Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215294.roa
File: AS215294.roa (raw, json)
Hash identifier: g2/puHTkFv5nFvBlpgzrmSw+z0X2xTb1DdgjJBIJEH8=
Subject key identifier: 6D:AE:83:2D:07:97:A0:B2:E3:8C:BD:A1:4E:81:90:F1:0D:46:AF:B0
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 44C07BD1341ECA77C727A73D4D594A3DD54556ED
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215294.roa
Signing time: Thu 09 Apr 2026 10:30:15 +0000
ROA not before: Thu 09 Apr 2026 10:25:15 +0000
ROA not after: Thu 08 Apr 2027 10:30:15 +0000
asID: 215294
IP address blocks: 82.39.66.0/24 maxlen: 24
82.39.67.0/24 maxlen: 24
82.39.68.0/24 maxlen: 24
82.39.69.0/24 maxlen: 24
82.39.70.0/24 maxlen: 24
82.39.71.0/24 maxlen: 24
82.39.72.0/24 maxlen: 24
82.39.73.0/24 maxlen: 24
82.39.74.0/24 maxlen: 24
82.39.75.0/24 maxlen: 24
82.39.76.0/24 maxlen: 24
82.39.77.0/24 maxlen: 24
82.39.78.0/24 maxlen: 24
82.39.79.0/24 maxlen: 24
82.39.80.0/24 maxlen: 24
82.41.246.0/24 maxlen: 24
82.41.247.0/24 maxlen: 24
82.41.248.0/24 maxlen: 24
82.41.249.0/24 maxlen: 24
82.41.250.0/24 maxlen: 24
82.41.251.0/24 maxlen: 24
82.41.252.0/24 maxlen: 24
82.41.253.0/24 maxlen: 24
82.41.254.0/24 maxlen: 24
82.41.255.0/24 maxlen: 24
82.47.3.0/24 maxlen: 24
82.47.4.0/24 maxlen: 24
82.47.5.0/24 maxlen: 24
82.47.6.0/24 maxlen: 24
82.47.7.0/24 maxlen: 24
82.47.8.0/24 maxlen: 24
82.47.9.0/24 maxlen: 24
82.47.10.0/24 maxlen: 24
178.83.4.0/24 maxlen: 24
178.83.11.0/24 maxlen: 24
178.83.19.0/24 maxlen: 24
178.83.27.0/24 maxlen: 24
178.83.38.0/24 maxlen: 24
178.83.52.0/24 maxlen: 24
178.83.67.0/24 maxlen: 24
178.83.91.0/24 maxlen: 24
178.83.118.0/24 maxlen: 24
2a13:9500:115::/48 maxlen: 48
2a13:9500:123::/48 maxlen: 48
2a13:9500:124::/48 maxlen: 48
2a13:9500:125::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 15:41:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:c0:7b:d1:34:1e:ca:77:c7:27:a7:3d:4d:59:4a:3d:d5:45:56:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 9 10:25:15 2026 GMT
Not After : Apr 8 10:30:15 2027 GMT
Subject: CN=6DAE832D0797A0B2E38CBDA14E8190F10D46AFB0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6a:44:bb:cf:cd:d0:85:11:fa:1b:04:26:bd:
e6:9f:58:1d:5f:f0:87:a8:2c:12:09:6c:75:17:4a:
d0:38:07:fe:04:fe:d7:f0:12:48:a2:d3:7b:93:6b:
36:b9:45:e2:b3:c9:d4:9a:e8:13:4b:96:88:a6:9c:
dd:2a:ea:fe:b7:83:48:b2:42:80:de:37:d3:b4:40:
f7:45:65:6a:33:ad:76:08:e8:21:70:15:81:0f:e5:
ac:41:a2:49:39:bf:a8:a8:da:e7:f2:85:cf:f0:dd:
ab:26:6c:b9:04:d4:00:84:85:19:60:97:e5:30:d0:
66:53:4e:1d:42:d2:5a:8e:19:4b:36:70:f6:fa:28:
cc:91:bc:ed:9a:76:df:5a:c8:4a:80:6e:3a:77:79:
03:07:f5:4c:9e:95:9b:1f:0f:41:ff:1b:5e:31:a9:
8a:5f:eb:e9:fd:e0:55:82:d8:1d:f9:3e:9b:48:26:
02:11:93:28:b9:62:a2:85:05:ac:9d:bb:75:1d:50:
f3:68:d4:97:8c:e5:b4:b3:8c:f0:52:2b:b4:8d:0a:
e6:5a:d5:d9:61:83:63:ab:dd:22:44:fe:68:47:12:
5e:51:c9:8a:74:25:9a:30:a5:de:ad:15:76:d2:47:
c7:03:b2:06:f3:b7:85:3a:2d:e7:0f:0b:af:b5:3f:
64:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:AE:83:2D:07:97:A0:B2:E3:8C:BD:A1:4E:81:90:F1:0D:46:AF:B0
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215294.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.39.66.0-82.39.80.255
82.41.246.0-82.41.255.255
82.47.3.0-82.47.10.255
178.83.4.0/24
178.83.11.0/24
178.83.19.0/24
178.83.27.0/24
178.83.38.0/24
178.83.52.0/24
178.83.67.0/24
178.83.91.0/24
178.83.118.0/24
IPv6:
2a13:9500:115::/48
2a13:9500:123::-2a13:9500:125:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
88:be:f6:e5:bd:f3:bd:f3:fc:ad:62:22:98:8d:61:db:53:0d:
72:eb:3b:d8:80:50:90:b6:6a:d8:02:9b:8a:24:48:fe:14:1d:
09:ad:c2:f0:b0:86:c6:87:27:e2:54:95:8d:6d:f6:ad:f4:a3:
f1:47:e4:29:81:02:02:6e:13:c7:99:56:12:d8:a8:ed:b9:81:
f4:48:88:d8:20:88:4f:95:3e:af:d1:7a:f1:ee:a1:14:0c:91:
60:e0:c8:1c:64:7a:20:4e:ac:07:21:da:7e:2b:38:ea:68:04:
2b:cc:c3:79:d5:01:a5:e4:e1:c6:8f:8c:5a:b7:1d:34:79:8e:
4a:e4:4f:9c:e0:b3:bf:da:ec:81:bf:cb:49:72:1f:52:4b:7c:
30:17:5f:8b:a7:2f:9e:27:bc:92:13:94:b5:c5:7e:65:98:f8:
f6:da:ea:6b:db:06:e1:64:2f:b4:08:f3:47:32:4c:6b:48:68:
08:51:05:ab:5d:3c:12:0f:55:77:fd:ab:ef:43:ed:02:2c:e4:
de:58:22:a2:5e:79:35:87:fd:98:e3:ef:49:c7:3c:f1:c2:d4:
a3:ee:40:17:c2:ee:b7:9b:a9:eb:5f:46:6e:2e:3e:05:70:b5:
0d:f6:bf:f2:2f:62:d7:3e:e8:77:ef:1b:af:b7:ee:f7:11:b4:
f7:44:cb:50
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIURMB70TQeynfHJ6c9TVlKPdVFVu0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MDkxMDI1MTVaFw0yNzA0MDgxMDMwMTVaMDMxMTAvBgNV
BAMTKDZEQUU4MzJEMDc5N0EwQjJFMzhDQkRBMTRFODE5MEYxMEQ0NkFGQjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7akS7z83QhRH6GwQmveafWB1f
8IeoLBIJbHUXStA4B/4E/tfwEkii03uTaza5ReKzydSa6BNLloimnN0q6v63g0iy
QoDeN9O0QPdFZWozrXYI6CFwFYEP5axBokk5v6io2ufyhc/w3asmbLkE1ACEhRlg
l+Uw0GZTTh1C0lqOGUs2cPb6KMyRvO2adt9ayEqAbjp3eQMH9UyelZsfD0H/G14x
qYpf6+n94FWC2B35PptIJgIRkyi5YqKFBaydu3UdUPNo1JeM5bSzjPBSK7SNCuZa
1dlhg2Or3SJE/mhHEl5RyYp0JZowpd6tFXbSR8cDsgbzt4U6LecPC6+1P2SzAgMB
AAGjggKLMIIChzAdBgNVHQ4EFgQUba6DLQeXoLLjjL2hToGQ8Q1Gr7AwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1Mjk0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDBlBAIAATBfMAwD
BAFSJ0IDBABSJ1AwCwMEAVIp9gMDAVIoMAwDBABSLwMDBABSLwoDBACyUwQDBACy
UwsDBACyUxMDBACyUxsDBACyUyYDBACyUzQDBACyU0MDBACyU1sDBACyU3YwIwQC
AAIwHQMHACoTlQABFTASAwcAKhOVAAEjAwcBKhOVAAEkMA0GCSqGSIb3DQEBCwUA
A4IBAQCIvvblvfO98/ytYiKYjWHbUw1y6zvYgFCQtmrYApuKJEj+FB0JrcLwsIbG
hyfiVJWNbfat9KPxR+QpgQICbhPHmVYS2KjtuYH0SIjYIIhPlT6v0Xrx7qEUDJFg
4MgcZHogTqwHIdp+KzjqaAQrzMN51QGl5OHGj4xatx00eY5K5E+c4LO/2uyBv8tJ
ch9SS3wwF1+Lpy+eJ7ySE5S1xX5lmPj22upr2wbhZC+0CPNHMkxrSGgIUQWrXTwS
D1V3/avvQ+0CLOTeWCKiXnk1h/2Y4+9JxzzxwtSj7kAXwu63m6nrX0ZuLj4FcLUN
9r/yL2LXPuh37xuvt+73EbT3RMtQ
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:54:26 2026 by rpki-client