Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215152.roa
File: AS215152.roa (raw, json)
Hash identifier: 5GYL+7VPv3nNKEko4mG1lX6BtRSf2/fk1kJJltbev4E=
Subject key identifier: 3C:45:AF:BD:20:0A:ED:97:08:60:8B:9B:0E:15:F1:9E:CF:52:2B:86
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 370D56474B6FF8A27583661117328EF5E4C540EB
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215152.roa
Signing time: Sun 10 May 2026 22:41:00 +0000
ROA not before: Sun 10 May 2026 22:36:00 +0000
ROA not after: Sun 09 May 2027 22:41:00 +0000
asID: 215152
IP address blocks: 82.24.25.0/24 maxlen: 24
82.24.48.0/24 maxlen: 24
82.25.16.0/24 maxlen: 24
82.47.28.0/24 maxlen: 24
82.47.51.0/24 maxlen: 24
82.47.55.0/24 maxlen: 24
82.47.96.0/24 maxlen: 24
82.47.100.0/24 maxlen: 24
82.47.109.0/24 maxlen: 24
82.47.118.0/24 maxlen: 24
82.47.123.0/24 maxlen: 24
82.47.124.0/24 maxlen: 24
82.47.128.0/24 maxlen: 24
82.47.129.0/24 maxlen: 24
82.47.134.0/24 maxlen: 24
82.47.137.0/24 maxlen: 24
82.47.151.0/24 maxlen: 24
82.47.172.0/24 maxlen: 24
82.47.178.0/24 maxlen: 24
82.47.183.0/24 maxlen: 24
82.47.188.0/24 maxlen: 24
82.47.210.0/24 maxlen: 24
84.75.207.0/24 maxlen: 24
84.75.210.0/24 maxlen: 24
178.83.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:0d:56:47:4b:6f:f8:a2:75:83:66:11:17:32:8e:f5:e4:c5:40:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 10 22:36:00 2026 GMT
Not After : May 9 22:41:00 2027 GMT
Subject: CN=3C45AFBD200AED9708608B9B0E15F19ECF522B86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8e:a9:80:8b:81:48:59:1b:21:28:92:95:03:
60:09:5b:f6:35:50:fe:ad:59:f8:f6:35:2b:40:32:
5b:26:19:3e:cd:85:f8:96:dd:22:78:4b:19:4c:6d:
f8:0c:f2:e5:20:67:2f:54:c1:d7:b6:38:25:9b:b5:
f5:e8:94:18:ff:cb:a4:77:73:50:c2:47:0c:39:7a:
c5:a0:95:66:ef:02:b6:d7:5e:df:1f:fa:d6:41:9a:
88:5e:63:2b:58:ee:b8:0e:b3:0c:ed:59:27:d2:34:
c6:33:ef:d6:dc:49:0b:9c:e9:b4:c7:38:eb:8d:5f:
ee:55:f2:65:0c:d9:f2:62:07:55:04:35:d9:8b:cf:
38:95:02:69:9b:8f:1e:45:4a:7c:a0:6e:3f:e2:60:
9c:a5:f7:e6:58:17:2d:9b:a3:bf:79:41:96:bf:21:
aa:05:4c:c6:d5:63:ff:98:d9:8c:e2:b1:e1:8d:05:
be:f2:dd:ed:2e:14:cb:3c:1a:f6:f0:1b:0a:21:68:
97:5f:7b:68:10:38:1a:f6:0c:3a:6c:38:27:96:ab:
de:8d:e9:fd:58:5a:93:45:c5:94:0e:27:81:91:dd:
b4:79:2f:dc:a5:26:18:61:a5:88:f3:8d:74:af:a8:
0d:d0:4b:1d:5f:0a:21:c1:c0:32:c4:89:60:85:08:
4e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:45:AF:BD:20:0A:ED:97:08:60:8B:9B:0E:15:F1:9E:CF:52:2B:86
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215152.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.24.25.0/24
82.24.48.0/24
82.25.16.0/24
82.47.28.0/24
82.47.51.0/24
82.47.55.0/24
82.47.96.0/24
82.47.100.0/24
82.47.109.0/24
82.47.118.0/24
82.47.123.0-82.47.124.255
82.47.128.0/23
82.47.134.0/24
82.47.137.0/24
82.47.151.0/24
82.47.172.0/24
82.47.178.0/24
82.47.183.0/24
82.47.188.0/24
82.47.210.0/24
84.75.207.0/24
84.75.210.0/24
178.83.212.0/24
Signature Algorithm: sha256WithRSAEncryption
41:14:79:a7:64:8f:89:f1:2d:68:34:e0:3e:73:af:b0:5d:18:
70:5f:94:1f:ef:24:e0:ee:a5:57:34:93:16:0c:aa:c6:e5:72:
86:a5:17:a1:7c:bd:cc:f0:07:e6:d7:f6:c4:c0:e4:8b:5b:17:
65:76:81:3a:02:69:09:ff:d8:42:78:8b:f3:02:ba:53:87:56:
e8:4d:8c:d2:82:06:e0:f5:a5:8b:35:5a:12:82:37:57:06:81:
a8:a4:81:49:27:c9:64:ba:34:66:49:01:e2:05:89:86:a0:8e:
89:37:f6:0a:11:4d:59:2a:ff:f6:5d:3f:a4:da:9d:64:3a:34:
0f:35:aa:b1:44:f5:6a:f9:1f:d5:45:71:79:12:48:2e:6d:49:
85:b1:48:7f:57:04:5e:0f:0a:77:dc:40:6e:d1:0f:86:7d:d1:
1b:9a:c0:a9:62:0d:85:dc:0b:e3:af:3c:3e:c8:98:f4:bc:26:
5d:bf:01:37:be:9d:bd:3c:2a:81:39:ce:02:ce:19:ef:ba:25:
29:1c:10:76:24:45:be:72:6f:45:10:fa:b0:e7:b5:7e:9a:b5:
2e:8a:62:68:a5:99:dd:27:68:ad:18:56:c1:2f:48:45:f8:a4:
f5:1d:9e:67:91:d5:75:36:86:e3:3b:0b:d0:c7:49:d6:39:47:
9f:43:2a:cd
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIUNw1WR0tv+KJ1g2YRFzKO9eTFQOswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MTAyMjM2MDBaFw0yNzA1MDkyMjQxMDBaMDMxMTAvBgNV
BAMTKDNDNDVBRkJEMjAwQUVEOTcwODYwOEI5QjBFMTVGMTlFQ0Y1MjJCODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+jqmAi4FIWRshKJKVA2AJW/Y1
UP6tWfj2NStAMlsmGT7NhfiW3SJ4SxlMbfgM8uUgZy9Uwde2OCWbtfXolBj/y6R3
c1DCRww5esWglWbvArbXXt8f+tZBmoheYytY7rgOswztWSfSNMYz79bcSQuc6bTH
OOuNX+5V8mUM2fJiB1UENdmLzziVAmmbjx5FSnygbj/iYJyl9+ZYFy2bo795QZa/
IaoFTMbVY/+Y2YziseGNBb7y3e0uFMs8GvbwGwohaJdfe2gQOBr2DDpsOCeWq96N
6f1YWpNFxZQOJ4GR3bR5L9ylJhhhpYjzjXSvqA3QSx1fCiHBwDLEiWCFCE4PAgMB
AAGjggKbMIIClzAdBgNVHQ4EFgQUPEWvvSAK7ZcIYIubDhXxns9SK4YwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1MTUyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZID
BABSGBkDBABSGDADBABSGRADBABSLxwDBABSLzMDBABSLzcDBABSL2ADBABSL2QD
BABSL20DBABSL3YwDAMEAFIvewMEAFIvfAMEAVIvgAMEAFIvhgMEAFIviQMEAFIv
lwMEAFIvrAMEAFIvsgMEAFIvtwMEAFIvvAMEAFIv0gMEAFRLzwMEAFRL0gMEALJT
1DANBgkqhkiG9w0BAQsFAAOCAQEAQRR5p2SPifEtaDTgPnOvsF0YcF+UH+8k4O6l
VzSTFgyqxuVyhqUXoXy9zPAH5tf2xMDki1sXZXaBOgJpCf/YQniL8wK6U4dW6E2M
0oIG4PWlizVaEoI3VwaBqKSBSSfJZLo0ZkkB4gWJhqCOiTf2ChFNWSr/9l0/pNqd
ZDo0DzWqsUT1avkf1UVxeRJILm1JhbFIf1cEXg8Kd9xAbtEPhn3RG5rAqWINhdwL
4688PsiY9LwmXb8BN76dvTwqgTnOAs4Z77olKRwQdiRFvnJvRRD6sOe1fpq1Lopi
aKWZ3SdorRhWwS9IRfik9R2eZ5HVdTaG4zsL0MdJ1jlHn0MqzQ==
-----END CERTIFICATE-----
Generated at Tue May 12 23:39:59 2026 by rpki-client