Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215030.roa
File: AS215030.roa (raw, json)
Hash identifier: Bw+HnAqIaF10nfMCmrV9MjJRyAvY+iAhiBtqtVnwJTo=
Subject key identifier: 02:EB:5B:05:F0:3A:C3:8D:2B:D2:84:0C:A4:F5:06:D4:D0:FB:5C:AE
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 05DF776E277DA15255225A002132122F68BC1CBA
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215030.roa
Signing time: Thu 19 Mar 2026 15:41:49 +0000
ROA not before: Thu 19 Mar 2026 15:36:49 +0000
ROA not after: Thu 18 Mar 2027 15:41:49 +0000
asID: 215030
IP address blocks: 82.41.64.0/24 maxlen: 24
82.41.67.0/24 maxlen: 24
2a13:9500:14c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:df:77:6e:27:7d:a1:52:55:22:5a:00:21:32:12:2f:68:bc:1c:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 19 15:36:49 2026 GMT
Not After : Mar 18 15:41:49 2027 GMT
Subject: CN=02EB5B05F03AC38D2BD2840CA4F506D4D0FB5CAE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:55:9a:31:f3:59:32:53:d6:3b:7a:76:f8:e7:
cc:77:6e:40:b0:bc:cd:3f:c8:51:90:28:af:4c:5e:
31:3e:4a:b8:b0:e2:c2:e0:72:54:56:4b:ff:92:de:
64:db:c1:87:6c:d8:31:83:88:87:0c:5a:12:48:cc:
01:28:44:68:85:aa:72:89:a2:c5:6a:96:1a:75:f4:
fe:44:d4:60:58:b0:16:cd:10:4b:40:29:ac:db:f8:
77:bf:d2:74:49:7e:93:70:d7:b1:a9:cd:a6:90:ce:
96:f1:51:56:59:21:84:42:e3:be:bb:78:88:4d:95:
44:80:71:55:3a:e8:e0:00:fa:c9:ff:87:d3:00:0c:
40:5a:92:15:bd:3a:a6:00:56:e5:c9:38:96:f5:9d:
15:b3:b0:c8:e6:ba:b3:42:9b:77:5f:95:72:1f:87:
34:8d:c4:16:76:59:da:be:9e:3a:d9:b1:92:2a:68:
9f:d3:2f:e0:58:56:02:2d:17:b6:2d:0f:46:41:31:
86:06:aa:be:02:00:1c:c1:49:5a:94:f4:1c:2f:f2:
18:31:93:b6:bf:7e:bb:8e:4a:51:27:2f:45:a0:80:
9f:3a:b6:2f:c6:47:a4:ca:9b:35:3b:f3:6b:49:ae:
00:98:e3:05:e2:11:6d:a8:58:24:87:8c:20:9c:e4:
91:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:EB:5B:05:F0:3A:C3:8D:2B:D2:84:0C:A4:F5:06:D4:D0:FB:5C:AE
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.41.64.0/24
82.41.67.0/24
IPv6:
2a13:9500:14c::/48
Signature Algorithm: sha256WithRSAEncryption
10:6d:00:96:db:3f:32:70:05:26:a3:35:70:87:be:54:14:af:
88:df:3c:01:1d:67:6c:4d:0d:fd:a5:24:c8:7c:24:e9:ff:41:
76:ce:dd:04:64:b1:9f:4a:ae:e8:d0:7a:66:35:22:6f:79:71:
58:ba:83:4b:e2:0a:e3:a3:e5:59:d1:77:fd:7a:be:2f:c7:04:
52:c6:a9:aa:0d:68:2b:e4:56:10:40:83:1a:7c:58:cc:59:de:
03:8a:54:f4:26:f5:c0:b9:67:e0:27:4e:1b:b2:01:50:6d:c5:
cf:f9:e3:1f:78:ba:40:27:54:16:2c:26:53:bd:42:42:0f:e7:
ca:6a:e2:cb:ba:f9:ed:7f:1d:4f:2a:04:8f:ee:de:2f:73:33:
3b:7b:eb:d2:ea:64:de:1e:cc:8a:fb:8f:05:0a:9e:90:af:98:
5c:d4:bd:8a:61:e3:be:d2:3a:90:e7:3f:64:6c:73:cd:96:d8:
da:52:51:ae:94:ac:26:98:fb:af:95:a9:cd:62:62:05:c8:e8:
be:f6:b3:7d:8a:c3:b2:0b:00:1e:c6:19:a5:ad:ed:1f:7f:8a:
3e:9a:d8:b5:c4:cb:2f:2e:50:3c:be:1e:de:3d:4f:39:99:ce:
a2:c5:15:bf:d0:3c:26:4d:be:0f:2a:da:1a:d7:eb:35:1e:de:
32:bb:8d:b6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUBd93bid9oVJVIloAITISL2i8HLowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMTkxNTM2NDlaFw0yNzAzMTgxNTQxNDlaMDMxMTAvBgNV
BAMTKDAyRUI1QjA1RjAzQUMzOEQyQkQyODQwQ0E0RjUwNkQ0RDBGQjVDQUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9VZox81kyU9Y7enb458x3bkCw
vM0/yFGQKK9MXjE+Sriw4sLgclRWS/+S3mTbwYds2DGDiIcMWhJIzAEoRGiFqnKJ
osVqlhp19P5E1GBYsBbNEEtAKazb+He/0nRJfpNw17GpzaaQzpbxUVZZIYRC4767
eIhNlUSAcVU66OAA+sn/h9MADEBakhW9OqYAVuXJOJb1nRWzsMjmurNCm3dflXIf
hzSNxBZ2Wdq+njrZsZIqaJ/TL+BYVgItF7YtD0ZBMYYGqr4CABzBSVqU9Bwv8hgx
k7a/fruOSlEnL0WggJ86ti/GR6TKmzU782tJrgCY4wXiEW2oWCSHjCCc5JE1AgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUAutbBfA6w40r0oQMpPUG1ND7XK4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1MDMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAUilA
AwQAUilDMA8EAgACMAkDBwAqE5UAAUwwDQYJKoZIhvcNAQELBQADggEBABBtAJbb
PzJwBSajNXCHvlQUr4jfPAEdZ2xNDf2lJMh8JOn/QXbO3QRksZ9KrujQemY1Im95
cVi6g0viCuOj5VnRd/16vi/HBFLGqaoNaCvkVhBAgxp8WMxZ3gOKVPQm9cC5Z+An
ThuyAVBtxc/54x94ukAnVBYsJlO9QkIP58pq4su6+e1/HU8qBI/u3i9zMzt769Lq
ZN4ezIr7jwUKnpCvmFzUvYph477SOpDnP2Rsc82W2NpSUa6UrCaY+6+Vqc1iYgXI
6L72s32Kw7ILAB7GGaWt7R9/ij6a2LXEyy8uUDy+Ht49TzmZzqLFFb/QPCZNvg8q
2hrX6zUe3jK7jbY=
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:34:41 2026 by rpki-client