Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215152.roa
File: AS215152.roa (raw, json)
Hash identifier: 0u7yHMX2iQgldGzfv+fpMQ1eXyoe9AcV58CDmNdHpus=
Subject key identifier: E1:29:8B:05:BC:F3:E4:15:DB:FA:E9:55:E5:26:31:B2:26:DE:8F:20
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 47B55E190CA93715251B0E3C2E3BEF56B4987DF2
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215152.roa
Signing time: Thu 07 May 2026 21:51:49 +0000
ROA not before: Thu 07 May 2026 21:46:49 +0000
ROA not after: Thu 06 May 2027 21:51:49 +0000
asID: 215152
IP address blocks: 150.241.208.0/24 maxlen: 24
150.241.254.0/24 maxlen: 24
155.117.153.0/24 maxlen: 24
162.141.183.0/24 maxlen: 24
167.148.84.0/24 maxlen: 24
168.222.35.0/24 maxlen: 24
168.222.41.0/24 maxlen: 24
168.222.45.0/24 maxlen: 24
168.222.54.0/24 maxlen: 24
168.222.69.0/24 maxlen: 24
168.222.76.0/24 maxlen: 24
168.222.87.0/24 maxlen: 24
168.222.90.0/24 maxlen: 24
168.222.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:b5:5e:19:0c:a9:37:15:25:1b:0e:3c:2e:3b:ef:56:b4:98:7d:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 7 21:46:49 2026 GMT
Not After : May 6 21:51:49 2027 GMT
Subject: CN=E1298B05BCF3E415DBFAE955E52631B226DE8F20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1a:09:55:25:cc:66:47:e9:43:b2:86:ef:b8:
9d:31:55:81:df:73:41:74:8b:65:87:5b:ef:3d:b8:
54:e9:f8:a6:57:34:da:95:89:86:cf:c1:65:26:97:
a1:72:f5:29:50:28:75:47:36:03:d1:f4:50:71:45:
34:2a:61:10:a5:d5:68:2f:29:5e:f8:aa:58:d6:e1:
f8:f9:30:7c:f4:90:89:cb:0a:fc:ec:21:13:b7:b9:
9b:ea:0b:4a:9a:ba:4b:48:60:1d:67:fc:da:19:b6:
74:e6:bb:4e:7a:7a:c8:ea:02:8e:ad:b9:d0:e6:51:
ff:90:a1:e1:48:af:dc:d5:2b:a4:0e:44:d0:23:e8:
75:55:69:12:d0:a3:84:7e:63:48:64:e3:22:b8:95:
11:4c:9c:ea:a1:39:54:96:21:06:6a:20:b5:18:71:
ff:16:5e:d0:43:0c:02:da:cb:f4:0e:41:42:57:6a:
f5:a1:d5:51:9d:2a:6d:69:4f:37:8e:8e:20:37:4d:
d9:7e:6c:36:69:85:a7:c2:ce:f5:43:c1:d2:62:f2:
00:1d:29:2c:99:f7:67:4b:12:e8:bb:bd:22:7a:0e:
98:37:42:94:65:84:42:3e:bc:1b:f2:68:44:ac:84:
75:a7:3b:b4:66:30:d9:8f:b7:75:9f:1a:a4:45:e3:
6f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:29:8B:05:BC:F3:E4:15:DB:FA:E9:55:E5:26:31:B2:26:DE:8F:20
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215152.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.241.208.0/24
150.241.254.0/24
155.117.153.0/24
162.141.183.0/24
167.148.84.0/24
168.222.35.0/24
168.222.41.0/24
168.222.45.0/24
168.222.54.0/24
168.222.69.0/24
168.222.76.0/24
168.222.87.0/24
168.222.90.0/24
168.222.94.0/24
Signature Algorithm: sha256WithRSAEncryption
88:e4:d4:d3:bc:83:c8:77:31:73:cf:1f:61:e0:83:c5:d4:12:
a5:b4:3d:ca:b8:81:83:84:8a:da:7f:fb:b5:84:ed:c6:89:d0:
6b:0b:05:d9:42:82:00:05:bf:0c:07:b1:84:67:be:1b:f4:60:
63:aa:e8:90:ca:66:85:e3:da:60:e4:f0:f2:4b:dc:54:67:4b:
35:34:b3:12:ec:c3:1a:a0:1b:11:55:2c:ac:f4:5a:91:c9:3f:
68:ae:25:26:61:70:d1:d6:4a:39:56:f1:34:ae:43:d4:87:43:
3c:07:16:93:1a:c9:fc:22:e5:4c:0b:14:84:77:41:7c:af:34:
7e:c2:a9:e6:1f:70:9c:c6:00:0e:ef:28:f4:11:0b:4a:20:ca:
64:0b:b4:64:f9:3f:6f:c1:4d:68:3d:2e:fc:57:ae:51:ad:d7:
cf:7a:61:42:03:9b:d3:02:96:bc:86:20:42:b5:0b:0b:ab:0d:
c9:5c:ab:1a:3a:15:fa:f2:94:bc:fc:a9:15:d5:de:f3:36:50:
e9:06:23:e2:dc:d9:6e:33:8b:e8:5f:92:16:51:93:5c:bb:50:
c2:0c:e8:84:ef:de:7b:90:4e:49:60:ec:32:e7:93:9f:e0:12:
87:1e:ce:78:23:13:87:21:6a:de:4d:1c:dc:66:03:e0:1c:6b:
eb:8f:9e:c7
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgIUR7VeGQypNxUlGw48LjvvVrSYffIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MDcyMTQ2NDlaFw0yNzA1MDYyMTUxNDlaMDMxMTAvBgNV
BAMTKEUxMjk4QjA1QkNGM0U0MTVEQkZBRTk1NUU1MjYzMUIyMjZERThGMjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBGglVJcxmR+lDsobvuJ0xVYHf
c0F0i2WHW+89uFTp+KZXNNqViYbPwWUml6Fy9SlQKHVHNgPR9FBxRTQqYRCl1Wgv
KV74qljW4fj5MHz0kInLCvzsIRO3uZvqC0qauktIYB1n/NoZtnTmu056esjqAo6t
udDmUf+QoeFIr9zVK6QORNAj6HVVaRLQo4R+Y0hk4yK4lRFMnOqhOVSWIQZqILUY
cf8WXtBDDALay/QOQUJXavWh1VGdKm1pTzeOjiA3Tdl+bDZphafCzvVDwdJi8gAd
KSyZ92dLEui7vSJ6Dpg3QpRlhEI+vBvyaESshHWnO7RmMNmPt3WfGqRF429PAgMB
AAGjggJYMIICVDAdBgNVHQ4EFgQU4SmLBbzz5BXb+ulV5SYxsibejyAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE1MTUyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAlvHQ
AwQAlvH+AwQAm3WZAwQAoo23AwQAp5RUAwQAqN4jAwQAqN4pAwQAqN4tAwQAqN42
AwQAqN5FAwQAqN5MAwQAqN5XAwQAqN5aAwQAqN5eMA0GCSqGSIb3DQEBCwUAA4IB
AQCI5NTTvIPIdzFzzx9h4IPF1BKltD3KuIGDhIraf/u1hO3GidBrCwXZQoIABb8M
B7GEZ74b9GBjquiQymaF49pg5PDyS9xUZ0s1NLMS7MMaoBsRVSys9FqRyT9oriUm
YXDR1ko5VvE0rkPUh0M8BxaTGsn8IuVMCxSEd0F8rzR+wqnmH3CcxgAO7yj0EQtK
IMpkC7Rk+T9vwU1oPS78V65RrdfPemFCA5vTApa8hiBCtQsLqw3JXKsaOhX68pS8
/KkV1d7zNlDpBiPi3NluM4voX5IWUZNcu1DCDOiE7957kE5JYOwy55Of4BKHHs54
IxOHIWreTRzcZgPgHGvrj57H
-----END CERTIFICATE-----
Generated at Tue May 12 23:38:33 2026 by rpki-client