Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215294.roa
File: AS215294.roa (raw, json)
Hash identifier: JQhzj44KUi8NrY1+hw2gC5KKEVGcqF5+a2mUHljpB84=
Subject key identifier: B9:E4:4B:4C:9B:63:9E:23:98:5C:F8:86:14:AA:82:ED:54:02:72:5E
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 18C3A75A798C4F01462CFD7A0E0574A7A723A91E
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215294.roa
Signing time: Thu 23 Oct 2025 11:50:45 +0000
ROA not before: Thu 23 Oct 2025 11:45:45 +0000
ROA not after: Thu 22 Oct 2026 11:50:45 +0000
asID: 215294
IP address blocks: 82.41.246.0/24 maxlen: 24
82.41.247.0/24 maxlen: 24
82.41.248.0/24 maxlen: 24
82.41.249.0/24 maxlen: 24
82.41.250.0/24 maxlen: 24
82.41.251.0/24 maxlen: 24
82.41.252.0/24 maxlen: 24
82.41.253.0/24 maxlen: 24
82.41.254.0/24 maxlen: 24
82.41.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:c3:a7:5a:79:8c:4f:01:46:2c:fd:7a:0e:05:74:a7:a7:23:a9:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Oct 23 11:45:45 2025 GMT
Not After : Oct 22 11:50:45 2026 GMT
Subject: CN=B9E44B4C9B639E23985CF88614AA82ED5402725E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:42:09:e3:f7:28:2e:94:92:dc:ee:26:8e:be:
d6:73:95:c0:28:79:30:6a:b3:3b:08:cb:89:5d:a5:
93:e9:86:19:a3:7a:78:19:1e:75:c4:3a:af:f1:76:
7e:09:ce:80:2b:ba:51:3b:f6:6e:64:78:5f:7a:ef:
aa:ef:e2:5d:89:ab:95:39:68:6b:cc:25:3c:73:a3:
a4:3c:d4:60:ba:85:f1:72:05:e4:68:bc:73:c6:39:
15:db:aa:15:a5:fc:f3:9d:7c:70:83:32:46:25:79:
9c:f5:1c:1a:10:78:45:6b:aa:89:91:6c:19:ab:ba:
fb:a3:87:f8:58:09:c6:f5:bb:d5:f8:aa:30:d4:93:
19:ad:6f:09:b0:72:c0:14:11:1a:2d:c5:60:4c:a3:
35:bf:91:8f:d1:d8:e6:de:3b:ba:b4:1b:a8:b8:d9:
ce:e0:14:6a:b1:1d:98:f6:4c:73:14:ab:a6:c3:38:
5a:c0:b0:5c:44:27:bc:86:bf:67:98:2d:17:a1:48:
62:c1:4a:42:67:b3:4f:4b:4c:02:32:d5:2b:f4:22:
53:80:10:b2:c1:2f:56:af:4a:5a:b7:dc:0e:3a:58:
68:f9:c8:2f:a8:02:aa:a0:e2:68:8c:e3:a5:8d:6b:
37:04:eb:e0:1d:71:bd:db:8e:7a:05:e7:97:0a:49:
40:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:E4:4B:4C:9B:63:9E:23:98:5C:F8:86:14:AA:82:ED:54:02:72:5E
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215294.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.41.246.0-82.41.255.255
Signature Algorithm: sha256WithRSAEncryption
1f:9b:51:d8:b7:9b:9d:03:90:71:f3:c1:8d:92:f1:fa:bb:fe:
37:39:9b:30:4d:42:54:31:41:4f:9d:79:95:0a:3f:8f:29:66:
05:f0:df:27:2a:7c:24:a0:4c:d2:91:fa:fe:68:eb:3a:57:6b:
32:c4:24:cc:22:0d:03:0c:e2:1c:ac:20:6c:36:8f:3e:d2:a7:
9d:35:23:2a:f0:7a:17:18:3c:19:d5:7d:eb:89:8c:95:a7:0e:
54:db:35:0e:cc:c5:30:17:fd:34:a1:e7:24:b3:27:9d:a3:00:
d2:0e:3c:e9:aa:40:f6:d2:49:ed:be:f0:79:bb:a3:3d:61:aa:
2f:95:5f:35:13:01:6b:e9:67:fd:9b:cb:a7:ab:e8:e9:77:2d:
b6:a2:54:9e:20:24:b9:36:ea:ea:49:14:c2:e0:5d:85:71:82:
e3:e1:b9:c3:05:aa:46:69:e7:8d:86:c1:66:d7:d7:ca:4d:a3:
fb:a9:25:b4:8b:ec:62:19:34:d5:35:1d:f2:81:35:c9:0f:d8:
4f:65:0b:e8:ba:a7:99:56:fb:78:2b:ba:f6:38:30:e9:f1:21:
b3:45:1d:f8:c2:65:50:5a:77:8f:35:99:b7:ec:b1:cf:55:ff:
06:69:a0:35:74:fc:1c:d8:3c:32:09:e1:9f:cc:5e:b0:88:a4:
ec:aa:ce:07
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIUGMOnWnmMTwFGLP16DgV0p6cjqR4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEwMjMxMTQ1NDVaFw0yNjEwMjIxMTUwNDVaMDMxMTAvBgNV
BAMTKEI5RTQ0QjRDOUI2MzlFMjM5ODVDRjg4NjE0QUE4MkVENTQwMjcyNUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCCQgnj9ygulJLc7iaOvtZzlcAo
eTBqszsIy4ldpZPphhmjengZHnXEOq/xdn4JzoArulE79m5keF9676rv4l2Jq5U5
aGvMJTxzo6Q81GC6hfFyBeRovHPGORXbqhWl/POdfHCDMkYleZz1HBoQeEVrqomR
bBmruvujh/hYCcb1u9X4qjDUkxmtbwmwcsAUERotxWBMozW/kY/R2ObeO7q0G6i4
2c7gFGqxHZj2THMUq6bDOFrAsFxEJ7yGv2eYLRehSGLBSkJns09LTAIy1Sv0IlOA
ELLBL1avSlq33A46WGj5yC+oAqqg4miM46WNazcE6+Adcb3bjnoF55cKSUBbAgMB
AAGjggIRMIICDTAdBgNVHQ4EFgQUueRLTJtjniOYXPiGFKqC7VQCcl4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1Mjk0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDBAFS
KfYDAwFSKDANBgkqhkiG9w0BAQsFAAOCAQEAH5tR2LebnQOQcfPBjZLx+rv+Nzmb
ME1CVDFBT515lQo/jylmBfDfJyp8JKBM0pH6/mjrOldrMsQkzCINAwziHKwgbDaP
PtKnnTUjKvB6Fxg8GdV964mMlacOVNs1DszFMBf9NKHnJLMnnaMA0g486apA9tJJ
7b7webujPWGqL5VfNRMBa+ln/ZvLp6vo6XcttqJUniAkuTbq6kkUwuBdhXGC4+G5
wwWqRmnnjYbBZtfXyk2j+6kltIvsYhk01TUd8oE1yQ/YT2UL6LqnmVb7eCu69jgw
6fEhs0Ud+MJlUFp3jzWZt+yxz1X/BmmgNXT8HNg8Mgnhn8xesIik7KrOBw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 21:21:21 2025 by rpki-client