGSIb3DQEBCwUAA4IBAQCaLEG4YF/84OxATg4QWLJ3
dc/rIPCOxdx/osQ6cPdVXxr3F2SucSfv1QTYMu0y22jG2yDmlDo8EZvhTCw7Eaip
ivXbsrgAKouZj3Qr0kH1ge+HnwZ1Y5GlyBycbQ30cNdjSJirl4d93kysW0xOsSAv
UQD3p98tVR7eLRPsFfvrz5RYZFUbR9+bNgzYpNhtvRD/QPs91tzHhx7M7ZeirmvI
gtfl8uI/tP7DeTGVdUMwyCROelGcxevPkkZfXKMWCRa7DEfzNSId/YcGg9GHNi0E
IB4eQ8ao+8EcjarPzjO5tYq8WFqrIh8HkH2YvlO4KGj4OP0/7xQovnt1qsV3SroV
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:04:25 2026 by rpki-client