Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215727.roa
File: AS215727.roa (raw, json)
Hash identifier: PZIQ/l0vB1dTQ/eL6sN1n8G80NSgQwEMUKzsIVlG5XI=
Subject key identifier: 06:B0:F2:74:E4:B2:41:D1:FA:66:39:62:FB:F9:A4:1A:29:89:F6:96
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2A046025F8DEA0E3FDEA24E581176ABB5B3605B7
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215727.roa
Signing time: Wed 11 Jun 2025 00:00:08 +0000
ROA not before: Tue 10 Jun 2025 23:55:08 +0000
ROA not after: Wed 10 Jun 2026 00:00:08 +0000
asID: 215727
IP address blocks: 82.21.150.0/24 maxlen: 24
82.21.169.0/24 maxlen: 24
82.22.171.0/24 maxlen: 24
82.22.175.0/24 maxlen: 24
82.23.134.0/24 maxlen: 24
82.23.135.0/24 maxlen: 24
82.24.8.0/24 maxlen: 24
82.24.25.0/24 maxlen: 24
82.24.105.0/24 maxlen: 24
82.24.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:04:60:25:f8:de:a0:e3:fd:ea:24:e5:81:17:6a:bb:5b:36:05:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 10 23:55:08 2025 GMT
Not After : Jun 10 00:00:08 2026 GMT
Subject: CN=06B0F274E4B241D1FA663962FBF9A41A2989F696
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:cc:64:cb:29:e5:d6:b5:e7:57:2d:b4:fc:97:
3c:cc:57:86:aa:13:61:6f:3a:a5:67:9e:9a:42:0a:
63:96:1f:20:7c:3e:15:44:90:fc:f0:39:62:f2:3d:
8f:5a:1b:e6:8d:7a:73:5c:57:02:5f:56:c2:bb:80:
54:44:e6:f5:c7:b8:a2:96:26:0c:b3:01:c4:45:e5:
45:36:aa:c0:a8:44:b3:85:6a:b7:12:21:59:46:c9:
2a:43:e5:70:99:8f:da:29:30:98:1c:41:74:65:1f:
87:94:d8:31:3f:c4:a0:ad:e0:82:66:d1:24:45:c8:
d7:19:80:7c:32:ed:e7:1b:d2:17:9e:89:cc:66:e9:
ec:ea:71:0d:90:12:18:36:b1:ad:8c:9a:0f:cb:bb:
c9:35:eb:21:c3:45:67:b7:c5:02:7c:e3:f3:4d:a7:
82:99:96:a5:ab:ec:b0:89:e9:10:6e:8e:eb:09:8f:
c2:57:de:8a:34:9a:e8:98:38:e9:ca:7e:99:13:e6:
4e:57:21:3f:0d:63:c0:4d:be:8d:0b:30:98:08:b2:
ee:49:cb:49:a5:03:ad:15:5a:57:0c:65:99:04:46:
9c:6c:67:12:8a:2b:7d:67:ca:99:5a:ac:bd:62:4d:
e5:7e:ed:76:c2:93:f2:36:e3:0d:55:1e:fb:f2:21:
48:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B0:F2:74:E4:B2:41:D1:FA:66:39:62:FB:F9:A4:1A:29:89:F6:96
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215727.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.150.0/24
82.21.169.0/24
82.22.171.0/24
82.22.175.0/24
82.23.134.0/23
82.24.8.0/24
82.24.25.0/24
82.24.105.0/24
82.24.175.0/24
Signature Algorithm: sha256WithRSAEncryption
31:2a:1a:44:92:18:5b:88:90:55:f4:68:09:78:88:58:44:0b:
43:7a:77:3b:cc:f7:10:eb:9d:c4:9c:17:38:bc:f3:ef:9c:9f:
91:fe:e5:c9:e8:af:5d:a0:6f:50:0e:23:73:17:b8:a0:d8:ae:
67:e1:e1:1b:93:05:65:84:72:7a:65:83:c2:ac:8c:0e:41:8b:
84:6a:70:5f:fb:27:af:1f:9a:a4:18:94:66:c2:a2:33:9d:bd:
4c:c1:9a:f6:b8:9f:0d:1c:da:1b:a8:40:32:b4:24:5a:67:93:
a8:44:c9:93:14:c7:ab:e0:6d:41:ea:58:00:fb:81:35:69:26:
ed:93:6b:03:fb:9d:8d:59:73:4b:e6:d2:a3:55:ee:62:19:b0:
9f:4a:1e:1a:04:71:ea:c4:e1:b2:f3:d4:45:33:ff:d3:19:b9:
ea:e2:b0:5c:4c:a4:42:d6:3c:46:14:28:49:c2:fa:e9:48:29:
35:d6:8e:91:52:07:8f:31:bb:92:71:ba:2f:e4:bf:c9:62:f9:
b2:36:ed:71:9b:dd:c3:b6:35:b4:e3:4a:b7:8c:0b:2d:76:49:
55:7d:46:69:99:8c:08:de:a6:f4:de:6a:5e:02:0e:19:be:05:
53:0d:36:1b:60:f1:35:53:37:d2:78:3d:b5:0d:4c:cc:29:6c:
21:a1:d6:91
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIUKgRgJfjeoOP96iTlgRdqu1s2BbcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MTAyMzU1MDhaFw0yNjA2MTAwMDAwMDhaMDMxMTAvBgNV
BAMTKDA2QjBGMjc0RTRCMjQxRDFGQTY2Mzk2MkZCRjlBNDFBMjk4OUY2OTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJzGTLKeXWtedXLbT8lzzMV4aq
E2FvOqVnnppCCmOWHyB8PhVEkPzwOWLyPY9aG+aNenNcVwJfVsK7gFRE5vXHuKKW
JgyzAcRF5UU2qsCoRLOFarcSIVlGySpD5XCZj9opMJgcQXRlH4eU2DE/xKCt4IJm
0SRFyNcZgHwy7ecb0heeicxm6ezqcQ2QEhg2sa2Mmg/Lu8k16yHDRWe3xQJ84/NN
p4KZlqWr7LCJ6RBujusJj8JX3oo0muiYOOnKfpkT5k5XIT8NY8BNvo0LMJgIsu5J
y0mlA60VWlcMZZkERpxsZxKKK31nyplarL1iTeV+7XbCk/I24w1VHvvyIUiTAgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQUBrDydOSyQdH6Zjli+/mkGimJ9pYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1NzI3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAUhWW
AwQAUhWpAwQAUharAwQAUhavAwQBUheGAwQAUhgIAwQAUhgZAwQAUhhpAwQAUhiv
MA0GCSqGSIb3DQEBCwUAA4IBAQAxKhpEkhhbiJBV9GgJeIhYRAtDenc7zPcQ653E
nBc4vPPvnJ+R/uXJ6K9doG9QDiNzF7ig2K5n4eEbkwVlhHJ6ZYPCrIwOQYuEanBf
+yevH5qkGJRmwqIznb1MwZr2uJ8NHNobqEAytCRaZ5OoRMmTFMer4G1B6lgA+4E1
aSbtk2sD+52NWXNL5tKjVe5iGbCfSh4aBHHqxOGy89RFM//TGbnq4rBcTKRC1jxG
FChJwvrpSCk11o6RUgePMbuScbov5L/JYvmyNu1xm93DtjW040q3jAstdklVfUZp
mYwI3qb03mpeAg4ZvgVTDTYbYPE1UzfSeD21DUzMKWwhodaR
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:04 2025 by rpki-client