Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS51847.roa
File: AS51847.roa (raw, json)
Hash identifier: lsCrdVpT8UYDNlk+5S5/CH9lCycu7BKoZdY56c3AKcQ=
Subject key identifier: 21:2E:48:34:6F:23:76:2E:B3:20:4F:73:C8:EC:7C:3D:F2:5D:E5:23
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5C19D21499980E1D0E3228F9112E33B9BD58BAAE
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS51847.roa
Signing time: Sun 12 Apr 2026 13:10:04 +0000
ROA not before: Sun 12 Apr 2026 13:05:04 +0000
ROA not after: Sun 11 Apr 2027 13:10:04 +0000
asID: 51847
IP address blocks: 82.21.206.0/24 maxlen: 24
82.22.78.0/24 maxlen: 24
82.38.108.0/23 maxlen: 24
82.41.138.0/23 maxlen: 24
84.75.180.0/23 maxlen: 24
178.83.220.0/23 maxlen: 24
2a13:9500:f0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:19:d2:14:99:98:0e:1d:0e:32:28:f9:11:2e:33:b9:bd:58:ba:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 12 13:05:04 2026 GMT
Not After : Apr 11 13:10:04 2027 GMT
Subject: CN=212E48346F23762EB3204F73C8EC7C3DF25DE523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:bb:76:7a:34:1c:20:70:47:de:bc:68:ad:cd:
e0:58:11:97:54:7c:07:0c:8f:8f:d3:0f:c7:00:aa:
04:0b:1d:7a:d8:f1:6e:7f:02:76:4a:34:9e:f3:be:
a0:b1:68:1e:99:1e:4a:dd:82:3a:82:c0:27:2f:96:
f8:9b:0d:5f:23:24:cb:29:39:4c:4f:d1:fc:02:ee:
fa:dc:1d:53:0a:8e:85:5b:e9:55:50:1e:6b:1c:8a:
8e:db:56:6b:13:56:48:05:07:55:a2:6d:f4:cf:05:
fd:46:0b:9d:a7:08:a0:5f:45:30:15:eb:cb:df:e4:
69:b0:94:5a:9a:a5:f8:f9:8e:d2:8c:e0:c8:76:be:
7e:08:b5:f9:7d:9f:48:61:2c:00:58:15:f2:35:d1:
09:2a:75:34:7e:7f:91:af:ef:04:c5:d5:76:07:c0:
29:25:bc:77:92:19:af:d0:75:51:b4:65:6b:bf:aa:
ad:0a:76:14:03:f7:10:6a:ae:13:1f:b2:52:54:58:
cf:c1:e6:6d:70:80:a1:c9:bc:13:f5:10:cb:de:91:
17:88:48:ca:d2:fa:ec:08:0b:f2:e2:2a:72:d0:9f:
04:eb:71:12:74:79:ae:e6:99:b4:90:28:da:0b:dc:
6a:a1:7a:9b:91:2e:aa:b3:c5:09:4e:d7:2a:f9:f8:
5e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:2E:48:34:6F:23:76:2E:B3:20:4F:73:C8:EC:7C:3D:F2:5D:E5:23
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS51847.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.206.0/24
82.22.78.0/24
82.38.108.0/23
82.41.138.0/23
84.75.180.0/23
178.83.220.0/23
IPv6:
2a13:9500:f0::/48
Signature Algorithm: sha256WithRSAEncryption
06:60:d7:31:90:0f:32:cd:bb:7e:a4:72:07:dc:9c:84:6a:21:
b5:51:8a:e2:3d:5d:be:e2:47:92:07:a0:2a:af:b0:f7:80:2e:
21:9b:98:45:db:59:96:53:ec:44:10:18:bd:e7:02:a4:fb:69:
00:d0:ea:19:6f:30:54:2e:ae:bd:30:94:f4:3f:cf:47:cc:e6:
ff:99:1c:ce:d7:9c:2c:b4:b1:4a:ba:68:a3:68:b0:98:9b:90:
40:57:0b:18:e1:36:8d:28:04:34:9d:5a:5b:3d:b6:ed:7e:fb:
db:30:54:0b:a3:bc:f1:a5:ba:a0:58:f2:89:f6:52:a1:e4:89:
60:2e:c6:9c:a2:78:b3:af:cc:a4:f1:b5:db:c7:25:2b:e1:f6:
d4:fc:42:bd:b1:f8:18:3b:2d:9c:48:d6:c6:f0:13:fc:1c:47:
32:66:d1:fe:1d:9f:5b:ee:42:b4:a1:1d:29:98:fb:a2:a4:57:
4a:30:d5:e0:d6:8c:3c:69:70:c6:5d:a9:02:be:89:bd:de:21:
6c:62:15:5e:91:55:37:1e:0b:b6:68:96:33:b1:54:0e:ee:ca:
fd:f2:9b:96:99:0c:b9:a0:52:33:7a:39:f0:a7:89:31:db:92:
d0:ca:df:28:ad:7c:ab:81:c8:e4:a4:3b:46:53:4f:e7:a4:29:
a4:36:e4:b2
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIUXBnSFJmYDh0OMij5ES4zub1Yuq4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MTIxMzA1MDRaFw0yNzA0MTExMzEwMDRaMDMxMTAvBgNV
BAMTKDIxMkU0ODM0NkYyMzc2MkVCMzIwNEY3M0M4RUM3QzNERjI1REU1MjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOu3Z6NBwgcEfevGitzeBYEZdU
fAcMj4/TD8cAqgQLHXrY8W5/AnZKNJ7zvqCxaB6ZHkrdgjqCwCcvlvibDV8jJMsp
OUxP0fwC7vrcHVMKjoVb6VVQHmscio7bVmsTVkgFB1WibfTPBf1GC52nCKBfRTAV
68vf5GmwlFqapfj5jtKM4Mh2vn4Itfl9n0hhLABYFfI10QkqdTR+f5Gv7wTF1XYH
wCklvHeSGa/QdVG0ZWu/qq0KdhQD9xBqrhMfslJUWM/B5m1wgKHJvBP1EMvekReI
SMrS+uwIC/LiKnLQnwTrcRJ0ea7mmbSQKNoL3GqhepuRLqqzxQlO1yr5+F6zAgMB
AAGjggI4MIICNDAdBgNVHQ4EFgQUIS5ING8jdi6zIE9zyOx8PfJd5SMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTE4NDcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTgYIKwYBBQUHAQcBAf8EPzA9MCoEAgABMCQDBABSFc4D
BABSFk4DBAFSJmwDBAFSKYoDBAFUS7QDBAGyU9wwDwQCAAIwCQMHACoTlQAA8DAN
BgkqhkiG9w0BAQsFAAOCAQEABmDXMZAPMs27fqRyB9ychGohtVGK4j1dvuJHkgeg
Kq+w94AuIZuYRdtZllPsRBAYvecCpPtpANDqGW8wVC6uvTCU9D/PR8zm/5kcztec
LLSxSrpoo2iwmJuQQFcLGOE2jSgENJ1aWz227X772zBUC6O88aW6oFjyifZSoeSJ
YC7GnKJ4s6/MpPG128clK+H21PxCvbH4GDstnEjWxvAT/BxHMmbR/h2fW+5CtKEd
KZj7oqRXSjDV4NaMPGlwxl2pAr6Jvd4hbGIVXpFVNx4LtmiWM7FUDu7K/fKblpkM
uaBSM3o58KeJMduS0MrfKK18q4HI5KQ7RlNP56QppDbksg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:09:21 2026 by rpki-client