Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215304.roa
File:                     AS215304.roa (raw, json)
Hash identifier:          7ood6gHynkRBvqH7BZC4Hi26Ep6+ISAAVO3CP2Ki4SU=
Subject key identifier:   DA:B8:29:C1:6F:A9:0C:97:FD:20:7A:42:46:01:C0:01:FE:97:79:83
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       188711D5A0163F50148241ADF5E9EEFEB7CE6538
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215304.roa
Signing time:             Wed 23 Jul 2025 00:00:38 +0000
ROA not before:           Tue 22 Jul 2025 23:55:38 +0000
ROA not after:            Wed 22 Jul 2026 00:00:38 +0000
asID:                     215304
IP address blocks:        82.24.127.0/24 maxlen: 24
                          82.24.189.0/24 maxlen: 24
                          82.26.72.0/23 maxlen: 24
                          82.26.78.0/23 maxlen: 24
                          82.26.91.0/24 maxlen: 24
                          82.26.93.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 24 Jul 2025 14:02:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:87:11:d5:a0:16:3f:50:14:82:41:ad:f5:e9:ee:fe:b7:ce:65:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jul 22 23:55:38 2025 GMT
            Not After : Jul 22 00:00:38 2026 GMT
        Subject: CN=DAB829C16FA90C97FD207A424601C001FE977983
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:1f:de:50:e8:1e:e3:a9:18:72:36:12:0c:12:
                    ae:08:e5:04:7e:c6:89:ad:d4:e1:5a:9d:30:d9:54:
                    59:0b:2a:64:3d:6f:9c:07:b7:d9:8c:bb:e6:62:da:
                    40:a1:f7:d6:89:6f:9e:90:2f:ec:be:6e:f2:54:33:
                    cb:da:f1:d6:e6:39:93:d6:3a:70:bf:6e:bb:ea:10:
                    4e:57:6b:bb:2d:8a:75:09:73:7c:5b:c4:8a:fd:6e:
                    6b:9b:b6:f1:0c:d2:53:b3:0c:ed:61:7b:29:c7:e3:
                    8f:be:2a:35:58:48:7e:d1:1a:f8:57:62:d3:0a:03:
                    13:c3:54:b3:ee:b3:c7:b7:11:44:08:da:e0:7d:13:
                    ea:81:dc:02:d0:bc:8b:fc:45:79:42:ca:b9:aa:bf:
                    11:b8:9f:4f:62:95:5e:68:b1:63:da:9f:2c:74:57:
                    1a:1b:8d:56:76:d8:2c:de:b8:de:06:55:10:19:67:
                    30:9a:22:80:c3:93:80:76:93:35:f6:d4:f4:51:56:
                    b3:df:ac:04:50:12:fd:d6:e8:48:bc:8a:16:94:9d:
                    c7:fc:9e:bf:fc:4a:80:29:b9:c9:35:e2:55:fe:00:
                    08:c2:00:be:30:89:40:c9:a6:8b:13:08:2f:3b:b1:
                    06:7d:d2:5c:60:e1:72:bb:97:a0:05:e5:eb:fd:35:
                    ee:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:B8:29:C1:6F:A9:0C:97:FD:20:7A:42:46:01:C0:01:FE:97:79:83
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215304.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.24.127.0/24
                  82.24.189.0/24
                  82.26.72.0/23
                  82.26.78.0/23
                  82.26.91.0/24
                  82.26.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:83:21:0a:1b:a9:21:09:ff:63:03:0b:fb:73:e1:ac:e4:92:
         ba:fb:c3:bd:23:a8:7d:e1:54:4b:77:e9:43:92:b2:6e:8c:97:
         9c:6a:76:16:22:77:ba:dc:f3:be:89:c5:b8:e2:84:6f:a9:53:
         6c:d6:e5:b6:32:3b:ea:76:28:26:30:61:dd:46:72:1d:60:61:
         1d:d2:00:45:89:ad:de:83:62:dd:8c:d3:f3:1c:bb:cd:6f:2d:
         2b:66:74:57:d1:09:76:ca:86:2a:c3:3e:01:a2:23:ca:6f:05:
         d9:ea:46:23:d6:5f:5f:65:16:5c:cb:6e:7f:1a:31:a4:92:ef:
         83:2c:91:9c:a9:21:f4:5d:3e:be:74:74:8f:3f:04:33:e7:2c:
         03:05:51:df:5f:c3:e7:55:14:6e:a2:70:3c:1b:ad:17:09:1b:
         55:57:9f:0b:80:f3:8a:f9:1b:33:f1:d2:ae:a7:2f:e6:53:9b:
         64:cb:52:aa:a7:76:f5:d8:cc:5c:77:6c:08:b8:32:cd:03:36:
         0e:08:05:05:53:87:68:54:30:a1:ab:c9:5e:c1:f3:c0:99:0d:
         33:f3:f5:b3:8c:29:cc:a9:c7:fe:46:06:c3:9f:7b:31:a5:c6:
         e2:99:32:9b:29:d9:8d:6d:18:ef:42:e5:ff:d3:ec:e7:df:15:
         ed:9a:4a:6a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUGIcR1aAWP1AUgkGt9enu/rfOZTgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA3MjIyMzU1MzhaFw0yNjA3MjIwMDAwMzhaMDMxMTAvBgNV
BAMTKERBQjgyOUMxNkZBOTBDOTdGRDIwN0E0MjQ2MDFDMDAxRkU5Nzc5ODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSH95Q6B7jqRhyNhIMEq4I5QR+
xomt1OFanTDZVFkLKmQ9b5wHt9mMu+Zi2kCh99aJb56QL+y+bvJUM8va8dbmOZPW
OnC/brvqEE5Xa7stinUJc3xbxIr9bmubtvEM0lOzDO1heynH44++KjVYSH7RGvhX
YtMKAxPDVLPus8e3EUQI2uB9E+qB3ALQvIv8RXlCyrmqvxG4n09ilV5osWPanyx0
VxobjVZ22CzeuN4GVRAZZzCaIoDDk4B2kzX21PRRVrPfrARQEv3W6Ei8ihaUncf8
nr/8SoApuck14lX+AAjCAL4wiUDJposTCC87sQZ90lxg4XK7l6AF5ev9Ne7RAgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQU2rgpwW+pDJf9IHpCRgHAAf6XeYMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUhh/
AwQAUhi9AwQBUhpIAwQBUhpOAwQAUhpbAwQAUhpdMA0GCSqGSIb3DQEBCwUAA4IB
AQCcgyEKG6khCf9jAwv7c+Gs5JK6+8O9I6h94VRLd+lDkrJujJecanYWIne63PO+
icW44oRvqVNs1uW2MjvqdigmMGHdRnIdYGEd0gBFia3eg2LdjNPzHLvNby0rZnRX
0Ql2yoYqwz4BoiPKbwXZ6kYj1l9fZRZcy25/GjGkku+DLJGcqSH0XT6+dHSPPwQz
5ywDBVHfX8PnVRRuonA8G60XCRtVV58LgPOK+Rsz8dKupy/mU5tky1Kqp3b12Mxc
d2wIuDLNAzYOCAUFU4doVDChq8lewfPAmQ0z8/WzjCnMqcf+RgbDn3sxpcbimTKb
KdmNbRjvQuX/0+zn3xXtmkpq
-----END CERTIFICATE-----
Generated at Thu Jul 24 03:49:10 2025 by rpki-client