Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215703.roa
File: AS215703.roa (raw, json)
Hash identifier: MomkZDztC+aGXAOA8DaDkFlb3cBXjuFWATWf8D209TY=
Subject key identifier: CD:80:77:2C:3C:A0:C1:17:6B:A7:29:71:EF:20:45:41:41:F3:9D:A3
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7E17CD1DC0BE1FA48100D5785C87C15A5EF99641
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215703.roa
Signing time: Sat 11 Apr 2026 11:33:01 +0000
ROA not before: Sat 11 Apr 2026 11:28:01 +0000
ROA not after: Sat 10 Apr 2027 11:33:01 +0000
asID: 215703
IP address blocks: 82.22.23.0/24 maxlen: 24
82.22.174.0/24 maxlen: 24
82.22.184.0/24 maxlen: 24
82.23.183.0/24 maxlen: 24
82.27.2.0/24 maxlen: 24
82.29.1.0/24 maxlen: 24
82.38.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 20:34:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:17:cd:1d:c0:be:1f:a4:81:00:d5:78:5c:87:c1:5a:5e:f9:96:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 11 11:28:01 2026 GMT
Not After : Apr 10 11:33:01 2027 GMT
Subject: CN=CD80772C3CA0C1176BA72971EF20454141F39DA3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:53:a8:fd:65:b3:8b:8a:4c:9b:e4:6d:0a:23:
22:a5:62:50:21:64:da:a6:75:71:77:df:bf:3f:e1:
45:9e:97:89:78:bf:1d:6c:66:e9:d2:72:bf:69:76:
d4:90:54:21:8b:b2:00:05:d5:1d:47:4b:1d:b0:a6:
ec:e9:5a:c0:15:e4:a1:dc:a4:75:07:3f:a8:f4:84:
9f:89:23:fa:79:0b:c6:8a:58:94:6c:c6:81:c0:47:
c4:98:dc:94:b6:b5:b8:c1:96:30:0e:9f:35:86:21:
9c:50:50:be:d2:cd:78:cd:5f:b0:1e:31:da:14:39:
1d:cd:71:3e:9a:1e:ca:32:eb:46:4d:15:af:8e:ff:
21:7a:e6:af:ce:1b:b0:42:a1:88:86:31:a1:37:10:
c9:72:c8:a3:a6:8d:c5:12:80:a1:63:da:30:ba:8c:
db:3e:45:54:60:5e:61:52:bb:a5:0c:1c:fe:bc:25:
24:95:0c:0d:1b:74:85:04:7c:ea:6d:e3:c3:54:d4:
ea:d6:56:c9:a8:75:29:ea:14:8a:f5:70:cd:92:ba:
c9:b3:67:7a:37:ba:95:9b:c7:7b:d0:dd:6a:dd:9d:
8e:cc:d3:e6:18:a3:05:26:70:9b:ca:f6:30:1b:1a:
aa:ab:fb:9f:5a:7e:b9:73:8e:2b:8c:d7:26:0c:33:
2d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:80:77:2C:3C:A0:C1:17:6B:A7:29:71:EF:20:45:41:41:F3:9D:A3
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215703.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.23.0/24
82.22.174.0/24
82.22.184.0/24
82.23.183.0/24
82.27.2.0/24
82.29.1.0/24
82.38.148.0/24
Signature Algorithm: sha256WithRSAEncryption
68:5d:ef:97:ff:e3:06:df:e9:b6:af:8a:d3:eb:de:e1:67:6c:
9c:58:93:26:29:3b:4a:42:47:25:2c:a7:e7:ad:0c:17:e4:fb:
bb:6c:40:cc:e7:e4:ba:ea:f6:c7:12:f0:a7:2f:c4:bf:61:6a:
9c:60:6c:71:42:1e:4f:de:a3:38:fc:a6:b4:67:e0:7c:0a:7b:
ac:23:57:33:da:f6:49:fe:ac:27:56:65:f9:f0:08:d8:9f:1e:
ac:3a:8d:4d:22:d6:d7:69:d6:cb:c5:8f:7a:1a:34:c8:ae:67:
a4:34:b1:fd:0b:f6:b5:c4:22:7d:a2:0e:92:a5:d7:27:9f:d6:
ec:cd:3a:6e:ea:f9:e4:09:00:04:b0:1a:2e:67:ef:7c:e9:11:
a8:66:df:8c:ae:11:cc:5d:e8:c8:68:57:e0:b2:ad:5a:f7:97:
d2:e7:07:d2:1f:1c:de:75:a7:94:40:d7:a3:78:c7:4b:d6:c5:
12:f4:cd:4f:2e:47:2b:b6:38:73:fa:ff:1d:fc:b2:cb:44:af:
58:7f:7e:5d:4a:17:c7:20:15:99:ed:87:65:dd:7f:c3:2a:80:
cb:03:4a:7b:92:11:3c:a5:a7:37:08:e7:53:b8:1d:96:f0:c3:
8f:30:7c:ac:04:1e:48:0d:f5:c4:99:79:ff:19:7a:4b:21:a5:
30:be:11:c2
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUfhfNHcC+H6SBANV4XIfBWl75lkEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MTExMTI4MDFaFw0yNzA0MTAxMTMzMDFaMDMxMTAvBgNV
BAMTKENEODA3NzJDM0NBMEMxMTc2QkE3Mjk3MUVGMjA0NTQxNDFGMzlEQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfU6j9ZbOLikyb5G0KIyKlYlAh
ZNqmdXF3378/4UWel4l4vx1sZunScr9pdtSQVCGLsgAF1R1HSx2wpuzpWsAV5KHc
pHUHP6j0hJ+JI/p5C8aKWJRsxoHAR8SY3JS2tbjBljAOnzWGIZxQUL7SzXjNX7Ae
MdoUOR3NcT6aHsoy60ZNFa+O/yF65q/OG7BCoYiGMaE3EMlyyKOmjcUSgKFj2jC6
jNs+RVRgXmFSu6UMHP68JSSVDA0bdIUEfOpt48NU1OrWVsmodSnqFIr1cM2Susmz
Z3o3upWbx3vQ3WrdnY7M0+YYowUmcJvK9jAbGqqr+59afrlzjiuM1yYMMy1bAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUzYB3LDygwRdrpylx7yBFQUHznaMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1NzAzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUhYX
AwQAUhauAwQAUha4AwQAUhe3AwQAUhsCAwQAUh0BAwQAUiaUMA0GCSqGSIb3DQEB
CwUAA4IBAQBoXe+X/+MG3+m2r4rT697hZ2ycWJMmKTtKQkclLKfnrQwX5Pu7bEDM
5+S66vbHEvCnL8S/YWqcYGxxQh5P3qM4/Ka0Z+B8CnusI1cz2vZJ/qwnVmX58AjY
nx6sOo1NItbXadbLxY96GjTIrmekNLH9C/a1xCJ9og6Spdcnn9bszTpu6vnkCQAE
sBouZ+986RGoZt+MrhHMXejIaFfgsq1a95fS5wfSHxzedaeUQNejeMdL1sUS9M1P
Lkcrtjhz+v8d/LLLRK9Yf35dShfHIBWZ7Ydl3X/DKoDLA0p7khE8pac3COdTuB2W
8MOPMHysBB5IDfXEmXn/GXpLIaUwvhHC
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:32:57 2026 by rpki-client