Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215481.roa
File: AS215481.roa (raw, json)
Hash identifier: t9VP7vqqEo1J75XPbEMEd4474DJkmIbmEgkOj1WJgHE=
Subject key identifier: DD:FA:BF:A8:EB:97:36:99:01:BB:8F:84:31:EF:EC:DF:B2:39:54:05
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 25B14D434F5CCED3F570EACE6A0E0126BFD643B9
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215481.roa
Signing time: Wed 29 Apr 2026 07:47:07 +0000
ROA not before: Wed 29 Apr 2026 07:42:07 +0000
ROA not after: Wed 28 Apr 2027 07:47:07 +0000
asID: 215481
IP address blocks: 2a13:9500:65::/48 maxlen: 48
2a13:9500:6d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:b1:4d:43:4f:5c:ce:d3:f5:70:ea:ce:6a:0e:01:26:bf:d6:43:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 29 07:42:07 2026 GMT
Not After : Apr 28 07:47:07 2027 GMT
Subject: CN=DDFABFA8EB97369901BB8F8431EFECDFB2395405
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4d:8d:b7:55:f4:b2:06:2a:32:4b:88:4f:e2:
15:8b:65:de:bd:de:7a:5c:38:ee:4b:a2:d4:d4:ec:
1c:14:a2:4f:c7:fc:70:85:33:5d:b2:54:b3:f1:fa:
1a:b6:4f:c2:3b:57:bb:05:73:a7:f0:c6:cf:b3:39:
51:3b:97:7f:05:45:c5:af:2d:2b:bc:a6:0d:77:13:
29:19:ca:62:24:ae:b4:9f:45:14:e3:f5:58:0b:eb:
3d:b9:c0:bb:70:52:73:71:35:a4:ff:bb:36:6c:bf:
8d:ca:9d:8b:37:a2:f0:dd:39:c0:19:59:04:7b:44:
a2:67:d1:57:ef:db:6c:37:1b:98:32:db:82:14:5a:
a9:11:42:bb:31:2f:78:1a:a4:91:86:a8:87:48:19:
1a:50:6f:5e:2a:7a:77:9d:3f:6e:01:f0:50:9a:4e:
47:09:94:49:13:3b:20:06:1e:a4:02:14:9b:f9:f1:
54:3f:cb:b3:78:f5:a7:96:4c:49:7e:1c:89:20:a8:
e1:7e:fe:d6:f9:b7:f0:96:3e:b6:9e:7a:d7:cb:2f:
7e:b9:e4:3e:ff:5b:d3:c7:e0:c4:3d:7e:b7:0b:1a:
41:8a:5a:39:4b:a7:a0:e5:af:51:c4:d6:cf:57:61:
47:07:9a:0e:6b:5d:97:c2:72:06:49:eb:f7:f3:38:
d3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:FA:BF:A8:EB:97:36:99:01:BB:8F:84:31:EF:EC:DF:B2:39:54:05
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215481.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:65::/48
2a13:9500:6d::/48
Signature Algorithm: sha256WithRSAEncryption
72:18:83:37:4e:4a:74:5a:d4:bc:e4:aa:d3:73:5d:57:53:88:
4a:ea:bc:1e:9d:36:68:af:14:3a:01:11:7e:7f:51:b9:4d:3e:
61:c7:c9:69:51:c8:42:a4:cc:69:cd:b9:ce:2f:1a:ac:be:65:
ec:d5:10:f5:36:e4:af:ef:b2:d5:8a:f5:b6:ec:c3:55:5b:2e:
97:c4:78:ce:61:13:27:a5:5c:09:45:da:78:75:93:17:66:51:
8f:ba:10:5c:27:00:2a:f6:4c:5b:e5:bf:d8:87:6d:fb:b4:01:
32:4b:91:60:78:b3:61:c5:04:b0:9a:d5:13:ff:08:1a:b9:bf:
34:f2:3c:65:35:d0:18:d0:ff:b8:ce:6b:55:7c:2e:27:9c:9f:
04:65:f5:0a:0b:42:44:5f:f6:bf:93:c0:78:2d:5c:98:cd:47:
66:60:56:2b:9d:40:86:5e:cd:12:78:6f:a9:3e:ab:fa:88:cf:
9e:06:7a:90:50:12:c5:38:d9:50:07:d6:ea:d8:f5:8f:d6:6e:
68:ef:2a:36:31:92:57:f3:ad:bf:35:29:85:e2:e4:fa:0c:21:
c1:7e:da:25:92:ae:88:55:7c:28:72:7b:86:04:53:3e:9d:f6:
f5:be:6f:9e:f8:9b:f8:9b:c4:45:47:aa:b3:3d:b1:1a:19:fe:
53:ed:a4:4b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUJbFNQ09cztP1cOrOag4BJr/WQ7kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MjkwNzQyMDdaFw0yNzA0MjgwNzQ3MDdaMDMxMTAvBgNV
BAMTKERERkFCRkE4RUI5NzM2OTkwMUJCOEY4NDMxRUZFQ0RGQjIzOTU0MDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYTY23VfSyBioyS4hP4hWLZd69
3npcOO5LotTU7BwUok/H/HCFM12yVLPx+hq2T8I7V7sFc6fwxs+zOVE7l38FRcWv
LSu8pg13EykZymIkrrSfRRTj9VgL6z25wLtwUnNxNaT/uzZsv43KnYs3ovDdOcAZ
WQR7RKJn0Vfv22w3G5gy24IUWqkRQrsxL3gapJGGqIdIGRpQb14qenedP24B8FCa
TkcJlEkTOyAGHqQCFJv58VQ/y7N49aeWTEl+HIkgqOF+/tb5t/CWPraeetfLL365
5D7/W9PH4MQ9frcLGkGKWjlLp6Dlr1HE1s9XYUcHmg5rXZfCcgZJ6/fzONMbAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQU3fq/qOuXNpkBu4+EMe/s37I5VAUwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1NDgxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhOV
AABlAwcAKhOVAABtMA0GCSqGSIb3DQEBCwUAA4IBAQByGIM3Tkp0WtS85KrTc11X
U4hK6rwenTZorxQ6ARF+f1G5TT5hx8lpUchCpMxpzbnOLxqsvmXs1RD1NuSv77LV
ivW27MNVWy6XxHjOYRMnpVwJRdp4dZMXZlGPuhBcJwAq9kxb5b/Yh237tAEyS5Fg
eLNhxQSwmtUT/wgaub808jxlNdAY0P+4zmtVfC4nnJ8EZfUKC0JEX/a/k8B4LVyY
zUdmYFYrnUCGXs0SeG+pPqv6iM+eBnqQUBLFONlQB9bq2PWP1m5o7yo2MZJX862/
NSmF4uT6DCHBftolkq6IVXwocnuGBFM+nfb1vm+e+Jv4m8RFR6qzPbEaGf5T7aRL
-----END CERTIFICATE-----
Generated at Wed May 13 06:31:12 2026 by rpki-client