Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS216320.roa
File: AS216320.roa (raw, json)
Hash identifier: SAA3WA+oWEwT0sEwdGu47c1LnZ5u1bVLqJSzXJS67vc=
Subject key identifier: 27:6D:2C:67:5D:DE:37:09:B3:9F:4F:6A:D6:35:31:31:32:86:82:E5
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 560462CAFBFAB52DBFBAE53286D65D5FE21E9ABD
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS216320.roa
Signing time: Mon 28 Jul 2025 14:31:54 +0000
ROA not before: Mon 28 Jul 2025 14:26:54 +0000
ROA not after: Mon 27 Jul 2026 14:31:54 +0000
asID: 216320
IP address blocks: 82.21.7.0/24 maxlen: 24
2a13:9500:64::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 01:11:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:04:62:ca:fb:fa:b5:2d:bf:ba:e5:32:86:d6:5d:5f:e2:1e:9a:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jul 28 14:26:54 2025 GMT
Not After : Jul 27 14:31:54 2026 GMT
Subject: CN=276D2C675DDE3709B39F4F6AD6353131328682E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6a:95:9f:b5:38:44:da:5b:ba:61:73:05:e5:
f3:1f:0f:fd:81:b2:3c:92:21:f5:0c:31:8e:79:d2:
95:09:4a:07:9c:ef:f7:ac:1d:66:b1:85:49:ff:9f:
ee:39:ec:53:24:a8:33:10:5f:32:82:a5:71:c6:7f:
70:09:ca:6e:b9:c5:de:8e:a4:37:d3:a7:cf:bc:49:
85:70:62:f9:b5:b8:ea:78:5a:9d:52:87:9e:fe:89:
88:e6:12:e0:0a:27:cc:58:42:4d:07:12:a1:3c:e8:
3b:12:93:fa:42:af:86:fa:1e:89:91:55:1d:3d:4d:
a9:b7:17:08:e4:b0:6b:76:70:e2:33:fa:eb:b3:72:
68:31:30:7f:b2:1e:bd:fb:60:bd:19:17:67:f0:aa:
fc:bc:d2:66:9e:ab:f9:63:b6:79:0b:49:f9:fc:17:
8e:ea:68:e9:bb:77:3f:f6:d7:fb:de:7c:65:49:bc:
c5:9f:23:21:49:11:8c:cc:ae:42:36:fb:50:05:73:
60:81:08:2f:40:73:1d:8c:65:b2:1d:60:40:83:5c:
86:c7:59:f3:1b:a7:13:26:d1:2a:9a:d2:bc:78:e3:
57:5d:a6:c3:d6:24:06:b6:f3:b7:97:7d:8d:b3:99:
3b:67:08:30:52:f8:5f:6c:6f:34:17:f4:32:fe:6a:
8c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:6D:2C:67:5D:DE:37:09:B3:9F:4F:6A:D6:35:31:31:32:86:82:E5
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS216320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.7.0/24
IPv6:
2a13:9500:64::/48
Signature Algorithm: sha256WithRSAEncryption
99:2d:b2:ca:2f:b1:03:43:ff:66:4f:58:6d:d4:76:91:c4:1c:
14:26:4e:80:7e:dc:a3:03:87:ad:bd:9d:c7:ff:24:21:00:b7:
65:90:af:64:c0:86:a4:a3:e8:d8:3a:97:b4:00:d3:9c:10:d8:
fb:53:90:ad:6a:2a:e4:df:13:9a:05:06:5c:d9:59:73:72:89:
ab:4c:e4:00:2f:02:bf:6a:2e:35:55:0f:61:fe:41:45:bf:4f:
c2:67:e6:23:c4:e2:22:e0:50:52:46:a8:52:60:4f:57:ba:e2:
50:1f:48:57:86:e0:c1:b2:b7:05:06:f9:c9:30:81:f0:d6:21:
58:c5:f4:5b:44:8f:d6:cb:31:3a:ae:3e:3c:a8:c7:74:e3:f6:
d7:3a:f4:52:f3:51:2e:28:52:e0:cb:ae:d1:d1:8c:a4:5a:e7:
a1:78:86:b6:f2:61:ad:9d:f9:f4:24:e1:15:c8:27:5c:ef:16:
1c:95:19:1e:28:85:77:a3:3d:f8:f9:b6:b5:23:fe:5f:a0:88:
d8:bb:b8:ce:01:83:0c:19:61:2e:2f:47:9e:71:4c:6a:40:b1:
0c:13:54:95:85:ea:85:08:3c:31:f4:6a:75:e0:77:be:3c:ab:
a1:6a:32:62:bb:d8:2a:fb:0e:6d:b3:e9:6b:89:3b:9f:cb:1e:
e6:db:7b:f2
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUVgRiyvv6tS2/uuUyhtZdX+Iemr0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA3MjgxNDI2NTRaFw0yNjA3MjcxNDMxNTRaMDMxMTAvBgNV
BAMTKDI3NkQyQzY3NURERTM3MDlCMzlGNEY2QUQ2MzUzMTMxMzI4NjgyRTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYapWftThE2lu6YXMF5fMfD/2B
sjySIfUMMY550pUJSgec7/esHWaxhUn/n+457FMkqDMQXzKCpXHGf3AJym65xd6O
pDfTp8+8SYVwYvm1uOp4Wp1Sh57+iYjmEuAKJ8xYQk0HEqE86DsSk/pCr4b6HomR
VR09Tam3FwjksGt2cOIz+uuzcmgxMH+yHr37YL0ZF2fwqvy80maeq/ljtnkLSfn8
F47qaOm7dz/21/vefGVJvMWfIyFJEYzMrkI2+1AFc2CBCC9Acx2MZbIdYECDXIbH
WfMbpxMm0Sqa0rx441ddpsPWJAa287eXfY2zmTtnCDBS+F9sbzQX9DL+aoyhAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUJ20sZ13eNwmzn09q1jUxMTKGguUwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE2MzIwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAUhUH
MA8EAgACMAkDBwAqE5UAAGQwDQYJKoZIhvcNAQELBQADggEBAJktssovsQND/2ZP
WG3UdpHEHBQmToB+3KMDh629ncf/JCEAt2WQr2TAhqSj6Ng6l7QA05wQ2PtTkK1q
KuTfE5oFBlzZWXNyiatM5AAvAr9qLjVVD2H+QUW/T8Jn5iPE4iLgUFJGqFJgT1e6
4lAfSFeG4MGytwUG+ckwgfDWIVjF9FtEj9bLMTquPjyox3Tj9tc69FLzUS4oUuDL
rtHRjKRa56F4hrbyYa2d+fQk4RXIJ1zvFhyVGR4ohXejPfj5trUj/l+giNi7uM4B
gwwZYS4vR55xTGpAsQwTVJWF6oUIPDH0anXgd748q6FqMmK72Cr7Dm2z6WuJO5/L
Hubbe/I=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:39:20 2025 by rpki-client