Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214647.roa
File: AS214647.roa (raw, json)
Hash identifier: 0odq+ehZmrHA3437Ye3vw1ckEWZgIeoegDSonnJVtGI=
Subject key identifier: 84:E4:D0:B2:E7:FC:07:19:46:16:41:11:11:53:CD:19:4E:13:32:08
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7254055178B04676DDF3F9B79AF894ED6590DD09
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214647.roa
Signing time: Wed 03 Jun 2026 11:06:33 +0000
ROA not before: Wed 03 Jun 2026 11:01:33 +0000
ROA not after: Wed 02 Jun 2027 11:06:33 +0000
asID: 214647
IP address blocks: 82.22.4.0/24 maxlen: 24
178.83.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 15:07:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:54:05:51:78:b0:46:76:dd:f3:f9:b7:9a:f8:94:ed:65:90:dd:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 3 11:01:33 2026 GMT
Not After : Jun 2 11:06:33 2027 GMT
Subject: CN=84E4D0B2E7FC0719461641111153CD194E133208
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:05:cd:99:f8:be:93:f6:ba:78:b5:68:ed:87:
80:f3:5b:1b:cc:06:ef:57:4c:d0:26:8c:c5:89:94:
0f:8a:c8:eb:9e:73:5a:20:87:61:d9:40:7c:fc:bd:
e9:e8:ca:24:5f:9f:9f:07:55:8a:57:69:c5:f0:58:
53:38:33:76:64:fb:43:96:2d:8d:b4:83:15:aa:de:
f1:40:f0:70:fd:a5:e0:9a:da:12:2c:73:e1:0b:17:
98:28:6f:07:aa:70:f2:93:06:18:a7:b4:6f:86:b9:
b6:ee:4a:c0:79:72:f7:4d:b5:8b:a4:51:a5:7e:72:
73:ea:1f:da:b2:48:8d:c4:82:a1:24:9f:b9:44:a5:
7e:39:40:6b:e0:41:5e:a6:a6:8d:98:4e:be:0f:99:
90:65:99:22:e8:88:c3:29:7b:41:66:72:44:04:a8:
c4:9e:83:60:b4:7c:d9:76:dc:5b:7a:1f:b8:f5:1c:
2a:f2:d3:ac:f0:89:44:37:27:09:0e:5a:aa:0c:42:
5b:64:d9:e4:ac:f9:59:6c:03:36:a6:aa:b2:a5:10:
5a:b5:f4:f1:6d:f1:df:a1:6a:92:94:5c:f9:48:ec:
6e:98:7b:5f:2d:32:25:62:2b:ec:2b:ef:2d:27:85:
03:d0:62:f0:8b:d0:8f:32:80:40:18:35:8b:e3:e2:
fb:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:E4:D0:B2:E7:FC:07:19:46:16:41:11:11:53:CD:19:4E:13:32:08
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214647.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.4.0/24
178.83.44.0/24
Signature Algorithm: sha256WithRSAEncryption
44:41:44:a8:db:8b:d1:b0:cf:03:cb:a7:53:92:f3:c2:d2:ad:
23:5f:bb:fc:bc:30:a1:25:9d:e1:0c:05:94:dd:66:e4:3b:7a:
b1:f2:f7:85:9c:b8:48:60:53:81:ab:cf:44:b5:82:f8:b3:18:
8e:a2:55:6b:b2:fc:98:95:45:3e:13:2d:84:2e:8f:3f:36:36:
86:df:a0:fe:6c:3e:45:c9:76:6d:8a:dd:52:3f:a1:36:22:4b:
83:b3:2f:63:88:63:ac:4c:d0:0d:d6:1f:98:57:c5:ab:0e:48:
ba:7f:42:ca:fb:81:4d:69:5f:44:7a:f2:ad:17:b1:88:42:3d:
8b:39:29:6b:31:89:df:8c:2b:52:b9:35:47:d7:bd:d1:79:2a:
ee:40:84:64:76:8a:e1:2f:23:08:77:17:1f:52:a3:03:6d:b6:
14:50:52:11:f9:17:d6:67:62:03:6f:5a:58:d7:77:e9:30:d9:
33:fe:b7:30:c1:c0:3b:45:52:95:be:1f:52:50:5a:08:c9:f5:
eb:28:4c:da:4a:86:9c:e9:34:3b:e5:7a:1b:4a:fe:a9:74:55:
2e:c3:cb:bc:56:79:04:85:05:da:a1:b4:a5:ea:bf:87:ed:76:
a0:be:c5:cb:aa:67:05:37:25:6b:b2:a1:7f:7f:0e:5f:df:77:
79:79:d3:d7
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUclQFUXiwRnbd8/m3mviU7WWQ3QkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDMxMTAxMzNaFw0yNzA2MDIxMTA2MzNaMDMxMTAvBgNV
BAMTKDg0RTREMEIyRTdGQzA3MTk0NjE2NDExMTExNTNDRDE5NEUxMzMyMDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2Bc2Z+L6T9rp4tWjth4DzWxvM
Bu9XTNAmjMWJlA+KyOuec1ogh2HZQHz8venoyiRfn58HVYpXacXwWFM4M3Zk+0OW
LY20gxWq3vFA8HD9peCa2hIsc+ELF5gobweqcPKTBhintG+GubbuSsB5cvdNtYuk
UaV+cnPqH9qySI3EgqEkn7lEpX45QGvgQV6mpo2YTr4PmZBlmSLoiMMpe0FmckQE
qMSeg2C0fNl23Ft6H7j1HCry06zwiUQ3JwkOWqoMQltk2eSs+VlsAzamqrKlEFq1
9PFt8d+hapKUXPlI7G6Ye18tMiViK+wr7y0nhQPQYvCL0I8ygEAYNYvj4vsfAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUhOTQsuf8BxlGFkEREVPNGU4TMggwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0NjQ3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUhYE
AwQAslMsMA0GCSqGSIb3DQEBCwUAA4IBAQBEQUSo24vRsM8Dy6dTkvPC0q0jX7v8
vDChJZ3hDAWU3WbkO3qx8veFnLhIYFOBq89EtYL4sxiOolVrsvyYlUU+Ey2ELo8/
NjaG36D+bD5FyXZtit1SP6E2IkuDsy9jiGOsTNAN1h+YV8WrDki6f0LK+4FNaV9E
evKtF7GIQj2LOSlrMYnfjCtSuTVH173ReSruQIRkdorhLyMIdxcfUqMDbbYUUFIR
+RfWZ2IDb1pY13fpMNkz/rcwwcA7RVKVvh9SUFoIyfXrKEzaSoac6TQ75XobSv6p
dFUuw8u8VnkEhQXaobSl6r+H7XagvsXLqmcFNyVrsqF/fw5f33d5edPX
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:53:43 2026 by rpki-client