Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215304.roa
File:                     AS215304.roa (raw, json)
Hash identifier:          cEnmFJqOGbqu8y+ChfPLYGoO4BXWRIG9gghwHeqAqx4=
Subject key identifier:   CC:5B:D2:D8:37:72:4D:22:19:FE:9C:05:FB:0D:DA:0D:AD:17:6F:61
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       1B4EC11ABECB7717D572CF22DD62DB7444BDB15E
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215304.roa
Signing time:             Mon 07 Jul 2025 00:01:58 +0000
ROA not before:           Sun 06 Jul 2025 23:56:58 +0000
ROA not after:            Mon 06 Jul 2026 00:01:58 +0000
asID:                     215304
IP address blocks:        82.24.127.0/24 maxlen: 24
                          82.24.189.0/24 maxlen: 24
                          82.26.72.0/23 maxlen: 24
                          82.26.78.0/23 maxlen: 24
                          82.26.91.0/24 maxlen: 24
                          82.26.93.0/24 maxlen: 24
                          82.26.110.0/24 maxlen: 24
                          82.27.123.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 13:47:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:4e:c1:1a:be:cb:77:17:d5:72:cf:22:dd:62:db:74:44:bd:b1:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jul  6 23:56:58 2025 GMT
            Not After : Jul  6 00:01:58 2026 GMT
        Subject: CN=CC5BD2D837724D2219FE9C05FB0DDA0DAD176F61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:2d:70:5a:13:53:e8:84:55:ad:41:8e:d0:9e:
                    63:f2:6b:e6:60:80:1a:a2:dd:4f:31:50:e1:9e:30:
                    82:cf:9f:ad:6b:bb:a6:4d:ee:0e:02:1c:22:a5:45:
                    56:89:64:06:29:0f:62:fc:5a:e5:fb:ad:79:4b:07:
                    ce:12:c8:09:df:19:10:d2:3c:62:32:95:71:10:41:
                    d2:b2:64:e0:88:c6:80:3d:ee:4a:48:79:25:0a:19:
                    d8:a2:43:5a:f0:46:74:56:5d:c8:a5:1a:15:54:37:
                    9e:ea:a0:33:99:5e:97:c8:84:d0:52:06:eb:32:6a:
                    b1:0c:49:e8:5b:e5:14:bd:ed:04:27:1e:91:98:85:
                    3e:98:13:8c:9c:b9:18:b7:65:bf:55:00:cc:8a:e0:
                    8e:a5:57:d0:b3:06:c1:36:7d:64:fe:77:04:b4:f8:
                    27:dc:d8:07:4f:4c:1c:eb:e6:b6:bc:c1:a7:56:77:
                    f9:bb:63:81:d9:39:18:d9:31:33:81:1e:8f:2a:bf:
                    83:25:e1:e6:87:63:55:46:f9:73:18:9e:be:30:36:
                    e3:6e:ff:34:a7:dd:61:e9:f5:e8:ca:33:21:7d:27:
                    ce:12:60:36:67:f4:c0:28:7c:35:0a:4c:7c:2e:01:
                    87:22:84:31:bc:8d:8c:66:59:d8:2e:a4:89:64:34:
                    80:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:5B:D2:D8:37:72:4D:22:19:FE:9C:05:FB:0D:DA:0D:AD:17:6F:61
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215304.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.24.127.0/24
                  82.24.189.0/24
                  82.26.72.0/23
                  82.26.78.0/23
                  82.26.91.0/24
                  82.26.93.0/24
                  82.26.110.0/24
                  82.27.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:45:e9:59:f0:72:ff:a6:5e:e2:25:a1:97:36:3d:43:eb:9d:
         de:35:73:33:21:f7:d8:77:9f:19:5f:a0:90:3c:ff:59:46:35:
         b2:b2:3e:20:ec:0c:96:ca:e4:8e:a3:e9:9c:b0:c4:f8:58:1a:
         70:98:b2:e9:01:49:48:9d:f9:71:8c:8e:95:fd:5c:88:e5:d9:
         b7:ae:19:3d:87:e6:0a:83:a8:cb:17:9e:03:ac:e1:a5:a5:bd:
         3e:b0:00:74:80:c2:3c:a2:77:49:43:15:9e:25:ed:46:57:fa:
         43:4a:7f:47:50:a2:0e:ce:ee:76:7c:6b:87:11:a4:b3:fd:ae:
         8f:ee:f6:0d:52:d9:13:60:43:88:d7:a4:1b:d5:53:ba:22:8d:
         f7:09:8a:da:13:76:24:c7:9f:0b:55:ab:1b:a8:cc:a9:22:59:
         69:80:4b:52:f0:58:27:36:53:ad:2b:36:7a:db:85:bb:1b:69:
         1b:43:d2:19:b8:df:c2:89:fa:bf:d3:ad:70:16:3f:df:fd:74:
         39:4b:9d:19:c8:55:7a:f5:12:d6:8a:5a:0e:59:27:78:89:5f:
         8b:e3:0b:69:2a:79:85:19:d2:7f:7e:23:03:bf:2a:ea:f2:64:
         38:bd:06:32:69:65:5b:b0:4c:88:5a:25:8e:73:79:e2:f0:cc:
         b0:13:b5:fe
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUG07BGr7LdxfVcs8i3WLbdES9sV4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA3MDYyMzU2NThaFw0yNjA3MDYwMDAxNThaMDMxMTAvBgNV
BAMTKENDNUJEMkQ4Mzc3MjREMjIxOUZFOUMwNUZCMEREQTBEQUQxNzZGNjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9LXBaE1PohFWtQY7QnmPya+Zg
gBqi3U8xUOGeMILPn61ru6ZN7g4CHCKlRVaJZAYpD2L8WuX7rXlLB84SyAnfGRDS
PGIylXEQQdKyZOCIxoA97kpIeSUKGdiiQ1rwRnRWXcilGhVUN57qoDOZXpfIhNBS
BusyarEMSehb5RS97QQnHpGYhT6YE4ycuRi3Zb9VAMyK4I6lV9CzBsE2fWT+dwS0
+Cfc2AdPTBzr5ra8wadWd/m7Y4HZORjZMTOBHo8qv4Ml4eaHY1VG+XMYnr4wNuNu
/zSn3WHp9ejKMyF9J84SYDZn9MAofDUKTHwuAYcihDG8jYxmWdgupIlkNIAdAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUzFvS2DdyTSIZ/pwF+w3aDa0Xb2EwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUhh/
AwQAUhi9AwQBUhpIAwQBUhpOAwQAUhpbAwQAUhpdAwQAUhpuAwQAUht7MA0GCSqG
SIb3DQEBCwUAA4IBAQCCRelZ8HL/pl7iJaGXNj1D653eNXMzIffYd58ZX6CQPP9Z
RjWysj4g7AyWyuSOo+mcsMT4WBpwmLLpAUlInflxjI6V/VyI5dm3rhk9h+YKg6jL
F54DrOGlpb0+sAB0gMI8ondJQxWeJe1GV/pDSn9HUKIOzu52fGuHEaSz/a6P7vYN
UtkTYEOI16Qb1VO6Io33CYraE3Ykx58LVasbqMypIllpgEtS8FgnNlOtKzZ624W7
G2kbQ9IZuN/Cifq/061wFj/f/XQ5S50ZyFV69RLWiloOWSd4iV+L4wtpKnmFGdJ/
fiMDvyrq8mQ4vQYyaWVbsEyIWiWOc3ni8MywE7X+
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:29:41 2025 by rpki-client