Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215727.roa
File: AS215727.roa (raw, json)
Hash identifier: z9j9L1lxF6K89eyh0Mrr9pe6dNbsuAJrRdG9kp3BCgU=
Subject key identifier: BB:9A:B2:6F:E1:66:70:38:ED:A6:2B:AA:F3:DC:0D:C1:8A:5A:8B:2F
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 50D05A00BA382E67771A0137CCE80E0B43F93348
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215727.roa
Signing time: Sat 27 Sep 2025 00:02:03 +0000
ROA not before: Fri 26 Sep 2025 23:57:03 +0000
ROA not after: Sat 26 Sep 2026 00:02:03 +0000
asID: 215727
IP address blocks: 82.21.150.0/24 maxlen: 24
82.21.169.0/24 maxlen: 24
82.22.171.0/24 maxlen: 24
82.22.175.0/24 maxlen: 24
82.23.134.0/24 maxlen: 24
82.24.8.0/24 maxlen: 24
82.24.105.0/24 maxlen: 24
82.24.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:d0:5a:00:ba:38:2e:67:77:1a:01:37:cc:e8:0e:0b:43:f9:33:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Sep 26 23:57:03 2025 GMT
Not After : Sep 26 00:02:03 2026 GMT
Subject: CN=BB9AB26FE1667038EDA62BAAF3DC0DC18A5A8B2F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4d:57:6e:a2:e2:96:f4:d4:9a:47:bb:2c:8d:
86:32:0b:cd:5f:1f:e6:36:15:f2:14:53:e5:89:f1:
10:ef:57:e8:58:52:ab:64:85:f7:bb:af:ef:f6:5f:
fc:e7:af:ee:26:89:f9:8e:ac:8a:9b:be:07:9e:75:
a1:49:d2:ed:6d:f9:18:93:5f:cd:93:17:6d:f4:12:
6a:80:e3:f4:8f:63:e5:6b:02:db:69:bf:9d:89:86:
a0:2a:d9:d8:41:4f:37:ef:d0:a6:9e:d5:98:1f:5b:
da:8b:2f:96:3f:06:83:08:c3:30:8c:1c:32:a7:47:
53:95:9e:9c:1a:7c:69:9a:ac:38:4d:4f:6b:f4:69:
f0:0e:07:b8:33:d6:e5:d5:41:fc:ef:c8:ba:75:98:
4e:16:2a:99:01:1a:6d:ff:a0:d6:31:88:24:a9:46:
fb:48:48:ba:1c:8f:8e:67:f5:22:b5:9e:f8:87:cb:
b8:1a:5b:41:c3:5c:7c:b1:f1:81:8f:b2:d5:44:d3:
c0:1d:7f:2f:1e:09:9b:40:1d:e5:5d:3e:89:e6:b8:
c1:25:70:38:dd:dd:2a:6a:cf:2b:04:93:fb:a6:5f:
f6:29:d7:50:1b:6b:f8:5f:8e:4c:7a:ab:e2:3d:ad:
f5:75:69:31:ac:16:52:18:3e:56:72:e5:e9:f3:d9:
59:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:9A:B2:6F:E1:66:70:38:ED:A6:2B:AA:F3:DC:0D:C1:8A:5A:8B:2F
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215727.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.150.0/24
82.21.169.0/24
82.22.171.0/24
82.22.175.0/24
82.23.134.0/24
82.24.8.0/24
82.24.105.0/24
82.24.175.0/24
Signature Algorithm: sha256WithRSAEncryption
23:10:dc:03:32:33:69:93:f5:c2:c4:a6:3d:4e:3e:b0:c0:a2:
76:aa:dc:87:65:ff:fd:1a:f6:c1:21:80:6e:1b:74:f0:fa:68:
c1:6d:f5:9e:4d:3e:8e:6d:45:38:1b:8b:a5:03:a6:39:30:5d:
f8:7d:91:25:17:0c:63:fa:7e:82:31:a3:60:c2:09:9f:65:19:
cd:29:0b:e4:ef:c2:d8:00:06:d9:b3:eb:c1:16:55:dc:b4:99:
e4:37:a2:a9:1f:96:69:7b:97:51:7e:6e:d7:e2:02:09:68:4f:
f2:29:21:39:65:e8:68:a0:d2:d7:87:49:b9:da:b0:86:11:5a:
d8:12:d1:cc:c1:c4:00:ba:8d:7e:dc:d2:a9:0b:5d:77:e7:5b:
ed:0b:c8:1b:31:1f:22:da:ed:9a:55:cd:23:9a:3f:e9:ad:63:
d9:98:9f:3b:31:cf:da:7d:57:d8:7a:26:bb:49:a1:4a:8b:f8:
16:5b:e9:17:07:65:bd:64:03:93:8c:fc:7e:87:e9:cf:6d:ee:
6b:97:ae:15:9a:cf:5c:7e:a3:cb:20:87:52:03:0f:74:6a:37:
b8:b2:a6:4c:37:90:03:91:32:4b:1a:a2:4b:ce:ac:7d:dd:e3:
fd:83:89:31:41:e3:fa:99:e2:17:0d:14:37:d4:6e:f1:89:6a:
3e:33:e8:05
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUUNBaALo4Lmd3GgE3zOgOC0P5M0gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA5MjYyMzU3MDNaFw0yNjA5MjYwMDAyMDNaMDMxMTAvBgNV
BAMTKEJCOUFCMjZGRTE2NjcwMzhFREE2MkJBQUYzREMwREMxOEE1QThCMkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClTVduouKW9NSaR7ssjYYyC81f
H+Y2FfIUU+WJ8RDvV+hYUqtkhfe7r+/2X/znr+4mifmOrIqbvgeedaFJ0u1t+RiT
X82TF230EmqA4/SPY+VrAttpv52JhqAq2dhBTzfv0Kae1ZgfW9qLL5Y/BoMIwzCM
HDKnR1OVnpwafGmarDhNT2v0afAOB7gz1uXVQfzvyLp1mE4WKpkBGm3/oNYxiCSp
RvtISLocj45n9SK1nviHy7gaW0HDXHyx8YGPstVE08Adfy8eCZtAHeVdPonmuMEl
cDjd3SpqzysEk/umX/Yp11Aba/hfjkx6q+I9rfV1aTGsFlIYPlZy5enz2VmJAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUu5qyb+FmcDjtpiuq89wNwYpaiy8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1NzI3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUhWW
AwQAUhWpAwQAUharAwQAUhavAwQAUheGAwQAUhgIAwQAUhhpAwQAUhivMA0GCSqG
SIb3DQEBCwUAA4IBAQAjENwDMjNpk/XCxKY9Tj6wwKJ2qtyHZf/9GvbBIYBuG3Tw
+mjBbfWeTT6ObUU4G4ulA6Y5MF34fZElFwxj+n6CMaNgwgmfZRnNKQvk78LYAAbZ
s+vBFlXctJnkN6KpH5Zpe5dRfm7X4gIJaE/yKSE5ZehooNLXh0m52rCGEVrYEtHM
wcQAuo1+3NKpC11351vtC8gbMR8i2u2aVc0jmj/prWPZmJ87Mc/afVfYeia7SaFK
i/gWW+kXB2W9ZAOTjPx+h+nPbe5rl64Vms9cfqPLIIdSAw90aje4sqZMN5ADkTJL
GqJLzqx93eP9g4kxQeP6meIXDRQ31G7xiWo+M+gF
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:42:36 2025 by rpki-client