Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215152.roa
File: AS215152.roa (raw, json)
Hash identifier: Huk/D8vgYvYRnNrA7QFq+xsDqdr6cSXoREXE6GBDkvk=
Subject key identifier: 9D:68:D4:79:8E:4F:D9:24:E1:4C:35:C3:18:3A:5A:32:85:EB:1F:9F
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 37A1D7D853F765D1D062E36A60603662C598FC20
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215152.roa
Signing time: Fri 17 Apr 2026 03:54:17 +0000
ROA not before: Fri 17 Apr 2026 03:49:17 +0000
ROA not after: Fri 16 Apr 2027 03:54:17 +0000
asID: 215152
IP address blocks: 82.24.25.0/24 maxlen: 24
82.26.155.0/24 maxlen: 24
82.29.6.0/24 maxlen: 24
82.38.105.0/24 maxlen: 24
82.41.75.0/24 maxlen: 24
82.41.122.0/24 maxlen: 24
82.47.55.0/24 maxlen: 24
82.47.178.0/24 maxlen: 24
84.75.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:a1:d7:d8:53:f7:65:d1:d0:62:e3:6a:60:60:36:62:c5:98:fc:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 17 03:49:17 2026 GMT
Not After : Apr 16 03:54:17 2027 GMT
Subject: CN=9D68D4798E4FD924E14C35C3183A5A3285EB1F9F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:b4:44:31:fc:88:3d:24:33:37:bc:4b:52:61:
f7:52:67:b4:8f:6c:e3:31:71:c4:56:a0:a8:39:82:
fc:b4:3f:b8:48:1b:3f:82:43:70:e1:de:c0:e9:cf:
57:41:5f:53:0d:f6:e9:6b:7c:00:80:7b:bf:67:44:
b1:d4:65:7d:80:f0:3a:1c:5f:f3:f7:a3:e0:f2:27:
34:9e:68:30:10:d0:e8:f1:7b:f2:4a:9d:27:f8:65:
26:53:5e:e0:08:03:0b:c5:41:a0:28:4a:d5:1f:7c:
c4:37:36:b1:cf:cd:3e:9c:6b:c0:32:6f:4b:06:6f:
ed:3f:94:ae:cc:89:85:09:f5:00:4d:c2:48:86:a1:
ce:be:6a:e3:a5:a4:7e:ea:76:70:67:a0:36:a5:df:
73:8b:56:46:ac:df:a3:a9:93:e2:bb:a3:e0:11:33:
89:fa:42:8e:88:f7:c2:b8:22:12:51:f8:ec:87:01:
53:73:d9:50:b9:49:1a:08:65:94:e9:c8:66:7c:4e:
c9:09:74:be:e3:49:23:55:b0:d5:ff:5f:74:f3:d3:
6a:2a:c9:48:8d:27:2a:32:33:a1:8b:2b:2e:1d:b4:
b7:76:19:b2:c0:40:0f:36:1e:1e:c3:e6:60:72:e1:
bd:70:92:b3:ed:ee:10:51:62:d0:e1:dd:52:38:1a:
6b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:68:D4:79:8E:4F:D9:24:E1:4C:35:C3:18:3A:5A:32:85:EB:1F:9F
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215152.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.24.25.0/24
82.26.155.0/24
82.29.6.0/24
82.38.105.0/24
82.41.75.0/24
82.41.122.0/24
82.47.55.0/24
82.47.178.0/24
84.75.175.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:1c:69:6b:0c:94:5c:e0:fa:e2:c7:ef:92:d8:aa:8e:22:f7:
99:ff:4c:ee:d8:e6:83:1c:7b:fa:8a:8c:13:a5:03:00:7e:67:
40:9a:f9:37:b9:32:39:64:86:f5:31:dc:19:58:9e:d9:a9:ba:
be:59:42:55:f9:77:8f:cb:f9:9c:67:ae:75:67:bb:e1:2f:d5:
b8:80:9a:9b:e2:5d:b1:73:d2:7a:3a:5d:23:d7:8f:67:db:b2:
f0:a5:a4:24:fb:b0:c8:5d:a4:54:e2:a1:06:00:54:8d:83:a7:
6d:4a:9f:06:90:59:b1:af:40:4d:8c:a7:1f:41:0d:c0:3f:7c:
2f:a5:0a:2e:ef:05:26:ee:03:be:9b:a5:e7:f5:f4:58:9c:4b:
0a:2a:fa:d9:09:14:da:d4:d1:b9:27:27:ad:d7:ac:20:cb:d2:
b1:a7:05:9f:49:6a:73:7b:18:93:71:80:a9:30:f6:00:10:73:
8a:fb:af:6e:19:ea:92:99:47:8d:95:40:a9:d6:eb:e3:94:2c:
b4:f1:b1:40:c9:16:8e:62:63:14:c3:f5:8d:80:f1:f1:ac:04:
95:e4:5a:14:f7:6f:98:2c:db:21:81:48:95:a8:06:1a:97:99:
7d:68:5d:6e:08:93:d5:91:06:fe:a6:fa:e9:40:1e:05:2d:c4:
57:b7:e2:d1
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIUN6HX2FP3ZdHQYuNqYGA2YsWY/CAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MTcwMzQ5MTdaFw0yNzA0MTYwMzU0MTdaMDMxMTAvBgNV
BAMTKDlENjhENDc5OEU0RkQ5MjRFMTRDMzVDMzE4M0E1QTMyODVFQjFGOUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDstEQx/Ig9JDM3vEtSYfdSZ7SP
bOMxccRWoKg5gvy0P7hIGz+CQ3Dh3sDpz1dBX1MN9ulrfACAe79nRLHUZX2A8Doc
X/P3o+DyJzSeaDAQ0Ojxe/JKnSf4ZSZTXuAIAwvFQaAoStUffMQ3NrHPzT6ca8Ay
b0sGb+0/lK7MiYUJ9QBNwkiGoc6+auOlpH7qdnBnoDal33OLVkas36Opk+K7o+AR
M4n6Qo6I98K4IhJR+OyHAVNz2VC5SRoIZZTpyGZ8TskJdL7jSSNVsNX/X3Tz02oq
yUiNJyoyM6GLKy4dtLd2GbLAQA82Hh7D5mBy4b1wkrPt7hBRYtDh3VI4GmutAgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQUnWjUeY5P2SThTDXDGDpaMoXrH58wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1MTUyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAUhgZ
AwQAUhqbAwQAUh0GAwQAUiZpAwQAUilLAwQAUil6AwQAUi83AwQAUi+yAwQAVEuv
MA0GCSqGSIb3DQEBCwUAA4IBAQCnHGlrDJRc4Prix++S2KqOIveZ/0zu2OaDHHv6
iowTpQMAfmdAmvk3uTI5ZIb1MdwZWJ7Zqbq+WUJV+XePy/mcZ651Z7vhL9W4gJqb
4l2xc9J6Ol0j149n27LwpaQk+7DIXaRU4qEGAFSNg6dtSp8GkFmxr0BNjKcfQQ3A
P3wvpQou7wUm7gO+m6Xn9fRYnEsKKvrZCRTa1NG5Jyet16wgy9KxpwWfSWpzexiT
cYCpMPYAEHOK+69uGeqSmUeNlUCp1uvjlCy08bFAyRaOYmMUw/WNgPHxrASV5FoU
92+YLNshgUiVqAYal5l9aF1uCJPVkQb+pvrpQB4FLcRXt+LR
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:15:54 2026 by rpki-client