Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215304.roa
File: AS215304.roa (raw, json)
Hash identifier: IKHSovoY56HoNX5X4twqwzX3yDvsile2q5SHT8uFuso=
Subject key identifier: 6D:F5:BF:4C:87:3C:C0:75:76:79:20:B6:E3:1A:67:6F:82:4A:0F:0B
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 53DACFE2F3BE37E7910E5D05D55FDBEF56F27401
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215304.roa
Signing time: Thu 07 Aug 2025 14:43:40 +0000
ROA not before: Thu 07 Aug 2025 14:38:40 +0000
ROA not after: Thu 06 Aug 2026 14:43:40 +0000
asID: 215304
IP address blocks: 82.24.127.0/24 maxlen: 24
82.24.189.0/24 maxlen: 24
82.25.46.0/23 maxlen: 24
82.26.72.0/23 maxlen: 24
82.26.78.0/23 maxlen: 24
82.26.91.0/24 maxlen: 24
82.26.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:da:cf:e2:f3:be:37:e7:91:0e:5d:05:d5:5f:db:ef:56:f2:74:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 7 14:38:40 2025 GMT
Not After : Aug 6 14:43:40 2026 GMT
Subject: CN=6DF5BF4C873CC075767920B6E31A676F824A0F0B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:41:3b:30:da:e3:07:48:59:6a:6f:15:be:18:
c2:cb:06:e4:c3:6a:04:c2:7c:b9:5d:2d:66:d0:3d:
61:0a:51:6e:85:98:b0:24:ec:07:4e:4c:84:83:ea:
23:97:e3:3b:00:38:28:42:5d:7f:6a:19:65:65:23:
e5:55:c7:fe:c1:0a:4e:72:af:c1:06:5c:0f:b4:98:
3b:46:15:2e:58:fb:1c:b0:0f:ea:24:43:47:4e:b5:
65:93:89:58:2c:e5:ee:53:ca:76:e2:e2:16:20:af:
16:06:38:c7:e1:d8:92:2d:45:27:2a:80:bf:f3:d5:
2e:03:ef:c0:e7:ce:85:72:cb:83:5d:a2:8d:65:ed:
ce:14:20:50:c2:ec:a3:4f:a1:0d:13:c8:a5:09:bc:
46:ac:8b:20:a1:f4:4b:65:10:d9:d6:bd:b9:35:ec:
d8:b3:7d:3e:d9:03:79:1f:f7:f2:5a:e3:a6:ec:3c:
47:65:b0:eb:f1:ad:fa:5f:5c:65:ec:b8:9c:cd:49:
0e:2d:ad:d7:9a:3f:82:f7:6e:29:6f:e5:8f:a5:63:
50:e4:00:6d:40:f4:b9:2b:19:89:d4:4a:a8:ff:97:
ff:6c:1c:1d:87:95:75:f6:ee:dc:8b:13:d0:a4:bc:
8c:d5:43:ac:e2:f0:4a:36:e1:12:61:00:85:28:9e:
f1:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:F5:BF:4C:87:3C:C0:75:76:79:20:B6:E3:1A:67:6F:82:4A:0F:0B
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.24.127.0/24
82.24.189.0/24
82.25.46.0/23
82.26.72.0/23
82.26.78.0/23
82.26.91.0/24
82.26.93.0/24
Signature Algorithm: sha256WithRSAEncryption
97:19:4d:42:60:67:92:da:43:8a:4a:a4:d5:49:4d:ad:aa:1f:
50:2b:2f:b1:fb:b9:d3:e9:5e:dd:05:e6:fb:96:8a:c8:36:4f:
0c:c5:56:3b:1a:33:bd:a2:cb:d6:33:fe:d9:51:b2:96:0f:e7:
91:a5:72:7f:3b:70:37:3f:b2:6d:86:bb:86:8c:47:56:28:3c:
45:ac:62:21:24:3a:ad:5b:ee:56:e0:53:44:75:95:f4:ed:ef:
66:65:c1:65:58:40:31:72:ec:d6:35:78:40:3a:c3:06:67:e5:
ff:d7:fe:cc:0a:20:4f:65:e6:66:eb:bb:7c:84:a6:0b:91:d7:
3c:57:03:41:ad:c9:be:8e:53:13:9b:82:a1:65:0f:0c:9d:3c:
3e:96:5f:69:42:27:7f:37:e0:70:f2:53:4e:67:7e:4a:05:bd:
d6:f5:97:ad:79:cb:84:fb:59:02:2c:aa:55:85:97:6d:22:8b:
62:ba:3b:df:d5:d0:67:1f:b1:1d:30:82:b0:b9:a9:ab:9d:76:
a8:9d:7d:21:28:4e:0c:a9:c4:2a:a2:15:95:6c:d0:3d:ef:01:
85:e7:b6:3a:f1:c9:75:f0:75:45:75:fd:b8:8c:9f:b7:a0:79:
33:f7:9c:64:cc:99:e0:57:1a:c0:3f:a6:56:a1:c1:8e:f7:3e:
3e:1f:49:37
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUU9rP4vO+N+eRDl0F1V/b71bydAEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MDcxNDM4NDBaFw0yNjA4MDYxNDQzNDBaMDMxMTAvBgNV
BAMTKDZERjVCRjRDODczQ0MwNzU3Njc5MjBCNkUzMUE2NzZGODI0QTBGMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeQTsw2uMHSFlqbxW+GMLLBuTD
agTCfLldLWbQPWEKUW6FmLAk7AdOTISD6iOX4zsAOChCXX9qGWVlI+VVx/7BCk5y
r8EGXA+0mDtGFS5Y+xywD+okQ0dOtWWTiVgs5e5Tynbi4hYgrxYGOMfh2JItRScq
gL/z1S4D78DnzoVyy4Ndoo1l7c4UIFDC7KNPoQ0TyKUJvEasiyCh9EtlENnWvbk1
7NizfT7ZA3kf9/Ja46bsPEdlsOvxrfpfXGXsuJzNSQ4trdeaP4L3bilv5Y+lY1Dk
AG1A9LkrGYnUSqj/l/9sHB2HlXX27tyLE9CkvIzVQ6zi8Eo24RJhAIUonvFPAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUbfW/TIc8wHV2eSC24xpnb4JKDwswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUhh/
AwQAUhi9AwQBUhkuAwQBUhpIAwQBUhpOAwQAUhpbAwQAUhpdMA0GCSqGSIb3DQEB
CwUAA4IBAQCXGU1CYGeS2kOKSqTVSU2tqh9QKy+x+7nT6V7dBeb7lorINk8MxVY7
GjO9osvWM/7ZUbKWD+eRpXJ/O3A3P7JthruGjEdWKDxFrGIhJDqtW+5W4FNEdZX0
7e9mZcFlWEAxcuzWNXhAOsMGZ+X/1/7MCiBPZeZm67t8hKYLkdc8VwNBrcm+jlMT
m4KhZQ8MnTw+ll9pQid/N+Bw8lNOZ35KBb3W9ZetecuE+1kCLKpVhZdtIotiujvf
1dBnH7EdMIKwuamrnXaonX0hKE4MqcQqohWVbNA97wGF57Y68cl18HVFdf24jJ+3
oHkz95xkzJngVxrAP6ZWocGO9z4+H0k3
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:07:37 2025 by rpki-client