Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215703.roa
File: AS215703.roa (raw, json)
Hash identifier: 8Ea+COF56Vut5v2kRjXLCf5du7xUWdx8/Pc2qaB09gY=
Subject key identifier: 8A:9B:F4:1A:46:0E:71:EA:2F:0F:00:9F:D9:AA:39:F4:F7:F3:4C:D0
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 1FEA985DCF51C2D7CC25563B7084213AEDB2D3DA
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215703.roa
Signing time: Mon 16 Jun 2025 14:18:47 +0000
ROA not before: Mon 16 Jun 2025 14:13:47 +0000
ROA not after: Mon 15 Jun 2026 14:18:47 +0000
asID: 215703
IP address blocks: 82.22.174.0/24 maxlen: 24
82.22.184.0/24 maxlen: 24
82.27.2.0/24 maxlen: 24
82.29.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 11:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:ea:98:5d:cf:51:c2:d7:cc:25:56:3b:70:84:21:3a:ed:b2:d3:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 16 14:13:47 2025 GMT
Not After : Jun 15 14:18:47 2026 GMT
Subject: CN=8A9BF41A460E71EA2F0F009FD9AA39F4F7F34CD0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:79:d5:1c:5b:1b:03:e1:53:60:51:83:3b:5b:
7d:b1:9f:14:d8:65:61:e6:d2:ee:6e:e5:e2:05:d0:
0a:92:0a:b7:2c:5e:12:dd:03:0c:26:01:b6:39:75:
a3:d0:ad:31:65:e1:7c:8f:39:4f:27:2a:d7:51:e4:
32:d4:f8:a8:26:d6:af:15:38:df:5a:b8:6e:91:ac:
81:f5:ba:43:1e:d0:36:12:da:d3:36:a8:5e:d7:c3:
3a:39:69:8e:06:e9:13:db:9f:eb:50:67:3e:bc:d5:
45:ef:f8:2d:0e:c7:cb:54:53:3f:7d:91:2c:4e:4d:
ae:c2:d8:e2:83:1c:71:93:c8:a6:51:f7:c4:2d:cd:
f7:56:25:59:4e:80:a7:0b:6f:e1:f2:38:64:12:27:
f8:7e:a4:de:57:17:a6:e5:9f:72:8c:6a:ea:a8:75:
da:9a:68:b8:88:38:0c:cb:a1:62:17:f8:e6:9b:1c:
da:0b:28:b9:bf:08:8c:56:88:fe:39:d9:5f:73:24:
2f:b2:20:25:b2:c7:ad:b1:dc:8d:8d:51:70:24:ab:
38:5d:d4:e7:66:39:e4:9c:88:b0:51:8a:1e:13:1c:
2c:cb:42:e4:ff:e2:c1:81:09:93:f6:7e:2f:a9:e6:
fc:7e:dc:e5:ac:55:c2:51:1f:ba:b3:a0:1c:ed:95:
cc:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:9B:F4:1A:46:0E:71:EA:2F:0F:00:9F:D9:AA:39:F4:F7:F3:4C:D0
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215703.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.174.0/24
82.22.184.0/24
82.27.2.0/24
82.29.1.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:d1:3d:1d:c0:ec:45:04:4d:a3:4f:ab:95:81:98:6b:2f:e6:
d5:c2:95:9c:74:78:c1:39:ec:30:7e:ed:bd:60:16:ff:77:34:
9e:30:ef:c4:39:56:fc:c7:e0:4d:48:f4:e2:6f:45:5e:ff:2f:
d2:a3:ef:87:6c:36:fb:73:a8:a0:df:3b:eb:b5:bf:33:21:30:
82:23:b5:d2:b0:5b:51:e8:bf:80:bc:12:10:4e:aa:a7:44:a0:
2a:93:85:5b:a6:ca:52:e1:95:1e:a1:3c:57:31:f5:be:a4:2e:
da:e7:d2:3e:31:57:1c:14:46:8a:64:70:30:2c:92:11:0d:2a:
e3:b5:8c:06:5d:21:34:c1:fe:7a:44:c9:72:36:8a:5d:af:ef:
b7:eb:2f:b4:1a:e3:6f:a3:cb:5d:5b:0d:16:36:93:68:81:82:
f9:a9:1c:ac:f4:ae:b9:d5:56:26:74:9e:81:67:9c:c6:62:d2:
06:69:92:ee:e6:c7:ad:c7:79:72:45:7f:8b:48:4a:76:15:82:
42:63:30:40:9c:62:a9:3a:08:22:b0:ef:40:18:1d:27:f6:c2:
0b:29:13:92:c9:db:27:d9:81:06:e9:d6:df:fa:50:e7:f5:df:
3d:ca:bd:43:8b:38:a2:9e:60:04:b1:0e:73:03:38:ab:27:86:
50:6f:38:eb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUH+qYXc9RwtfMJVY7cIQhOu2y09owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MTYxNDEzNDdaFw0yNjA2MTUxNDE4NDdaMDMxMTAvBgNV
BAMTKDhBOUJGNDFBNDYwRTcxRUEyRjBGMDA5RkQ5QUEzOUY0RjdGMzRDRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZedUcWxsD4VNgUYM7W32xnxTY
ZWHm0u5u5eIF0AqSCrcsXhLdAwwmAbY5daPQrTFl4XyPOU8nKtdR5DLU+Kgm1q8V
ON9auG6RrIH1ukMe0DYS2tM2qF7Xwzo5aY4G6RPbn+tQZz681UXv+C0Ox8tUUz99
kSxOTa7C2OKDHHGTyKZR98QtzfdWJVlOgKcLb+HyOGQSJ/h+pN5XF6bln3KMauqo
ddqaaLiIOAzLoWIX+OabHNoLKLm/CIxWiP452V9zJC+yICWyx62x3I2NUXAkqzhd
1OdmOeSciLBRih4THCzLQuT/4sGBCZP2fi+p5vx+3OWsVcJRH7qzoBztlczZAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUipv0GkYOceovDwCf2ao59PfzTNAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1NzAzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUhau
AwQAUha4AwQAUhsCAwQAUh0BMA0GCSqGSIb3DQEBCwUAA4IBAQCM0T0dwOxFBE2j
T6uVgZhrL+bVwpWcdHjBOewwfu29YBb/dzSeMO/EOVb8x+BNSPTib0Ve/y/So++H
bDb7c6ig3zvrtb8zITCCI7XSsFtR6L+AvBIQTqqnRKAqk4VbpspS4ZUeoTxXMfW+
pC7a59I+MVccFEaKZHAwLJIRDSrjtYwGXSE0wf56RMlyNopdr++36y+0GuNvo8td
Ww0WNpNogYL5qRys9K651VYmdJ6BZ5zGYtIGaZLu5setx3lyRX+LSEp2FYJCYzBA
nGKpOggisO9AGB0n9sILKROSydsn2YEG6dbf+lDn9d89yr1DiziinmAEsQ5zAzir
J4ZQbzjr
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:50:00 2025 by rpki-client