Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215152.roa
File: AS215152.roa (raw, json)
Hash identifier: SS6O4Fzc+DWf0k1575YHjWQNogEStvI1KpDX7Bk30hI=
Subject key identifier: AC:9F:5A:7C:11:DB:05:00:66:F8:14:F6:B9:56:A1:9B:1E:7F:50:2E
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 4A20B7961AEF4D3629BEC90656853EB6348F26D0
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215152.roa
Signing time: Thu 05 Mar 2026 12:13:51 +0000
ROA not before: Thu 05 Mar 2026 12:08:51 +0000
ROA not after: Thu 04 Mar 2027 12:13:51 +0000
asID: 215152
IP address blocks: 96.62.71.0/24 maxlen: 24
140.233.175.0/24 maxlen: 24
150.241.254.0/24 maxlen: 24
168.222.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:20:b7:96:1a:ef:4d:36:29:be:c9:06:56:85:3e:b6:34:8f:26:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 5 12:08:51 2026 GMT
Not After : Mar 4 12:13:51 2027 GMT
Subject: CN=AC9F5A7C11DB050066F814F6B956A19B1E7F502E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:1f:a4:42:d0:a9:57:c0:0b:d9:77:3d:19:6e:
77:bb:c3:94:b9:e7:b2:54:d0:cf:4b:df:3e:14:a7:
e4:32:b0:92:80:56:dd:53:55:2c:a2:0b:5d:c1:cd:
b2:6e:ff:7e:ce:c0:09:30:ee:0a:8d:cd:13:a7:a0:
6a:9a:3a:8b:c5:24:d4:7a:0a:2b:c9:5e:17:02:05:
56:a7:cd:57:c9:a5:fb:d1:a4:31:b9:ab:76:2b:81:
97:ff:ec:04:d1:6e:9e:ae:81:be:3f:e8:38:96:e8:
9a:0d:9a:30:80:50:89:81:f0:d5:e4:9a:86:03:bf:
78:b5:94:8d:36:78:bf:27:92:28:36:c2:da:96:b2:
9f:42:ff:58:26:05:e3:45:34:a0:bb:24:13:74:78:
a7:f2:06:05:16:44:dc:2e:b2:38:cb:2b:22:af:49:
1d:ff:03:55:9d:dc:cd:48:85:83:7d:98:9a:9e:fb:
6d:ff:90:d1:43:73:f5:10:66:71:0a:19:0a:cf:05:
21:91:c1:fb:67:35:c7:55:66:35:11:c4:dd:0f:45:
ee:48:8a:a4:4a:db:f5:8c:39:91:1a:0b:aa:de:e4:
fb:b5:98:fa:97:fd:06:0a:5c:da:31:5f:71:c9:c8:
de:1c:0d:76:02:71:2b:2d:3e:68:8b:a4:2e:a9:66:
0c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:9F:5A:7C:11:DB:05:00:66:F8:14:F6:B9:56:A1:9B:1E:7F:50:2E
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215152.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.71.0/24
140.233.175.0/24
150.241.254.0/24
168.222.13.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:91:c8:33:22:75:f8:7c:34:47:b0:bd:7b:76:7a:79:e6:43:
29:7c:0b:79:97:6f:0e:52:75:db:a2:cf:c0:ca:67:7d:4b:5f:
8b:ac:25:a6:6a:71:6d:de:39:2f:e2:69:0a:ab:ed:16:6e:f0:
36:e5:86:75:b0:09:b8:41:e5:a9:33:b1:95:28:53:ae:09:78:
a1:82:5b:c0:01:ea:22:8a:7c:f2:7f:c7:97:3d:3d:aa:ed:7a:
9e:9e:75:61:49:df:07:bf:53:2e:e3:24:a1:8c:de:02:e8:e7:
74:a4:b6:45:58:55:6c:3f:0a:f7:25:46:a0:cd:1c:f5:5b:cd:
49:58:de:be:46:dc:a3:4d:d4:0e:36:0e:56:8d:e6:09:4e:d9:
c2:0c:f5:00:24:7f:3a:3a:7d:75:11:9d:b3:9b:a6:a3:ff:71:
40:c8:52:35:21:25:33:dd:80:a1:69:5c:e8:71:09:06:2f:8e:
b6:fc:60:f7:57:c9:ce:ef:37:2c:a7:e7:d9:51:d5:b0:4b:f9:
2a:5f:05:92:56:ab:b2:60:ee:fa:f6:9f:e4:cc:4d:2c:9f:6f:
0e:6d:91:0c:c0:21:a9:84:69:fe:f3:62:1b:af:8d:72:a3:db:
f5:73:92:59:1f:85:c2:83:a4:b0:55:1c:5c:11:2e:66:6f:2f:
40:8a:23:32
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUSiC3lhrvTTYpvskGVoU+tjSPJtAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMDUxMjA4NTFaFw0yNzAzMDQxMjEzNTFaMDMxMTAvBgNV
BAMTKEFDOUY1QTdDMTFEQjA1MDA2NkY4MTRGNkI5NTZBMTlCMUU3RjUwMkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVH6RC0KlXwAvZdz0Zbne7w5S5
57JU0M9L3z4Up+QysJKAVt1TVSyiC13BzbJu/37OwAkw7gqNzROnoGqaOovFJNR6
CivJXhcCBVanzVfJpfvRpDG5q3YrgZf/7ATRbp6ugb4/6DiW6JoNmjCAUImB8NXk
moYDv3i1lI02eL8nkig2wtqWsp9C/1gmBeNFNKC7JBN0eKfyBgUWRNwusjjLKyKv
SR3/A1Wd3M1IhYN9mJqe+23/kNFDc/UQZnEKGQrPBSGRwftnNcdVZjURxN0PRe5I
iqRK2/WMOZEaC6re5Pu1mPqX/QYKXNoxX3HJyN4cDXYCcSstPmiLpC6pZgzLAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUrJ9afBHbBQBm+BT2uVahmx5/UC4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE1MTUyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAYD5H
AwQAjOmvAwQAlvH+AwQAqN4NMA0GCSqGSIb3DQEBCwUAA4IBAQC1kcgzInX4fDRH
sL17dnp55kMpfAt5l28OUnXbos/Aymd9S1+LrCWmanFt3jkv4mkKq+0WbvA25YZ1
sAm4QeWpM7GVKFOuCXihglvAAeoiinzyf8eXPT2q7XqennVhSd8Hv1Mu4yShjN4C
6Od0pLZFWFVsPwr3JUagzRz1W81JWN6+RtyjTdQONg5WjeYJTtnCDPUAJH86On11
EZ2zm6aj/3FAyFI1ISUz3YChaVzocQkGL462/GD3V8nO7zcsp+fZUdWwS/kqXwWS
VquyYO769p/kzE0sn28ObZEMwCGphGn+82Ibr41yo9v1c5JZH4XCg6SwVRxcES5m
by9AiiMy
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:31:09 2026 by rpki-client