Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS215379.roa
File: AS215379.roa (raw, json)
Hash identifier: GAFtB4QytCwfUqxlxUG8h0WDn8d4+ES8YIvhyl5/cdg=
Subject key identifier: 66:B2:97:AA:41:41:54:B0:B4:88:25:BD:B2:FB:BC:E4:78:95:9F:70
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 79B9BC6148BEBAC2B0BADDABA71F892AE4BFE18A
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS215379.roa
Signing time: Sun 22 Feb 2026 14:28:21 +0000
ROA not before: Sun 22 Feb 2026 14:23:21 +0000
ROA not after: Sun 21 Feb 2027 14:28:21 +0000
asID: 215379
IP address blocks: 2a14:7580:ff0f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:b9:bc:61:48:be:ba:c2:b0:ba:dd:ab:a7:1f:89:2a:e4:bf:e1:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Feb 22 14:23:21 2026 GMT
Not After : Feb 21 14:28:21 2027 GMT
Subject: CN=66B297AA414154B0B48825BDB2FBBCE478959F70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:04:56:29:3c:67:64:76:64:56:e6:c2:4f:fd:
42:5b:e3:10:81:6d:ad:4d:b9:30:06:ca:04:a4:7d:
56:66:cf:19:8c:5e:07:1d:03:bd:c2:1f:ea:5d:62:
18:20:cf:f8:0a:dd:8d:8c:a8:e5:d7:03:f6:3d:24:
01:5b:70:d0:c3:a2:d9:4a:68:5f:5b:5a:70:63:02:
8b:f2:a3:6b:9d:dc:fb:5b:a2:c2:90:9b:88:22:9a:
3a:be:ad:95:fc:cd:57:da:83:43:0f:07:24:16:90:
39:67:e0:93:f4:3d:84:06:65:7e:b7:5d:c7:66:bf:
76:f5:09:44:2c:fa:f3:d5:b9:64:52:84:3c:5d:06:
6c:0e:ad:01:e4:24:da:64:6b:dc:3d:ea:a0:9e:90:
e8:ab:1f:b7:1f:26:6e:ff:b3:c9:bf:3d:f3:6a:a3:
eb:eb:24:3b:d9:d6:05:13:41:5b:73:c0:47:e7:f5:
a6:3a:e1:6d:30:02:7e:c0:5a:74:3f:4d:64:b5:a8:
0e:5f:b7:a0:a1:d8:f9:cb:7e:6a:45:ef:21:ab:16:
ff:6e:c8:06:bf:3a:02:5a:ed:68:7b:d6:be:08:1e:
84:b4:0a:51:bc:ee:78:c8:29:f9:53:1c:fb:20:02:
9f:01:db:ce:0c:18:e0:05:8a:37:c6:03:5d:a1:88:
09:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:B2:97:AA:41:41:54:B0:B4:88:25:BD:B2:FB:BC:E4:78:95:9F:70
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS215379.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:ff0f::/48
Signature Algorithm: sha256WithRSAEncryption
9b:45:e0:7f:16:bf:6d:0e:a7:3c:58:0f:6b:ca:61:26:55:0e:
03:2e:45:f2:35:cb:b5:ba:96:3e:ec:34:d1:8d:cc:12:78:66:
d1:2f:10:b0:ea:30:79:be:c6:f8:c0:ce:4c:a9:bb:2b:aa:71:
95:f5:5b:d4:be:fa:91:15:3b:25:0b:4f:0d:16:3c:82:0a:59:
d5:03:e7:a0:02:0b:b8:0a:92:e6:e3:f8:43:42:f9:c2:12:bc:
17:4c:30:56:a8:fb:1a:d4:dd:a9:1f:22:b5:0d:4a:1e:54:52:
40:76:2d:c2:18:6e:14:6c:4b:b3:1b:6b:18:b0:51:5a:7b:7d:
d4:55:dc:a8:95:72:f5:7a:92:71:fb:06:f3:2f:84:89:65:39:
63:05:95:6f:38:c2:cf:54:5d:7c:07:a4:9e:ce:5d:6b:79:7a:
38:03:3b:a2:21:c4:cf:cc:91:35:11:e6:97:e4:3c:ae:39:52:
3d:8c:6b:34:ef:70:e4:a4:3f:26:53:f7:3d:05:4a:36:61:96:
42:54:98:b4:5f:89:07:41:f5:8b:a2:14:f2:15:74:ce:3c:d1:
f4:ca:5d:8a:57:fb:7d:52:00:e7:c7:da:37:2b:26:11:6d:99:
25:80:2b:cd:2f:21:fd:df:79:2a:53:0b:32:8b:7a:9a:0a:65:
88:e5:a6:bd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUebm8YUi+usKwut2rpx+JKuS/4YowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjAyMjIxNDIzMjFaFw0yNzAyMjExNDI4MjFaMDMxMTAvBgNV
BAMTKDY2QjI5N0FBNDE0MTU0QjBCNDg4MjVCREIyRkJCQ0U0Nzg5NTlGNzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDBFYpPGdkdmRW5sJP/UJb4xCB
ba1NuTAGygSkfVZmzxmMXgcdA73CH+pdYhggz/gK3Y2MqOXXA/Y9JAFbcNDDotlK
aF9bWnBjAovyo2ud3PtbosKQm4gimjq+rZX8zVfag0MPByQWkDln4JP0PYQGZX63
Xcdmv3b1CUQs+vPVuWRShDxdBmwOrQHkJNpka9w96qCekOirH7cfJm7/s8m/PfNq
o+vrJDvZ1gUTQVtzwEfn9aY64W0wAn7AWnQ/TWS1qA5ft6Ch2PnLfmpF7yGrFv9u
yAa/OgJa7Wh71r4IHoS0ClG87njIKflTHPsgAp8B284MGOAFijfGA12hiAmzAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUZrKXqkFBVLC0iCW9svu85HiVn3AwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjE1Mzc5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1
gP8PMA0GCSqGSIb3DQEBCwUAA4IBAQCbReB/Fr9tDqc8WA9rymEmVQ4DLkXyNcu1
upY+7DTRjcwSeGbRLxCw6jB5vsb4wM5MqbsrqnGV9VvUvvqRFTslC08NFjyCClnV
A+egAgu4CpLm4/hDQvnCErwXTDBWqPsa1N2pHyK1DUoeVFJAdi3CGG4UbEuzG2sY
sFFae33UVdyolXL1epJx+wbzL4SJZTljBZVvOMLPVF18B6Sezl1reXo4AzuiIcTP
zJE1EeaX5DyuOVI9jGs073DkpD8mU/c9BUo2YZZCVJi0X4kHQfWLohTyFXTOPNH0
yl2KV/t9UgDnx9o3KyYRbZklgCvNLyH933kqUwsyi3qaCmWI5aa9
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:47:32 2026 by rpki-client