Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215703.roa
File: AS215703.roa (raw, json)
Hash identifier: s0unxINO+iIfMn+jFM9VY9KVNVclmlqvRhHuAxsZ6ME=
Subject key identifier: 38:7D:D3:BE:6F:F5:D2:61:0E:78:ED:EB:D7:9B:EC:91:CA:DC:A8:BC
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 569D14FBA4E09CC4DFFC40066F7492D354E31066
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215703.roa
Signing time: Mon 03 Nov 2025 19:58:05 +0000
ROA not before: Mon 03 Nov 2025 19:53:05 +0000
ROA not after: Mon 02 Nov 2026 19:58:05 +0000
asID: 215703
IP address blocks: 82.22.174.0/24 maxlen: 24
82.22.184.0/24 maxlen: 24
82.23.183.0/24 maxlen: 24
82.27.2.0/24 maxlen: 24
82.29.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:9d:14:fb:a4:e0:9c:c4:df:fc:40:06:6f:74:92:d3:54:e3:10:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Nov 3 19:53:05 2025 GMT
Not After : Nov 2 19:58:05 2026 GMT
Subject: CN=387DD3BE6FF5D2610E78EDEBD79BEC91CADCA8BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ed:dd:a3:ae:23:62:a6:6b:bb:12:99:39:f6:
63:75:31:e1:b7:bb:7d:e9:b6:a7:40:38:3b:78:4f:
a8:4a:ce:5e:5a:8e:fb:57:5a:31:af:15:2f:20:68:
53:c4:ba:23:b7:03:77:1a:6f:75:e3:5b:e6:a6:26:
b3:16:bb:c8:0b:17:6f:87:12:9a:89:f6:9d:15:be:
1d:af:1c:88:7e:8d:03:f5:14:27:dc:ab:ea:9e:12:
59:f3:3d:de:c7:61:e5:33:40:a3:df:ce:3a:2a:41:
1a:93:67:fe:bf:f5:3f:76:1c:dd:6d:4b:15:c4:63:
ef:56:83:5c:f3:a1:5a:ed:81:45:95:a3:e9:62:29:
33:2c:27:36:af:81:e7:6d:b0:3a:c7:97:b7:ec:ba:
35:a3:74:b0:3a:23:ac:30:29:fb:c2:f0:47:59:f3:
cc:6d:03:a4:96:c5:24:aa:df:43:5a:8b:0a:11:26:
13:4f:91:0c:fe:0d:85:fd:11:7a:7c:54:71:96:1e:
a3:89:ea:10:41:2b:54:01:91:08:f6:08:90:65:82:
45:da:71:dd:0c:9d:c4:fe:4c:0f:da:40:47:e0:b6:
ce:a4:eb:da:16:f0:96:27:db:20:fc:1e:b6:28:f4:
a9:f7:c5:5c:3d:5a:e7:04:14:f0:9f:80:15:07:43:
2d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:7D:D3:BE:6F:F5:D2:61:0E:78:ED:EB:D7:9B:EC:91:CA:DC:A8:BC
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215703.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.174.0/24
82.22.184.0/24
82.23.183.0/24
82.27.2.0/24
82.29.1.0/24
Signature Algorithm: sha256WithRSAEncryption
96:bf:66:bb:74:78:b3:12:b2:e9:34:7e:6f:b7:6d:96:d2:6f:
7f:9c:c0:69:79:48:f8:64:90:0c:84:f5:d4:6c:68:fa:e6:60:
f8:91:ca:64:f1:88:d9:ba:d5:6d:c8:38:38:8d:95:a4:19:b3:
9c:5e:c2:7c:78:72:b5:aa:a8:ca:dc:4c:83:0c:f1:d6:d8:fc:
f9:26:fa:51:fd:8c:e3:38:81:08:94:43:60:80:07:fc:57:9e:
6d:54:04:76:6c:ea:60:95:0d:ba:e6:70:43:92:7e:e1:08:6f:
94:05:38:a3:e0:38:ba:fc:f2:05:35:f1:41:94:aa:e7:3d:ed:
0b:2e:a8:27:a0:cb:c4:68:17:b1:17:48:e6:bf:6c:5f:30:d0:
c4:18:7f:36:60:de:22:21:c6:e3:e1:8d:18:75:f6:de:7d:b8:
ae:6a:17:18:81:e4:b5:74:e9:81:a1:3a:bd:44:a8:da:bd:16:
81:01:cb:d4:88:e2:8b:4d:33:b5:ac:78:19:03:8e:f1:bb:0c:
09:b9:7c:dc:fa:c4:fc:d1:79:83:8c:11:2d:e8:36:68:41:6d:
f0:ea:f5:a6:35:2f:d2:26:5f:11:ae:fd:44:2c:cd:c9:5e:8a:
40:7a:73:e4:64:34:6c:86:ab:68:ae:33:42:db:23:e2:94:37:
54:a8:c1:8d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUVp0U+6TgnMTf/EAGb3SS01TjEGYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTExMDMxOTUzMDVaFw0yNjExMDIxOTU4MDVaMDMxMTAvBgNV
BAMTKDM4N0REM0JFNkZGNUQyNjEwRTc4RURFQkQ3OUJFQzkxQ0FEQ0E4QkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH7d2jriNipmu7Epk59mN1MeG3
u33ptqdAODt4T6hKzl5ajvtXWjGvFS8gaFPEuiO3A3cab3XjW+amJrMWu8gLF2+H
EpqJ9p0Vvh2vHIh+jQP1FCfcq+qeElnzPd7HYeUzQKPfzjoqQRqTZ/6/9T92HN1t
SxXEY+9Wg1zzoVrtgUWVo+liKTMsJzavgedtsDrHl7fsujWjdLA6I6wwKfvC8EdZ
88xtA6SWxSSq30NaiwoRJhNPkQz+DYX9EXp8VHGWHqOJ6hBBK1QBkQj2CJBlgkXa
cd0MncT+TA/aQEfgts6k69oW8JYn2yD8HrYo9Kn3xVw9WucEFPCfgBUHQy0ZAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUOH3Tvm/10mEOeO3r15vskcrcqLwwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1NzAzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUhau
AwQAUha4AwQAUhe3AwQAUhsCAwQAUh0BMA0GCSqGSIb3DQEBCwUAA4IBAQCWv2a7
dHizErLpNH5vt22W0m9/nMBpeUj4ZJAMhPXUbGj65mD4kcpk8YjZutVtyDg4jZWk
GbOcXsJ8eHK1qqjK3EyDDPHW2Pz5JvpR/YzjOIEIlENggAf8V55tVAR2bOpglQ26
5nBDkn7hCG+UBTij4Di6/PIFNfFBlKrnPe0LLqgnoMvEaBexF0jmv2xfMNDEGH82
YN4iIcbj4Y0YdfbefbiuahcYgeS1dOmBoTq9RKjavRaBAcvUiOKLTTO1rHgZA47x
uwwJuXzc+sT80XmDjBEt6DZoQW3w6vWmNS/SJl8Rrv1ELM3JXopAenPkZDRshqto
rjNC2yPilDdUqMGN
-----END CERTIFICATE-----
Generated at Wed Nov 5 06:26:18 2025 by rpki-client