Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215152.roa
File: AS215152.roa (raw, json)
Hash identifier: D5+05SQDXaWK0fdLqvJanH3ltR/VXQqGL4YwouMAiZ4=
Subject key identifier: 76:64:FC:CE:C3:EB:8B:A2:7D:96:6E:89:C0:C9:BC:37:9D:68:71:80
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 42FD25EE517CCDD65570C288A764E752799ED390
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215152.roa
Signing time: Tue 17 Mar 2026 14:44:50 +0000
ROA not before: Tue 17 Mar 2026 14:39:50 +0000
ROA not after: Tue 16 Mar 2027 14:44:50 +0000
asID: 215152
IP address blocks: 181.214.209.0/24 maxlen: 24
2a0a:7a00::/29 maxlen: 48
2a0a:9200::/29 maxlen: 48
2a0a:a600::/29 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:fd:25:ee:51:7c:cd:d6:55:70:c2:88:a7:64:e7:52:79:9e:d3:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 17 14:39:50 2026 GMT
Not After : Mar 16 14:44:50 2027 GMT
Subject: CN=7664FCCEC3EB8BA27D966E89C0C9BC379D687180
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5a:05:b1:57:82:47:c2:a1:84:b0:7f:09:bc:
de:76:49:f4:c8:48:0a:7c:7a:d1:8a:8b:e3:62:47:
9e:4c:98:d9:5d:88:8f:0f:b1:59:96:af:56:9a:e5:
4c:63:66:40:7c:c2:8a:45:49:43:1e:0a:84:b0:e9:
31:10:47:65:8a:7b:9e:ac:e3:3d:8a:fb:df:fd:3e:
db:cd:e9:92:9b:94:dd:b9:9d:a6:74:c5:38:eb:d1:
b6:89:89:e8:0a:15:a3:ab:68:c2:49:ba:10:ee:05:
b8:b1:9c:b0:69:f4:97:73:63:ae:b0:4d:35:d6:1f:
8c:5c:71:2f:73:c2:cc:dd:67:3d:13:78:c6:a4:22:
44:01:b6:0c:ac:7f:ee:c2:21:35:d1:00:ef:3e:6d:
6f:09:5b:f0:d3:1b:67:be:d3:ff:b1:26:28:26:a1:
ba:ba:03:63:06:36:f6:c3:2a:28:f9:dc:dc:5f:60:
a9:de:61:31:8e:fe:55:bd:5c:4c:5d:31:8d:63:f0:
f5:3e:f2:a8:69:77:a1:2c:d0:2c:4d:72:ab:00:02:
a5:9b:ea:8f:d7:c7:07:c1:64:bf:6f:52:0f:99:eb:
11:a4:28:2a:7f:8f:2c:64:5d:ff:77:4b:7a:49:85:
ac:f5:c7:37:46:41:16:e5:8f:cc:f3:c2:c8:6f:ec:
92:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:64:FC:CE:C3:EB:8B:A2:7D:96:6E:89:C0:C9:BC:37:9D:68:71:80
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215152.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.209.0/24
IPv6:
2a0a:7a00::/29
2a0a:9200::/29
2a0a:a600::/29
Signature Algorithm: sha256WithRSAEncryption
6b:f7:7d:e6:af:c1:23:30:5c:9c:50:b1:ef:5c:2b:17:15:40:
11:ee:70:7b:4c:e6:42:1f:65:31:87:e1:d5:7a:97:87:13:51:
f2:32:6e:3d:d6:99:44:ea:27:fb:c3:b4:84:b0:81:6f:32:80:
2f:68:7b:01:6d:a3:51:cb:17:49:5a:c8:fb:af:af:5f:81:fb:
0c:c3:01:8c:fe:cd:7f:52:93:ee:eb:af:c9:3c:70:78:bb:45:
a2:88:73:d1:93:fd:1b:2a:8f:7e:b8:6f:82:9d:00:36:60:a7:
a8:f1:b4:2f:fb:90:4c:fc:b0:01:3e:a8:07:31:2a:8a:af:11:
72:7b:76:23:91:9e:06:71:fa:a6:8c:b0:dc:05:6f:48:c4:fd:
1d:fc:7f:07:bb:24:39:cb:be:40:cb:90:2c:b8:69:40:e8:f2:
63:df:60:07:d4:f5:d1:7c:db:d2:b0:6a:78:ba:57:4b:ac:91:
e5:9c:65:9e:3b:14:dc:2c:78:61:7f:9e:61:b1:3e:77:0a:7e:
63:5e:09:ec:99:8f:35:4f:b5:11:cc:1b:65:cb:c7:49:f7:a8:
69:08:02:db:81:bf:e1:7f:80:84:6e:ce:47:73:75:bc:db:b2:
e5:5c:f6:93:1c:72:d9:9e:68:00:42:99:3f:04:92:fd:55:9b:
c9:df:81:fa
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUQv0l7lF8zdZVcMKIp2TnUnme05AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjAzMTcxNDM5NTBaFw0yNzAzMTYxNDQ0NTBaMDMxMTAvBgNV
BAMTKDc2NjRGQ0NFQzNFQjhCQTI3RDk2NkU4OUMwQzlCQzM3OUQ2ODcxODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5WgWxV4JHwqGEsH8JvN52SfTI
SAp8etGKi+NiR55MmNldiI8PsVmWr1aa5UxjZkB8wopFSUMeCoSw6TEQR2WKe56s
4z2K+9/9PtvN6ZKblN25naZ0xTjr0baJiegKFaOraMJJuhDuBbixnLBp9JdzY66w
TTXWH4xccS9zwszdZz0TeMakIkQBtgysf+7CITXRAO8+bW8JW/DTG2e+0/+xJigm
obq6A2MGNvbDKij53NxfYKneYTGO/lW9XExdMY1j8PU+8qhpd6Es0CxNcqsAAqWb
6o/XxwfBZL9vUg+Z6xGkKCp/jyxkXf93S3pJhaz1xzdGQRblj8zzwshv7JIxAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUdmT8zsPri6J9lm6JwMm8N51ocYAwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjE1MTUyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQAtdbR
MBsEAgACMBUDBQMqCnoAAwUDKgqSAAMFAyoKpgAwDQYJKoZIhvcNAQELBQADggEB
AGv3feavwSMwXJxQse9cKxcVQBHucHtM5kIfZTGH4dV6l4cTUfIybj3WmUTqJ/vD
tISwgW8ygC9oewFto1HLF0layPuvr1+B+wzDAYz+zX9Sk+7rr8k8cHi7RaKIc9GT
/Rsqj364b4KdADZgp6jxtC/7kEz8sAE+qAcxKoqvEXJ7diORngZx+qaMsNwFb0jE
/R38fwe7JDnLvkDLkCy4aUDo8mPfYAfU9dF829Kwani6V0uskeWcZZ47FNwseGF/
nmGxPncKfmNeCeyZjzVPtRHMG2XLx0n3qGkIAtuBv+F/gIRuzkdzdbzbsuVc9pMc
ctmeaABCmT8Ekv1Vm8nfgfo=
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:25:21 2026 by rpki-client