Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS215666.roa
File: AS215666.roa (raw, json)
Hash identifier: qvyUDHbuSkRsrORMlWfIi0nzBV7qv42PQZphkYD8syo=
Subject key identifier: 1B:CE:EF:5E:98:B2:7F:B5:04:6A:0A:E2:CB:F5:DD:3E:D4:91:9F:83
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 010844AD940246F685F57D5BE8784C044817742D
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS215666.roa
Signing time: Fri 24 Apr 2026 18:03:41 +0000
ROA not before: Fri 24 Apr 2026 17:58:41 +0000
ROA not after: Fri 23 Apr 2027 18:03:41 +0000
asID: 215666
IP address blocks: 2a14:7581:9e00::/40 maxlen: 40
2a14:7583:ee00::/40 maxlen: 40
2a14:7585:c000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 08:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:08:44:ad:94:02:46:f6:85:f5:7d:5b:e8:78:4c:04:48:17:74:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Apr 24 17:58:41 2026 GMT
Not After : Apr 23 18:03:41 2027 GMT
Subject: CN=1BCEEF5E98B27FB5046A0AE2CBF5DD3ED4919F83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b9:f4:fe:de:b5:a2:12:90:ef:c1:de:5e:8e:
da:8c:82:78:5a:45:60:38:bc:d8:dd:f9:0e:44:0f:
94:b3:45:79:f8:15:eb:40:ba:bd:51:47:f0:2b:da:
0b:1f:64:a2:b2:ff:e0:da:e2:3b:a3:17:4a:d3:86:
0e:1d:51:5d:53:ba:14:c0:18:a4:78:e6:8a:24:2a:
1d:ae:09:0f:f5:23:bc:98:6c:77:e6:2c:db:a7:b1:
c6:8e:7d:9b:f4:23:f6:7f:fc:f5:b9:67:d7:1d:34:
54:d2:9c:fb:32:a3:d1:ab:5b:09:5a:2d:12:75:68:
d5:cd:bc:b4:55:33:80:ab:cd:bf:dc:2f:bb:10:c8:
93:f9:01:47:8a:0f:ac:1e:ab:3a:f0:f0:d8:23:4d:
fc:6a:a4:fb:eb:b1:17:ef:31:c0:bf:57:85:85:73:
a5:d8:de:b8:a3:f0:74:4b:9f:03:52:3a:e4:7e:e0:
a1:90:95:da:b8:9d:b1:97:ea:53:0f:e2:f8:e8:9a:
1b:ed:49:f2:43:49:7c:d0:72:39:30:90:ad:d1:84:
fe:ae:76:9e:9a:51:e6:b1:cf:86:0a:4b:d1:4c:c3:
5d:6f:83:02:bd:fa:cb:4f:38:eb:7f:fe:8a:44:db:
07:3d:cf:bb:a9:f4:4a:81:6f:4c:c9:d8:da:81:57:
8c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:CE:EF:5E:98:B2:7F:B5:04:6A:0A:E2:CB:F5:DD:3E:D4:91:9F:83
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS215666.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:9e00::/40
2a14:7583:ee00::/40
2a14:7585:c000::/36
Signature Algorithm: sha256WithRSAEncryption
58:e2:c2:f6:01:4b:15:71:6e:f4:6a:e3:00:8a:cd:45:4a:51:
d6:5a:0e:d3:15:7c:ac:e2:45:8a:b6:5e:fe:41:e6:99:df:6d:
9b:fc:4f:e4:b9:f6:f3:0f:11:af:d1:1a:57:c2:41:c9:db:ec:
e3:16:92:1c:27:8f:8c:e6:b2:c8:27:ae:4d:3e:2c:c8:41:48:
24:0c:12:82:e6:65:95:ae:92:70:03:31:ee:40:df:a5:81:97:
e9:99:9f:c6:58:1e:dd:e0:a9:2a:0f:2c:c3:16:6f:ec:a1:42:
49:12:4c:2c:2f:98:a4:28:18:06:34:fc:87:c3:01:c1:26:c8:
0b:e2:0a:3c:3d:79:a5:70:7f:9e:4e:5e:7e:b2:a4:7b:15:d0:
62:66:8b:ed:a9:e6:ed:0f:31:d3:85:9b:42:e7:51:8a:b4:48:
7d:6a:6f:44:a7:e5:04:e0:ed:2d:00:33:2e:32:ca:8e:c6:8c:
57:2a:6e:f8:6b:40:1d:aa:e1:84:a8:7c:50:b4:2f:d1:c1:67:
d0:86:82:55:fe:9d:6c:cd:8a:60:24:f0:b0:85:09:bc:be:2a:
cf:ed:f8:ac:6e:e0:83:0a:41:dc:d2:b3:95:de:3a:99:1a:70:
9b:fe:34:7f:e2:ac:d2:e3:15:38:3a:d9:b1:55:09:79:2c:c1:
1d:9d:78:3d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUAQhErZQCRvaF9X1b6HhMBEgXdC0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA0MjQxNzU4NDFaFw0yNzA0MjMxODAzNDFaMDMxMTAvBgNV
BAMTKDFCQ0VFRjVFOThCMjdGQjUwNDZBMEFFMkNCRjVERDNFRDQ5MTlGODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrufT+3rWiEpDvwd5ejtqMgnha
RWA4vNjd+Q5ED5SzRXn4FetAur1RR/Ar2gsfZKKy/+Da4jujF0rThg4dUV1TuhTA
GKR45ookKh2uCQ/1I7yYbHfmLNunscaOfZv0I/Z//PW5Z9cdNFTSnPsyo9GrWwla
LRJ1aNXNvLRVM4Crzb/cL7sQyJP5AUeKD6weqzrw8NgjTfxqpPvrsRfvMcC/V4WF
c6XY3rij8HRLnwNSOuR+4KGQldq4nbGX6lMP4vjomhvtSfJDSXzQcjkwkK3RhP6u
dp6aUeaxz4YKS9FMw11vgwK9+stPOOt//opE2wc9z7up9EqBb0zJ2NqBV4wtAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUG87vXpiyf7UEagriy/XdPtSRn4MwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjE1NjY2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAAjAYAwYAKhR1
gZ4DBgAqFHWD7gMGBCoUdYXAMA0GCSqGSIb3DQEBCwUAA4IBAQBY4sL2AUsVcW70
auMAis1FSlHWWg7TFXys4kWKtl7+QeaZ322b/E/kufbzDxGv0RpXwkHJ2+zjFpIc
J4+M5rLIJ65NPizIQUgkDBKC5mWVrpJwAzHuQN+lgZfpmZ/GWB7d4KkqDyzDFm/s
oUJJEkwsL5ikKBgGNPyHwwHBJsgL4go8PXmlcH+eTl5+sqR7FdBiZovtqebtDzHT
hZtC51GKtEh9am9Ep+UE4O0tADMuMsqOxoxXKm74a0AdquGEqHxQtC/RwWfQhoJV
/p1szYpgJPCwhQm8virP7fisbuCDCkHc0rOV3jqZGnCb/jR/4qzS4xU4OtmxVQl5
LMEdnXg9
-----END CERTIFICATE-----
Generated at Tue May 12 21:56:48 2026 by rpki-client