Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS152303.roa
File: AS152303.roa (raw, json)
Hash identifier: pW+ierlYDZ3SBNVlQSjBSCuWrgIvQKOEzvXdpLMiJFg=
Subject key identifier: D3:2D:72:BA:99:27:04:A4:7C:F6:0C:01:BE:E0:9F:EE:09:BF:02:66
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0298EBFF8001B0E6D5AEE509C19FD0B824FD8548
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS152303.roa
Signing time: Sat 04 Apr 2026 11:55:43 +0000
ROA not before: Sat 04 Apr 2026 11:50:43 +0000
ROA not after: Sat 03 Apr 2027 11:55:43 +0000
asID: 152303
IP address blocks: 82.25.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:98:eb:ff:80:01:b0:e6:d5:ae:e5:09:c1:9f:d0:b8:24:fd:85:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 4 11:50:43 2026 GMT
Not After : Apr 3 11:55:43 2027 GMT
Subject: CN=D32D72BA992704A47CF60C01BEE09FEE09BF0266
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:3a:4b:0a:88:db:92:ac:78:7c:e3:36:d4:be:
8f:11:1f:f4:1d:79:f4:66:16:b4:c4:cd:0b:e9:6c:
24:f1:ec:4d:e3:d1:f0:70:7c:a6:9c:8b:66:69:8f:
04:03:c9:91:f2:4e:c7:13:a2:3e:57:24:f4:9e:a3:
1e:56:8b:81:5f:79:77:9a:24:8d:64:12:07:94:23:
15:76:0e:c4:50:2e:9a:18:4e:a0:1a:6b:33:60:83:
00:b5:f0:0d:9e:c2:42:84:53:97:01:49:9e:6e:cb:
58:cd:78:6a:21:15:9e:70:2f:6e:b9:48:e9:54:df:
74:e8:19:29:aa:e4:bd:44:f7:8d:72:ec:03:9e:39:
70:53:a5:71:54:5f:b2:71:a6:c8:44:58:e1:cf:2a:
af:cb:b2:0f:53:f5:1c:c1:2d:17:c0:9b:40:78:0e:
9e:f8:75:f0:22:2d:4b:42:12:c1:ea:e8:be:a0:5d:
2a:61:10:a6:f2:03:d5:9f:c0:52:67:36:1e:20:b0:
ba:55:d4:27:7b:49:38:d0:14:21:18:29:12:58:78:
e3:df:b9:a2:fe:da:81:3d:34:19:47:83:d2:c3:ae:
1a:0c:4f:88:6e:ef:5c:99:59:e7:4a:01:fd:81:8e:
7b:7c:17:2f:a3:07:2e:2b:d5:7a:41:4a:5b:63:06:
77:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:2D:72:BA:99:27:04:A4:7C:F6:0C:01:BE:E0:9F:EE:09:BF:02:66
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS152303.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.25.26.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:ab:5c:0b:19:6b:2b:80:d8:1f:3e:15:bd:fa:c6:ce:47:7f:
88:22:8a:f4:31:a9:bf:01:42:09:5c:a7:db:12:73:f8:85:c3:
32:b1:27:1f:ff:89:64:61:5d:4e:0b:4f:a5:14:e8:90:16:ee:
f2:a8:ab:79:66:fb:04:ee:d3:e4:44:f5:87:db:a2:2b:9e:c4:
73:e1:ea:a8:65:80:d4:9e:fc:66:69:8e:3e:4d:c6:1a:9d:85:
d1:cc:f7:92:e4:68:1a:75:47:27:21:e6:72:35:f8:61:88:45:
8c:ef:e6:f9:61:bb:4b:61:31:ab:c3:e6:8b:da:f7:27:34:93:
14:89:5c:e1:e9:d0:dd:81:d7:3b:be:80:ae:22:c9:9d:05:75:
f9:42:2a:c6:f1:16:ce:b6:75:3b:99:b9:06:c9:4f:b2:03:a9:
42:b8:4e:55:4f:87:03:a6:a0:51:91:92:d5:53:fe:57:85:0c:
70:83:a2:65:31:69:d4:ff:26:f6:42:04:e8:72:7f:39:29:11:
c1:8d:88:9a:5a:13:ec:52:9e:00:77:e7:e4:75:22:b4:64:03:
e5:d5:e9:a7:5d:8e:ac:2e:1e:8b:74:a4:db:29:29:c3:77:f4:
e3:74:13:d7:2e:a8:60:7b:5a:bc:d8:3e:51:b2:14:09:da:26:
15:e4:3f:77
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUApjr/4ABsObVruUJwZ/QuCT9hUgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MDQxMTUwNDNaFw0yNzA0MDMxMTU1NDNaMDMxMTAvBgNV
BAMTKEQzMkQ3MkJBOTkyNzA0QTQ3Q0Y2MEMwMUJFRTA5RkVFMDlCRjAyNjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkOksKiNuSrHh84zbUvo8RH/Qd
efRmFrTEzQvpbCTx7E3j0fBwfKaci2ZpjwQDyZHyTscToj5XJPSeox5Wi4FfeXea
JI1kEgeUIxV2DsRQLpoYTqAaazNggwC18A2ewkKEU5cBSZ5uy1jNeGohFZ5wL265
SOlU33ToGSmq5L1E941y7AOeOXBTpXFUX7JxpshEWOHPKq/Lsg9T9RzBLRfAm0B4
Dp74dfAiLUtCEsHq6L6gXSphEKbyA9WfwFJnNh4gsLpV1Cd7STjQFCEYKRJYeOPf
uaL+2oE9NBlHg9LDrhoMT4hu71yZWedKAf2Bjnt8Fy+jBy4r1XpBSltjBncXAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU0y1yupknBKR89gwBvuCf7gm/AmYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTUyMzAzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUhka
MA0GCSqGSIb3DQEBCwUAA4IBAQAtq1wLGWsrgNgfPhW9+sbOR3+IIor0Mam/AUIJ
XKfbEnP4hcMysScf/4lkYV1OC0+lFOiQFu7yqKt5ZvsE7tPkRPWH26IrnsRz4eqo
ZYDUnvxmaY4+TcYanYXRzPeS5GgadUcnIeZyNfhhiEWM7+b5YbtLYTGrw+aL2vcn
NJMUiVzh6dDdgdc7voCuIsmdBXX5QirG8RbOtnU7mbkGyU+yA6lCuE5VT4cDpqBR
kZLVU/5XhQxwg6JlMWnU/yb2QgTocn85KRHBjYiaWhPsUp4Ad+fkdSK0ZAPl1emn
XY6sLh6LdKTbKSnDd/TjdBPXLqhge1q82D5RshQJ2iYV5D93
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:00:13 2026 by rpki-client