Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215727.roa
File: AS215727.roa (raw, json)
Hash identifier: ixsv2obVkUETSSvrAXMjmQU0lWaqg9gXiXkWXsfPf+I=
Subject key identifier: DD:2A:E2:2F:14:91:E7:41:7E:1C:84:B8:43:41:7F:18:C9:BE:7C:27
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3B56C0C2646C91896DC263DF1429A5D28D1E59FF
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215727.roa
Signing time: Sat 21 Jun 2025 00:01:58 +0000
ROA not before: Fri 20 Jun 2025 23:56:58 +0000
ROA not after: Sat 20 Jun 2026 00:01:58 +0000
asID: 215727
IP address blocks: 82.21.150.0/24 maxlen: 24
82.21.169.0/24 maxlen: 24
82.22.171.0/24 maxlen: 24
82.22.175.0/24 maxlen: 24
82.23.134.0/24 maxlen: 24
82.24.8.0/24 maxlen: 24
82.24.25.0/24 maxlen: 24
82.24.105.0/24 maxlen: 24
82.24.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 11:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:56:c0:c2:64:6c:91:89:6d:c2:63:df:14:29:a5:d2:8d:1e:59:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 20 23:56:58 2025 GMT
Not After : Jun 20 00:01:58 2026 GMT
Subject: CN=DD2AE22F1491E7417E1C84B843417F18C9BE7C27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d3:0b:4b:3c:72:4d:12:f9:0d:ef:a5:56:9c:
ef:77:0e:7c:27:e7:ff:48:22:54:41:cb:41:ae:4d:
54:d1:9a:a4:cb:af:eb:4f:90:02:df:3d:10:41:9e:
49:70:ff:b9:1f:93:78:4c:64:a6:48:2f:e0:80:d2:
84:ef:32:2f:41:e5:62:7e:ea:2a:ab:aa:60:ec:e3:
b9:ac:04:92:dc:86:79:05:46:21:7d:f8:18:1f:3b:
62:97:3a:cf:c8:e1:17:e8:7a:1f:64:e9:f2:bc:fa:
fd:ff:e4:39:f5:7f:18:05:d9:86:fb:dc:dd:87:e4:
b6:67:67:b0:5e:fd:3c:ac:c0:6d:c5:c0:b4:71:3e:
59:1b:02:2e:27:63:0c:51:4b:db:a4:aa:17:a8:ca:
3f:18:0b:b1:81:41:f2:71:9d:28:3f:ec:de:bc:e5:
54:35:44:14:e1:a4:64:40:26:84:17:24:11:6e:cf:
dc:28:b5:81:d0:ea:66:0b:54:e9:91:a4:d0:8c:33:
5a:55:87:c0:8f:72:9b:1c:a8:f5:e8:dd:98:a6:ce:
16:be:4a:e6:78:25:be:1b:af:73:6d:41:1d:e1:a4:
79:70:e8:01:a9:4f:98:2b:25:e5:df:89:33:4d:d8:
c8:af:3c:1c:8b:1d:09:31:90:ae:ef:7b:0c:e6:54:
17:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:2A:E2:2F:14:91:E7:41:7E:1C:84:B8:43:41:7F:18:C9:BE:7C:27
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215727.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.150.0/24
82.21.169.0/24
82.22.171.0/24
82.22.175.0/24
82.23.134.0/24
82.24.8.0/24
82.24.25.0/24
82.24.105.0/24
82.24.175.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:4c:59:7e:5a:03:8c:e8:7c:b3:5d:27:89:5f:34:0c:11:0b:
50:76:1a:69:3d:4b:83:20:d0:9f:78:9c:2b:6a:24:e3:c6:68:
4d:7c:af:c9:c2:e6:5a:23:4a:29:cc:72:c5:51:60:84:2f:fa:
b0:a4:f9:20:96:0f:82:ed:de:48:2f:58:f5:3d:bf:88:42:da:
d3:ac:1e:de:34:e1:35:76:f0:97:6b:47:b8:bc:55:58:7a:fc:
7a:6a:22:30:84:fe:12:12:fa:0c:7a:a0:32:55:49:38:1c:2e:
26:51:02:ba:e2:8c:5b:55:7e:02:a1:d2:93:fe:37:e9:7d:f8:
c0:87:64:39:94:9f:81:3d:ba:f6:96:7d:db:7b:fe:b1:84:70:
bd:72:fb:5f:63:39:a8:9c:d0:7f:92:f2:bd:9b:c2:13:65:05:
0f:31:32:a5:69:e3:14:b5:9b:ee:58:05:ff:11:18:dc:39:2a:
70:8c:6a:de:24:08:1d:95:12:b1:25:73:73:dc:86:00:b7:c1:
ce:08:cf:a9:27:37:12:3f:37:7f:48:57:d8:92:e0:da:b8:32:
86:a9:77:6a:92:20:38:fe:6e:d2:5c:ae:fa:55:ae:fe:13:36:
c6:6f:f0:1e:9d:2a:6c:0c:5b:d9:ea:8a:de:e5:38:a1:a4:26:
94:8f:fd:4e
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIUO1bAwmRskYltwmPfFCml0o0eWf8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MjAyMzU2NThaFw0yNjA2MjAwMDAxNThaMDMxMTAvBgNV
BAMTKEREMkFFMjJGMTQ5MUU3NDE3RTFDODRCODQzNDE3RjE4QzlCRTdDMjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ0wtLPHJNEvkN76VWnO93Dnwn
5/9IIlRBy0GuTVTRmqTLr+tPkALfPRBBnklw/7kfk3hMZKZIL+CA0oTvMi9B5WJ+
6iqrqmDs47msBJLchnkFRiF9+BgfO2KXOs/I4Rfoeh9k6fK8+v3/5Dn1fxgF2Yb7
3N2H5LZnZ7Be/TyswG3FwLRxPlkbAi4nYwxRS9ukqheoyj8YC7GBQfJxnSg/7N68
5VQ1RBThpGRAJoQXJBFuz9wotYHQ6mYLVOmRpNCMM1pVh8CPcpscqPXo3Zimzha+
SuZ4Jb4br3NtQR3hpHlw6AGpT5grJeXfiTNN2MivPByLHQkxkK7vewzmVBe1AgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQU3SriLxSR50F+HIS4Q0F/GMm+fCcwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1NzI3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAUhWW
AwQAUhWpAwQAUharAwQAUhavAwQAUheGAwQAUhgIAwQAUhgZAwQAUhhpAwQAUhiv
MA0GCSqGSIb3DQEBCwUAA4IBAQBPTFl+WgOM6HyzXSeJXzQMEQtQdhppPUuDINCf
eJwraiTjxmhNfK/JwuZaI0opzHLFUWCEL/qwpPkglg+C7d5IL1j1Pb+IQtrTrB7e
NOE1dvCXa0e4vFVYevx6aiIwhP4SEvoMeqAyVUk4HC4mUQK64oxbVX4CodKT/jfp
ffjAh2Q5lJ+BPbr2ln3be/6xhHC9cvtfYzmonNB/kvK9m8ITZQUPMTKlaeMUtZvu
WAX/ERjcOSpwjGreJAgdlRKxJXNz3IYAt8HOCM+pJzcSPzd/SFfYkuDauDKGqXdq
kiA4/m7SXK76Va7+EzbGb/AenSpsDFvZ6ore5TihpCaUj/1O
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:49:48 2025 by rpki-client