Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS153517.roa
File: AS153517.roa (raw, json)
Hash identifier: J5I6UOsI/WLegenrNq0ZWNFdHYoMRtmd+xpB4U5gPa0=
Subject key identifier: 63:3C:72:49:98:E4:61:20:84:59:B8:7D:4B:62:49:78:C9:30:42:A5
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3AE313CA756CBED0E6849A9DB318375A068D164E
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS153517.roa
Signing time: Tue 28 Apr 2026 07:53:54 +0000
ROA not before: Tue 28 Apr 2026 07:48:54 +0000
ROA not after: Tue 27 Apr 2027 07:53:54 +0000
asID: 153517
IP address blocks: 82.40.32.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:e3:13:ca:75:6c:be:d0:e6:84:9a:9d:b3:18:37:5a:06:8d:16:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 28 07:48:54 2026 GMT
Not After : Apr 27 07:53:54 2027 GMT
Subject: CN=633C724998E461208459B87D4B624978C93042A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ee:9f:5f:ef:4c:8f:fd:4c:ff:b8:58:1a:e7:
13:61:da:79:0a:11:47:bb:ab:50:b0:22:7c:32:e3:
fa:e5:20:6b:55:49:3e:ce:2e:37:bf:ee:f1:64:3d:
4d:a2:6f:ec:02:16:5d:99:e3:88:30:33:95:77:10:
c6:09:fd:3d:56:8b:16:63:de:e2:0e:56:60:9e:10:
89:4d:c9:cc:cb:5e:73:79:5e:57:48:5e:d4:dc:c6:
70:d2:cb:4a:72:81:f5:3b:5e:7a:7c:a9:cc:ab:e3:
c7:82:ea:81:8d:80:85:65:54:37:94:30:da:f3:c7:
63:98:bb:84:cb:ca:74:84:3b:61:48:6b:bd:4b:c3:
e6:ac:97:5e:b2:5d:45:e5:5e:18:46:f4:8a:84:ca:
70:35:66:de:b3:a2:a9:a6:e6:81:ef:0f:71:3d:61:
02:f5:34:a9:f9:4c:ba:19:a4:a3:c3:80:a1:8d:70:
5a:84:95:f4:ca:bc:36:c1:f4:53:72:7d:d6:ca:5f:
61:00:74:70:9d:44:93:d4:15:af:06:9e:86:ea:b0:
66:b5:4e:ab:af:d4:e2:af:72:2a:b8:df:63:01:b8:
05:a5:89:24:67:c1:c0:dd:51:01:75:f0:4c:94:69:
a8:6c:be:3b:ce:49:54:78:f4:b9:b8:95:09:85:a1:
c0:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:3C:72:49:98:E4:61:20:84:59:B8:7D:4B:62:49:78:C9:30:42:A5
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS153517.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.40.32.0/22
Signature Algorithm: sha256WithRSAEncryption
38:07:fb:ff:c6:66:1c:e5:3f:4d:cb:1d:a0:5e:0d:50:3d:1e:
48:d3:ed:da:ea:37:3e:07:6c:63:79:c8:49:16:d8:89:e4:bd:
fc:39:d5:84:46:d8:49:bc:e8:f1:41:e7:10:38:40:59:73:04:
b7:23:43:a4:87:5c:4d:18:25:be:60:24:3f:eb:c2:90:88:8f:
b1:ea:8a:a7:59:c8:1f:17:fc:f6:f8:e6:e4:d1:eb:60:2e:03:
38:ea:ab:b0:d8:d3:10:35:7f:07:d7:a9:3c:af:1f:00:66:f8:
b6:bd:39:7a:55:30:26:21:41:9d:8d:23:93:d1:f1:c1:88:f0:
ab:9e:23:b7:3c:b5:35:e8:01:c9:bb:fc:bb:96:08:55:40:23:
c6:fa:1a:3a:0e:1a:20:7e:a5:58:5d:23:02:a7:0a:be:4d:1a:
70:91:19:10:d2:fd:84:fc:ba:d3:ed:63:de:3d:0e:14:30:0b:
5e:c2:bc:ae:e1:f9:1a:06:66:02:57:92:ca:e5:78:69:58:d7:
20:47:a8:99:77:45:19:be:89:34:89:56:5e:a8:a8:b2:30:c1:
9e:cb:08:75:8d:f5:3d:78:47:c2:0e:69:6b:f3:8f:6d:25:aa:
5d:33:1a:da:5a:b0:6c:0d:7a:8f:3f:14:e6:f0:89:8c:81:a9:
dc:98:8b:fd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUOuMTynVsvtDmhJqdsxg3WgaNFk4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MjgwNzQ4NTRaFw0yNzA0MjcwNzUzNTRaMDMxMTAvBgNV
BAMTKDYzM0M3MjQ5OThFNDYxMjA4NDU5Qjg3RDRCNjI0OTc4QzkzMDQyQTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw7p9f70yP/Uz/uFga5xNh2nkK
EUe7q1CwInwy4/rlIGtVST7OLje/7vFkPU2ib+wCFl2Z44gwM5V3EMYJ/T1WixZj
3uIOVmCeEIlNyczLXnN5XldIXtTcxnDSy0pygfU7Xnp8qcyr48eC6oGNgIVlVDeU
MNrzx2OYu4TLynSEO2FIa71Lw+asl16yXUXlXhhG9IqEynA1Zt6zoqmm5oHvD3E9
YQL1NKn5TLoZpKPDgKGNcFqElfTKvDbB9FNyfdbKX2EAdHCdRJPUFa8GnobqsGa1
Tquv1OKvciq432MBuAWliSRnwcDdUQF18EyUaahsvjvOSVR49Lm4lQmFocAnAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUYzxySZjkYSCEWbh9S2JJeMkwQqUwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTUzNTE3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUigg
MA0GCSqGSIb3DQEBCwUAA4IBAQA4B/v/xmYc5T9Nyx2gXg1QPR5I0+3a6jc+B2xj
echJFtiJ5L38OdWERthJvOjxQecQOEBZcwS3I0Okh1xNGCW+YCQ/68KQiI+x6oqn
WcgfF/z2+Obk0etgLgM46quw2NMQNX8H16k8rx8AZvi2vTl6VTAmIUGdjSOT0fHB
iPCrniO3PLU16AHJu/y7lghVQCPG+ho6DhogfqVYXSMCpwq+TRpwkRkQ0v2E/LrT
7WPePQ4UMAtewryu4fkaBmYCV5LK5XhpWNcgR6iZd0UZvok0iVZeqKiyMMGeywh1
jfU9eEfCDmlr849tJapdMxraWrBsDXqPPxTm8ImMgancmIv9
-----END CERTIFICATE-----
Generated at Wed May 13 04:20:44 2026 by rpki-client