Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215152.roa
File: AS215152.roa (raw, json)
Hash identifier: gXvr5ICNOektmVzmUaqKKiMZpqKBE9PahkEr/2rQjTA=
Subject key identifier: A1:55:32:57:5D:3F:E7:EC:A6:D0:E5:48:C9:58:3B:64:F9:11:DB:FB
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 0C9266F1909FF5FC23E6BDCFC4644BA2A2F8E0B1
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215152.roa
Signing time: Sat 04 Apr 2026 13:25:42 +0000
ROA not before: Sat 04 Apr 2026 13:20:42 +0000
ROA not after: Sat 03 Apr 2027 13:25:42 +0000
asID: 215152
IP address blocks: 96.62.71.0/24 maxlen: 24
140.233.175.0/24 maxlen: 24
143.14.192.0/24 maxlen: 24
143.14.250.0/24 maxlen: 24
150.241.254.0/24 maxlen: 24
168.222.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 Apr 2026 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:92:66:f1:90:9f:f5:fc:23:e6:bd:cf:c4:64:4b:a2:a2:f8:e0:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 4 13:20:42 2026 GMT
Not After : Apr 3 13:25:42 2027 GMT
Subject: CN=A15532575D3FE7ECA6D0E548C9583B64F911DBFB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:dc:c9:2e:8c:5a:28:6c:d2:80:7d:09:b4:fb:
a5:66:82:6c:fc:c7:71:aa:43:b7:88:03:a4:e9:2d:
6e:03:0f:01:97:db:f5:16:62:4c:18:3e:ca:0c:27:
19:de:2e:c9:0d:a5:de:1e:38:52:ce:21:30:57:ba:
b1:f2:7c:21:30:71:11:26:0b:28:df:d5:1d:e5:de:
7d:ef:d9:a0:73:10:0d:84:e7:66:8f:84:2a:ae:54:
45:14:57:40:76:69:32:25:12:39:b1:f0:fb:3e:79:
c3:56:3d:34:7b:f7:40:22:9f:14:87:09:bd:00:52:
ba:dd:a6:9b:e1:14:8d:cf:be:f8:39:63:ff:7d:d1:
b6:68:db:36:ea:f0:e7:2f:bb:f6:34:d3:2e:8e:72:
cc:0f:cf:6e:18:87:9c:44:2f:e0:78:32:14:4c:1a:
8d:8b:a8:ee:bd:cc:89:d4:36:74:c8:06:91:da:b5:
58:61:28:2c:0d:40:27:63:2c:41:34:18:60:8c:f0:
7a:77:b0:e8:1c:1c:e1:b0:38:dd:e5:72:1f:23:ad:
f3:ac:c5:c0:a1:e4:1c:af:70:45:6a:42:7a:dc:7d:
0b:44:c8:51:e2:53:a0:dc:43:93:7c:76:62:b3:de:
38:c1:97:2a:04:f0:ab:27:11:17:2d:30:36:70:4c:
02:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:55:32:57:5D:3F:E7:EC:A6:D0:E5:48:C9:58:3B:64:F9:11:DB:FB
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215152.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.71.0/24
140.233.175.0/24
143.14.192.0/24
143.14.250.0/24
150.241.254.0/24
168.222.13.0/24
Signature Algorithm: sha256WithRSAEncryption
72:71:9a:87:69:99:33:c7:9c:37:05:42:75:af:0b:1c:4a:77:
5e:93:8f:99:0a:c7:96:3d:5e:09:5d:68:e9:7b:ac:ff:6e:b0:
81:1f:a6:52:3b:69:43:2d:c6:15:a7:0c:4a:29:78:ab:58:14:
cb:dc:eb:75:61:fd:53:ed:54:7b:bf:e7:33:b2:27:24:e1:1b:
de:49:be:80:f5:1e:c2:0b:61:52:e2:e9:9c:bf:c2:48:60:54:
94:44:8e:f0:2b:04:cc:2d:86:5e:ce:be:4f:c5:c8:75:3a:f9:
81:af:ea:40:77:2e:33:f1:b5:0d:b6:dc:f9:60:1b:45:84:3e:
ef:3d:d8:30:18:ed:51:d9:3b:e2:f4:d1:35:ce:9d:3a:53:23:
41:bd:d8:24:2f:45:fa:bd:f1:67:d8:e1:a7:3f:45:e1:07:13:
b9:8f:59:e9:50:5d:71:65:49:2d:46:34:34:14:d0:52:5a:9f:
1b:99:bc:af:9a:95:d1:2a:61:3b:58:fe:d4:16:cb:75:31:f2:
d4:61:72:3a:e8:9c:53:62:0a:04:2f:2c:72:5d:26:d7:ec:68:
6b:94:aa:bd:dc:56:75:e5:e6:cb:a7:63:d8:e4:f5:b8:69:ed:
3d:a6:9d:eb:2b:0c:41:d6:a0:e1:e2:ef:ea:5f:f0:db:78:30:
35:ae:16:5b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUDJJm8ZCf9fwj5r3PxGRLoqL44LEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MDQxMzIwNDJaFw0yNzA0MDMxMzI1NDJaMDMxMTAvBgNV
BAMTKEExNTUzMjU3NUQzRkU3RUNBNkQwRTU0OEM5NTgzQjY0RjkxMURCRkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCV3MkujFoobNKAfQm0+6Vmgmz8
x3GqQ7eIA6TpLW4DDwGX2/UWYkwYPsoMJxneLskNpd4eOFLOITBXurHyfCEwcREm
Cyjf1R3l3n3v2aBzEA2E52aPhCquVEUUV0B2aTIlEjmx8Ps+ecNWPTR790AinxSH
Cb0AUrrdppvhFI3Pvvg5Y/990bZo2zbq8Ocvu/Y00y6OcswPz24Yh5xEL+B4MhRM
Go2LqO69zInUNnTIBpHatVhhKCwNQCdjLEE0GGCM8Hp3sOgcHOGwON3lch8jrfOs
xcCh5ByvcEVqQnrcfQtEyFHiU6DcQ5N8dmKz3jjBlyoE8KsnERctMDZwTAJhAgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQUoVUyV10/5+ym0OVIyVg7ZPkR2/swHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE1MTUyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAYD5H
AwQAjOmvAwQAjw7AAwQAjw76AwQAlvH+AwQAqN4NMA0GCSqGSIb3DQEBCwUAA4IB
AQBycZqHaZkzx5w3BUJ1rwscSndek4+ZCseWPV4JXWjpe6z/brCBH6ZSO2lDLcYV
pwxKKXirWBTL3Ot1Yf1T7VR7v+czsick4RveSb6A9R7CC2FS4umcv8JIYFSURI7w
KwTMLYZezr5Pxch1OvmBr+pAdy4z8bUNttz5YBtFhD7vPdgwGO1R2Tvi9NE1zp06
UyNBvdgkL0X6vfFn2OGnP0XhBxO5j1npUF1xZUktRjQ0FNBSWp8bmbyvmpXRKmE7
WP7UFst1MfLUYXI66JxTYgoELyxyXSbX7GhrlKq93FZ15ebLp2PY5PW4ae09pp3r
KwxB1qDh4u/qX/DbeDA1rhZb
-----END CERTIFICATE-----
Generated at Mon Apr 13 12:27:09 2026 by rpki-client