Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215955.roa
File: AS215955.roa (raw, json)
Hash identifier: IfmiThIT9T44c0yopW9XLbc7WOCcfLk34RdqlRohDjI=
Subject key identifier: A7:0E:06:07:0D:FA:29:9A:2A:F0:66:FF:4C:F6:1B:02:DC:73:26:AD
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 768C01DF7CA8C6FB63DF40F9EE71DF1BCDAEB3EE
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215955.roa
Signing time: Thu 19 Feb 2026 09:59:55 +0000
ROA not before: Thu 19 Feb 2026 09:54:55 +0000
ROA not after: Thu 18 Feb 2027 09:59:55 +0000
asID: 215955
IP address blocks: 82.21.199.0/24 maxlen: 24
82.29.110.0/24 maxlen: 24
82.29.111.0/24 maxlen: 24
82.39.149.0/24 maxlen: 24
2a13:9500:ed::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:8c:01:df:7c:a8:c6:fb:63:df:40:f9:ee:71:df:1b:cd:ae:b3:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 19 09:54:55 2026 GMT
Not After : Feb 18 09:59:55 2027 GMT
Subject: CN=A70E06070DFA299A2AF066FF4CF61B02DC7326AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:20:e0:7a:3e:9a:a0:1a:b3:51:d3:3b:ff:17:
f8:17:9c:47:4a:9e:e6:ce:19:81:e2:47:8b:aa:63:
0c:47:50:66:7e:35:e3:29:07:f9:02:15:22:72:ce:
fb:63:1b:b0:d2:d6:d1:dc:6c:d1:28:f5:83:be:65:
f0:c6:e6:31:a5:92:30:62:2d:cd:6a:4d:e4:01:d0:
14:05:7e:c0:6f:d7:e3:c9:2a:8c:22:a9:31:65:80:
a2:8d:db:02:47:06:b0:81:bf:b5:4d:1b:c7:68:14:
a0:7d:f5:34:8d:63:d8:b2:9a:59:04:5f:e3:0c:69:
0d:c7:d3:27:42:1a:ad:c1:3d:7e:7b:77:37:fa:58:
b2:66:5e:48:d8:d9:4d:46:0c:94:96:fe:b4:d9:ee:
38:3b:65:ca:70:69:88:cf:30:92:27:34:77:6c:72:
17:5d:d7:61:24:b3:cd:47:b9:83:96:f2:33:6f:63:
d6:21:f0:ac:f4:84:0b:41:ff:75:2b:cc:ae:0d:e4:
d8:d6:e4:95:7a:2f:ee:f6:8d:e2:ee:01:cc:0b:c9:
f5:04:de:33:55:42:4a:9f:db:1e:1e:93:b9:b7:1b:
f0:17:46:0f:17:1d:2d:6d:b1:36:c1:ff:76:06:3c:
1d:93:4d:75:d8:3a:4d:c4:20:b5:8d:d6:11:48:30:
93:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:0E:06:07:0D:FA:29:9A:2A:F0:66:FF:4C:F6:1B:02:DC:73:26:AD
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215955.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.199.0/24
82.29.110.0/23
82.39.149.0/24
IPv6:
2a13:9500:ed::/48
Signature Algorithm: sha256WithRSAEncryption
6c:6b:19:01:6e:21:8d:84:94:fc:7f:51:32:b5:cd:d1:83:7a:
f9:39:9a:5e:98:60:72:a7:1e:7d:55:75:df:ad:4b:f7:90:5f:
fc:0f:65:7d:71:fa:52:0c:56:1f:93:d8:55:db:46:17:7a:a6:
48:1a:50:0f:6f:8e:ac:07:5d:4e:1f:87:e7:9c:86:3a:a2:cd:
ff:95:54:71:ac:8d:ea:31:a1:0e:58:fc:82:d5:15:6e:4c:b4:
fb:a3:db:87:95:79:2d:bc:c6:4d:b8:d8:d3:18:9f:c3:57:5c:
b1:b2:9f:eb:89:94:1b:ba:ff:5d:6d:7c:33:5c:0d:60:0a:fe:
c3:fa:ec:0f:8c:85:5a:b2:10:bb:c3:3d:ad:6e:b6:71:16:64:
56:0e:a6:6f:ea:de:23:68:c4:ea:e3:8c:43:85:4b:c3:a6:77:
5e:b4:af:03:20:bc:d9:48:77:34:ee:7f:02:b6:cb:26:34:b7:
7a:80:1f:d5:d3:ea:d9:0b:31:ae:7f:63:d5:36:bc:87:10:ba:
0b:b7:b4:45:f9:8e:11:cc:f6:86:f7:66:41:a9:02:91:07:55:
0f:c9:bb:b5:07:38:e4:76:47:bc:f2:1d:84:7e:a8:3b:12:3e:
dc:07:12:d9:87:c9:ae:88:7c:da:52:81:2d:76:fc:6f:48:dc:
d8:04:10:ee
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUdowB33yoxvtj30D57nHfG82us+4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAyMTkwOTU0NTVaFw0yNzAyMTgwOTU5NTVaMDMxMTAvBgNV
BAMTKEE3MEUwNjA3MERGQTI5OUEyQUYwNjZGRjRDRjYxQjAyREM3MzI2QUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4IOB6PpqgGrNR0zv/F/gXnEdK
nubOGYHiR4uqYwxHUGZ+NeMpB/kCFSJyzvtjG7DS1tHcbNEo9YO+ZfDG5jGlkjBi
Lc1qTeQB0BQFfsBv1+PJKowiqTFlgKKN2wJHBrCBv7VNG8doFKB99TSNY9iymlkE
X+MMaQ3H0ydCGq3BPX57dzf6WLJmXkjY2U1GDJSW/rTZ7jg7ZcpwaYjPMJInNHds
chdd12Eks81HuYOW8jNvY9Yh8Kz0hAtB/3UrzK4N5NjW5JV6L+72jeLuAcwLyfUE
3jNVQkqf2x4ek7m3G/AXRg8XHS1tsTbB/3YGPB2TTXXYOk3EILWN1hFIMJMPAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUpw4GBw36KZoq8Gb/TPYbAtxzJq0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1OTU1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAUhXH
AwQBUh1uAwQAUieVMA8EAgACMAkDBwAqE5UAAO0wDQYJKoZIhvcNAQELBQADggEB
AGxrGQFuIY2ElPx/UTK1zdGDevk5ml6YYHKnHn1Vdd+tS/eQX/wPZX1x+lIMVh+T
2FXbRhd6pkgaUA9vjqwHXU4fh+echjqizf+VVHGsjeoxoQ5Y/ILVFW5MtPuj24eV
eS28xk242NMYn8NXXLGyn+uJlBu6/11tfDNcDWAK/sP67A+MhVqyELvDPa1utnEW
ZFYOpm/q3iNoxOrjjEOFS8Omd160rwMgvNlIdzTufwK2yyY0t3qAH9XT6tkLMa5/
Y9U2vIcQugu3tEX5jhHM9ob3ZkGpApEHVQ/Ju7UHOOR2R7zyHYR+qDsSPtwHEtmH
ya6IfNpSgS12/G9I3NgEEO4=
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:13:15 2026 by rpki-client