Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215152.roa
File: AS215152.roa (raw, json)
Hash identifier: KQGSaJVR3kF0WERR0Khp8PWMHqyWHaGOzNc2mOAsAyg=
Subject key identifier: 28:FF:6A:61:2A:C3:C4:FD:8D:A4:73:5E:DD:79:ED:D9:B2:9A:F7:09
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4636B76A3D20ABFC3457E9649813A878E1516A76
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215152.roa
Signing time: Tue 03 Mar 2026 06:16:39 +0000
ROA not before: Tue 03 Mar 2026 06:11:39 +0000
ROA not after: Tue 02 Mar 2027 06:16:39 +0000
asID: 215152
IP address blocks: 82.24.25.0/24 maxlen: 24
82.26.88.0/24 maxlen: 24
82.26.155.0/24 maxlen: 24
82.29.6.0/24 maxlen: 24
82.38.61.0/24 maxlen: 24
82.41.75.0/24 maxlen: 24
82.41.122.0/24 maxlen: 24
82.41.170.0/24 maxlen: 24
82.41.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:36:b7:6a:3d:20:ab:fc:34:57:e9:64:98:13:a8:78:e1:51:6a:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 3 06:11:39 2026 GMT
Not After : Mar 2 06:16:39 2027 GMT
Subject: CN=28FF6A612AC3C4FD8DA4735EDD79EDD9B29AF709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:28:aa:72:79:8d:7f:77:41:a1:23:79:f8:8d:
ab:41:39:c1:46:af:35:83:5c:90:20:cd:1e:a4:a1:
a4:00:99:25:ac:7d:3e:99:0f:47:1f:ad:8b:0f:ee:
5b:ea:24:63:9e:87:ed:f0:62:dd:0b:b3:3a:99:8d:
86:91:f3:f5:6e:9c:8d:f7:dc:6e:83:1b:79:4f:c9:
22:27:20:4d:5f:01:f3:09:2b:c2:6b:c4:ed:55:90:
ad:d5:24:5b:ad:59:77:57:d9:25:90:e6:7c:37:85:
30:ea:3b:1d:b5:95:b9:a8:f0:64:48:f1:4b:86:65:
0f:11:9d:2d:7b:b6:7d:a6:b7:58:6b:0e:12:17:70:
b5:a3:de:73:ba:6d:55:35:8f:de:a9:67:43:24:80:
f7:81:b8:ed:c2:61:be:7f:4c:64:63:4e:98:2a:5f:
d8:2a:82:61:ee:67:b9:f2:29:0e:92:99:c4:13:a3:
87:fe:03:0a:0c:b8:c7:36:00:1c:7b:e9:6c:ec:96:
e0:11:d8:99:af:4f:ee:f5:0b:4f:36:60:34:49:af:
5a:35:5d:4c:8e:b6:e5:90:2d:c4:a1:9d:c9:b5:48:
b7:d9:2a:5a:d0:2b:69:f0:f9:20:19:50:71:ef:5a:
ce:eb:ed:c0:f2:d2:a7:d9:52:9c:15:ff:8a:c2:22:
e2:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:FF:6A:61:2A:C3:C4:FD:8D:A4:73:5E:DD:79:ED:D9:B2:9A:F7:09
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215152.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.24.25.0/24
82.26.88.0/24
82.26.155.0/24
82.29.6.0/24
82.38.61.0/24
82.41.75.0/24
82.41.122.0/24
82.41.170.0/24
82.41.196.0/24
Signature Algorithm: sha256WithRSAEncryption
60:4b:ac:7a:03:b3:ca:ed:92:45:ae:1b:24:40:2b:95:44:9c:
eb:99:f3:b9:9d:39:0d:29:80:1c:0f:ce:8a:d2:8c:24:ab:3e:
a6:32:46:a2:89:6a:25:36:c7:0e:1e:4c:e1:50:62:81:20:c0:
fe:60:4a:e2:87:af:14:90:2a:75:76:ec:ac:04:f8:8a:08:98:
36:c0:07:4e:eb:2c:38:8f:f4:77:1f:ff:c8:be:de:87:e0:32:
6c:13:13:f1:3b:df:f7:b8:44:bc:1c:6a:77:a9:a8:90:d9:d7:
86:d5:f9:86:65:8a:20:60:79:70:4c:69:15:02:2f:3e:6e:a4:
f0:76:b2:e9:c8:9f:89:0b:46:27:89:ae:b0:f3:dd:1e:0d:ab:
fd:f6:47:8e:c3:aa:80:23:d5:0e:9f:b9:65:fc:9c:3b:9c:d2:
96:89:31:60:53:82:d0:1f:c1:91:32:7b:53:1d:0a:65:6e:f5:
9d:e3:91:ea:dd:b9:3a:bc:73:58:21:d6:8b:0a:68:c4:ac:18:
fa:72:3c:03:c1:5a:4d:57:f8:15:fd:da:01:f4:d9:9d:ca:9b:
6c:7a:23:a5:89:c0:2a:fe:57:9c:a8:b1:92:a0:1d:ec:6b:7b:
56:8a:8c:4e:49:4b:93:c5:cf:39:f3:7d:bb:1a:c1:d6:fc:fa:
29:77:46:87
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIURja3aj0gq/w0V+lkmBOoeOFRanYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMDMwNjExMzlaFw0yNzAzMDIwNjE2MzlaMDMxMTAvBgNV
BAMTKDI4RkY2QTYxMkFDM0M0RkQ4REE0NzM1RURENzlFREQ5QjI5QUY3MDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAKKpyeY1/d0GhI3n4jatBOcFG
rzWDXJAgzR6koaQAmSWsfT6ZD0cfrYsP7lvqJGOeh+3wYt0LszqZjYaR8/VunI33
3G6DG3lPySInIE1fAfMJK8JrxO1VkK3VJFutWXdX2SWQ5nw3hTDqOx21lbmo8GRI
8UuGZQ8RnS17tn2mt1hrDhIXcLWj3nO6bVU1j96pZ0MkgPeBuO3CYb5/TGRjTpgq
X9gqgmHuZ7nyKQ6SmcQTo4f+AwoMuMc2ABx76WzsluAR2JmvT+71C082YDRJr1o1
XUyOtuWQLcShncm1SLfZKlrQK2nw+SAZUHHvWs7r7cDy0qfZUpwV/4rCIuL9AgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQUKP9qYSrDxP2NpHNe3Xnt2bKa9wkwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1MTUyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAUhgZ
AwQAUhpYAwQAUhqbAwQAUh0GAwQAUiY9AwQAUilLAwQAUil6AwQAUimqAwQAUinE
MA0GCSqGSIb3DQEBCwUAA4IBAQBgS6x6A7PK7ZJFrhskQCuVRJzrmfO5nTkNKYAc
D86K0owkqz6mMkaiiWolNscOHkzhUGKBIMD+YErih68UkCp1duysBPiKCJg2wAdO
6yw4j/R3H//Ivt6H4DJsExPxO9/3uES8HGp3qaiQ2deG1fmGZYogYHlwTGkVAi8+
bqTwdrLpyJ+JC0Ynia6w890eDav99keOw6qAI9UOn7ll/Jw7nNKWiTFgU4LQH8GR
MntTHQplbvWd45Hq3bk6vHNYIdaLCmjErBj6cjwDwVpNV/gV/doB9NmdyptseiOl
icAq/lecqLGSoB3sa3tWioxOSUuTxc858327GsHW/Popd0aH
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:34:31 2026 by rpki-client