Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS215152.roa
File: AS215152.roa (raw, json)
Hash identifier: DrMtReVObgvzv1dD2kgu3x255lwjHSmMjz+g9FrfDDY=
Subject key identifier: E4:15:86:42:16:22:F1:7A:30:BC:69:09:D4:97:0E:E4:89:5B:B9:E0
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 350A23C261981E158029A586120F4C9EAA61D5D1
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS215152.roa
Signing time: Sat 13 Jun 2026 06:02:34 +0000
ROA not before: Sat 13 Jun 2026 05:57:34 +0000
ROA not after: Sat 12 Jun 2027 06:02:34 +0000
asID: 215152
IP address blocks: 51.146.4.0/24 maxlen: 24
51.146.15.0/24 maxlen: 24
51.146.17.0/24 maxlen: 24
51.146.19.0/24 maxlen: 24
51.146.72.0/24 maxlen: 24
51.146.74.0/24 maxlen: 24
51.146.86.0/24 maxlen: 24
51.146.96.0/24 maxlen: 24
51.146.97.0/24 maxlen: 24
51.146.99.0/24 maxlen: 24
51.146.102.0/24 maxlen: 24
51.146.103.0/24 maxlen: 24
51.146.104.0/24 maxlen: 24
51.146.106.0/24 maxlen: 24
51.146.110.0/24 maxlen: 24
51.146.115.0/24 maxlen: 24
51.146.124.0/24 maxlen: 24
51.146.125.0/24 maxlen: 24
51.146.240.0/24 maxlen: 24
51.146.246.0/24 maxlen: 24
51.194.53.0/24 maxlen: 24
51.241.126.0/24 maxlen: 24
51.241.145.0/24 maxlen: 24
51.241.167.0/24 maxlen: 24
51.241.196.0/24 maxlen: 24
51.241.197.0/24 maxlen: 24
51.241.203.0/24 maxlen: 24
51.241.208.0/24 maxlen: 24
51.241.211.0/24 maxlen: 24
51.241.232.0/24 maxlen: 24
51.241.233.0/24 maxlen: 24
51.241.234.0/24 maxlen: 24
51.241.237.0/24 maxlen: 24
51.241.252.0/24 maxlen: 24
51.241.253.0/24 maxlen: 24
51.241.254.0/24 maxlen: 24
188.220.17.0/24 maxlen: 24
188.220.50.0/24 maxlen: 24
188.220.94.0/24 maxlen: 24
188.220.102.0/24 maxlen: 24
188.220.128.0/24 maxlen: 24
188.220.132.0/24 maxlen: 24
188.220.151.0/24 maxlen: 24
188.220.153.0/24 maxlen: 24
188.220.156.0/24 maxlen: 24
188.220.223.0/24 maxlen: 24
188.220.226.0/24 maxlen: 24
188.220.231.0/24 maxlen: 24
188.220.233.0/24 maxlen: 24
188.221.8.0/24 maxlen: 24
188.221.30.0/24 maxlen: 24
188.221.33.0/24 maxlen: 24
188.221.52.0/24 maxlen: 24
188.221.83.0/24 maxlen: 24
188.221.106.0/24 maxlen: 24
188.221.108.0/24 maxlen: 24
188.221.114.0/24 maxlen: 24
188.221.115.0/24 maxlen: 24
188.221.131.0/24 maxlen: 24
188.221.133.0/24 maxlen: 24
188.221.145.0/24 maxlen: 24
188.221.148.0/24 maxlen: 24
188.221.158.0/24 maxlen: 24
188.221.165.0/24 maxlen: 24
188.221.182.0/24 maxlen: 24
188.221.183.0/24 maxlen: 24
188.221.194.0/24 maxlen: 24
188.221.209.0/24 maxlen: 24
188.221.220.0/24 maxlen: 24
188.221.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:0a:23:c2:61:98:1e:15:80:29:a5:86:12:0f:4c:9e:aa:61:d5:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Jun 13 05:57:34 2026 GMT
Not After : Jun 12 06:02:34 2027 GMT
Subject: CN=E41586421622F17A30BC6909D4970EE4895BB9E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:0f:5a:40:55:99:f2:2c:94:f2:4b:6a:6b:58:
f9:80:3f:68:f0:1f:42:de:af:87:13:ba:83:56:a4:
01:9e:00:8a:ee:27:3a:18:6d:e2:28:c9:26:9f:ab:
31:25:c6:4c:59:28:26:45:36:1e:1c:d6:7b:f5:d0:
54:59:d7:73:a5:be:aa:8f:02:b2:08:a9:60:8c:3c:
3f:82:0c:6c:c3:86:fa:05:05:0f:ec:7d:05:34:d4:
6b:98:d4:d1:e3:16:d7:f0:8a:fc:35:b2:9a:3d:1e:
39:10:de:df:cf:26:c1:97:3e:9e:d4:af:71:46:a6:
a4:e1:60:d7:9f:a4:fd:f1:8c:51:45:84:03:07:3a:
b0:d8:05:38:11:fd:69:4c:ee:ad:87:95:68:96:fa:
f4:27:40:53:25:57:33:de:a2:e3:72:25:07:7a:53:
df:a7:3d:dc:f7:e1:e0:4e:dc:dc:17:21:c5:b0:a4:
8d:42:07:cf:8e:9f:22:b6:a8:2b:c6:88:3d:e6:52:
41:a7:bf:d6:26:87:c8:35:5b:14:50:fc:18:08:37:
3f:26:57:bc:f6:6d:a9:cf:42:89:c7:d4:d2:7d:0a:
eb:70:52:bf:86:ad:f7:2f:5e:fc:7b:ba:9a:e5:98:
0b:ce:54:fd:19:31:4a:72:6f:98:02:f1:12:cd:56:
6b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:15:86:42:16:22:F1:7A:30:BC:69:09:D4:97:0E:E4:89:5B:B9:E0
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS215152.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.146.4.0/24
51.146.15.0/24
51.146.17.0/24
51.146.19.0/24
51.146.72.0/24
51.146.74.0/24
51.146.86.0/24
51.146.96.0/23
51.146.99.0/24
51.146.102.0-51.146.104.255
51.146.106.0/24
51.146.110.0/24
51.146.115.0/24
51.146.124.0/23
51.146.240.0/24
51.146.246.0/24
51.194.53.0/24
51.241.126.0/24
51.241.145.0/24
51.241.167.0/24
51.241.196.0/23
51.241.203.0/24
51.241.208.0/24
51.241.211.0/24
51.241.232.0-51.241.234.255
51.241.237.0/24
51.241.252.0-51.241.254.255
188.220.17.0/24
188.220.50.0/24
188.220.94.0/24
188.220.102.0/24
188.220.128.0/24
188.220.132.0/24
188.220.151.0/24
188.220.153.0/24
188.220.156.0/24
188.220.223.0/24
188.220.226.0/24
188.220.231.0/24
188.220.233.0/24
188.221.8.0/24
188.221.30.0/24
188.221.33.0/24
188.221.52.0/24
188.221.83.0/24
188.221.106.0/24
188.221.108.0/24
188.221.114.0/23
188.221.131.0/24
188.221.133.0/24
188.221.145.0/24
188.221.148.0/24
188.221.158.0/24
188.221.165.0/24
188.221.182.0/23
188.221.194.0/24
188.221.209.0/24
188.221.220.0/24
188.221.223.0/24
Signature Algorithm: sha256WithRSAEncryption
99:2d:7b:82:7b:2a:c1:04:64:ea:12:cb:28:dd:e7:14:c3:bd:
57:c1:c7:54:00:a5:ec:f3:90:ec:8b:ff:ac:e5:37:d1:5d:83:
4a:68:b4:57:2c:58:b1:3c:e5:30:b5:29:46:2d:67:bc:3b:83:
be:59:cc:83:b7:6a:7f:44:af:9e:26:62:7d:14:aa:7f:88:45:
4a:93:d4:8f:ea:90:56:a2:19:b3:7f:fb:f7:5e:1c:d5:71:28:
26:cb:76:4d:d6:d3:2a:7e:c3:e2:c5:44:cd:cc:49:7c:ef:f1:
d5:96:b7:32:72:fc:bc:85:2c:32:40:b7:3c:24:0c:9d:47:d5:
4a:88:95:c0:93:40:2f:08:07:ab:03:17:49:e2:84:9f:27:ff:
12:8c:9f:8d:c3:c3:8a:31:39:30:b2:f7:29:c4:92:74:2b:40:
a1:9c:5a:b7:07:ec:b2:e1:96:28:f5:eb:f4:f6:9a:fd:de:2c:
86:64:11:e2:1d:1a:07:49:18:bb:cb:94:bd:ee:a4:aa:b4:72:
d7:ce:ef:b0:b1:7d:55:27:3d:7f:ad:f7:9e:ca:51:41:6f:d4:
12:36:fc:31:17:4c:57:2e:3b:68:ae:d4:89:da:04:63:6a:8d:
f6:25:c1:b8:e0:7b:b6:b0:24:48:ca:6a:ba:3c:4a:a1:76:80:
56:84:a9:5f
-----BEGIN CERTIFICATE-----
MIIGfjCCBWagAwIBAgIUNQojwmGYHhWAKaWGEg9Mnqph1dEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjA2MTMwNTU3MzRaFw0yNzA2MTIwNjAyMzRaMDMxMTAvBgNV
BAMTKEU0MTU4NjQyMTYyMkYxN0EzMEJDNjkwOUQ0OTcwRUU0ODk1QkI5RTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD2D1pAVZnyLJTyS2prWPmAP2jw
H0Ler4cTuoNWpAGeAIruJzoYbeIoySafqzElxkxZKCZFNh4c1nv10FRZ13OlvqqP
ArIIqWCMPD+CDGzDhvoFBQ/sfQU01GuY1NHjFtfwivw1spo9HjkQ3t/PJsGXPp7U
r3FGpqThYNefpP3xjFFFhAMHOrDYBTgR/WlM7q2HlWiW+vQnQFMlVzPeouNyJQd6
U9+nPdz34eBO3NwXIcWwpI1CB8+OnyK2qCvGiD3mUkGnv9Ymh8g1WxRQ/BgINz8m
V7z2banPQonH1NJ9CutwUr+GrfcvXvx7uprlmAvOVP0ZMUpyb5gC8RLNVmsxAgMB
AAGjggOIMIIDhDAdBgNVHQ4EFgQU5BWGQhYi8XowvGkJ1JcO5IlbueAwHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzk2ZTRhYzg2LTE4MDMt
NDk0ZC04YTdiLWMwNTFhNjMxMDc1Mi8wL0FTMjE1MTUyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIIBmwYIKwYBBQUHAQcBAf8EggGKMIIBhjCCAYIEAgAB
MIIBegMEADOSBAMEADOSDwMEADOSEQMEADOSEwMEADOSSAMEADOSSgMEADOSVgME
ATOSYAMEADOSYzAMAwQBM5JmAwQAM5JoAwQAM5JqAwQAM5JuAwQAM5JzAwQBM5J8
AwQAM5LwAwQAM5L2AwQAM8I1AwQAM/F+AwQAM/GRAwQAM/GnAwQBM/HEAwQAM/HL
AwQAM/HQAwQAM/HTMAwDBAMz8egDBAAz8eoDBAAz8e0wDAMEAjPx/AMEADPx/gME
ALzcEQMEALzcMgMEALzcXgMEALzcZgMEALzcgAMEALzchAMEALzclwMEALzcmQME
ALzcnAMEALzc3wMEALzc4gMEALzc5wMEALzc6QMEALzdCAMEALzdHgMEALzdIQME
ALzdNAMEALzdUwMEALzdagMEALzdbAMEAbzdcgMEALzdgwMEALzdhQMEALzdkQME
ALzdlAMEALzdngMEALzdpQMEAbzdtgMEALzdwgMEALzd0QMEALzd3AMEALzd3zAN
BgkqhkiG9w0BAQsFAAOCAQEAmS17gnsqwQRk6hLLKN3nFMO9V8HHVACl7POQ7Iv/
rOU30V2DSmi0VyxYsTzlMLUpRi1nvDuDvlnMg7dqf0SvniZifRSqf4hFSpPUj+qQ
VqIZs3/7914c1XEoJst2TdbTKn7D4sVEzcxJfO/x1Za3MnL8vIUsMkC3PCQMnUfV
SoiVwJNALwgHqwMXSeKEnyf/EoyfjcPDijE5MLL3KcSSdCtAoZxatwfssuGWKPXr
9Paa/d4shmQR4h0aB0kYu8uUve6kqrRy187vsLF9VSc9f633nspRQW/UEjb8MRdM
Vy47aK7UidoEY2qN9iXBuOB7trAkSMpqujxKoXaAVoSpXw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:46:02 2026 by rpki-client