Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215152.roa
File: AS215152.roa (raw, json)
Hash identifier: 7ul6R1R7QR9XGiSqJovUiSJLcWDXLtXvndEHZ34bQaA=
Subject key identifier: B9:E0:C3:E1:BD:D6:7E:E4:EF:1F:59:51:E7:C7:50:10:1B:29:64:A4
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 545FF3B502FF4F87A6F98E81F20D684E7D709994
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215152.roa
Signing time: Thu 05 Feb 2026 20:56:19 +0000
ROA not before: Thu 05 Feb 2026 20:51:19 +0000
ROA not after: Thu 04 Feb 2027 20:56:19 +0000
asID: 215152
IP address blocks: 96.62.71.0/24 maxlen: 24
140.233.175.0/24 maxlen: 24
150.241.254.0/24 maxlen: 24
155.117.79.0/24 maxlen: 24
168.222.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Feb 2026 15:31:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:5f:f3:b5:02:ff:4f:87:a6:f9:8e:81:f2:0d:68:4e:7d:70:99:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 5 20:51:19 2026 GMT
Not After : Feb 4 20:56:19 2027 GMT
Subject: CN=B9E0C3E1BDD67EE4EF1F5951E7C750101B2964A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fa:c8:3c:fc:bf:7f:e4:2d:42:7b:b3:d5:c9:
ec:05:ff:11:c9:8a:e3:f9:90:47:e1:37:1c:68:95:
56:32:df:c6:ed:60:1c:e7:b2:76:81:dc:2e:24:1d:
b4:e0:e9:95:80:69:3f:f6:1d:6c:5f:ea:d8:94:e0:
d3:6e:e8:94:09:64:fb:0d:c6:8c:74:ae:2a:d4:95:
41:02:74:91:d2:e3:2c:14:1a:47:e7:27:76:c8:e0:
25:aa:93:ab:36:8c:be:2f:44:be:64:c3:df:1a:08:
9d:84:87:49:47:1d:ea:c4:5b:8f:cb:0e:11:83:61:
d4:46:97:1e:b5:f4:f5:5d:7f:41:e9:65:de:1d:1f:
48:ff:2a:1f:34:d9:83:3d:2a:73:ef:f1:2f:68:d9:
02:1c:4a:0b:12:f3:9b:ff:e3:43:cd:ea:22:b6:62:
f7:54:3b:e3:4d:67:8f:5c:ef:45:65:be:08:f8:ab:
ef:e1:71:94:c2:98:3a:20:f1:83:77:ec:9a:39:3f:
d0:ba:91:27:4f:8f:05:ed:bb:e4:58:82:67:c8:c7:
f7:34:8d:59:23:70:5c:3b:b5:ab:1d:b1:2c:e1:25:
06:9a:a8:32:a8:07:4d:68:9a:7c:ca:c4:12:32:5a:
a6:c3:e4:f4:3c:f8:16:dd:e6:c9:98:51:f4:e5:5b:
10:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:E0:C3:E1:BD:D6:7E:E4:EF:1F:59:51:E7:C7:50:10:1B:29:64:A4
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215152.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.71.0/24
140.233.175.0/24
150.241.254.0/24
155.117.79.0/24
168.222.13.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:cc:0e:a5:36:38:40:26:48:84:7a:21:2c:d6:52:6d:e9:d7:
69:1a:60:69:0c:54:c1:19:b9:72:a1:af:e6:94:ad:7f:48:7e:
f3:a8:c5:bf:ae:dc:de:ed:67:f8:fa:a3:69:cb:df:fe:f1:69:
be:ae:fa:2a:04:a5:e4:cf:9a:a9:fb:25:08:2f:44:b1:f3:16:
69:ab:c7:72:8b:2e:92:67:e0:d5:66:c8:b6:a0:e9:89:0b:9e:
94:8e:c0:2f:dc:2b:d7:71:05:4e:be:63:08:03:2f:00:07:ec:
2b:e1:bc:ae:1c:33:39:b5:e5:df:fb:0f:b3:cd:21:8b:05:65:
2a:91:e6:7d:fa:10:60:e0:7f:9f:6a:be:cd:ef:cf:f7:ab:db:
19:43:0b:ff:eb:98:4f:bb:73:cd:3b:cd:b2:33:b5:69:e4:38:
a2:20:a5:29:35:b8:6a:72:41:bd:ee:1f:dd:85:68:65:9f:c7:
50:ed:13:d3:aa:36:46:13:83:fd:aa:6b:ee:8d:b0:b1:af:0a:
ba:1e:1d:65:a8:a7:08:a8:af:88:dd:70:96:e1:46:be:92:ea:
bc:fe:f7:33:07:0b:46:ed:fa:fc:69:14:26:6b:51:4e:5e:15:
04:4f:85:c4:9a:bb:fa:d8:34:2e:ea:9a:69:9c:93:10:b2:0a:
6f:1b:b9:b4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUVF/ztQL/T4em+Y6B8g1oTn1wmZQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAyMDUyMDUxMTlaFw0yNzAyMDQyMDU2MTlaMDMxMTAvBgNV
BAMTKEI5RTBDM0UxQkRENjdFRTRFRjFGNTk1MUU3Qzc1MDEwMUIyOTY0QTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ+sg8/L9/5C1Ce7PVyewF/xHJ
iuP5kEfhNxxolVYy38btYBznsnaB3C4kHbTg6ZWAaT/2HWxf6tiU4NNu6JQJZPsN
xox0rirUlUECdJHS4ywUGkfnJ3bI4CWqk6s2jL4vRL5kw98aCJ2Eh0lHHerEW4/L
DhGDYdRGlx619PVdf0HpZd4dH0j/Kh802YM9KnPv8S9o2QIcSgsS85v/40PN6iK2
YvdUO+NNZ49c70Vlvgj4q+/hcZTCmDog8YN37Jo5P9C6kSdPjwXtu+RYgmfIx/c0
jVkjcFw7tasdsSzhJQaaqDKoB01omnzKxBIyWqbD5PQ8+Bbd5smYUfTlWxBlAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUueDD4b3WfuTvH1lR58dQEBspZKQwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE1MTUyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAYD5H
AwQAjOmvAwQAlvH+AwQAm3VPAwQAqN4NMA0GCSqGSIb3DQEBCwUAA4IBAQArzA6l
NjhAJkiEeiEs1lJt6ddpGmBpDFTBGblyoa/mlK1/SH7zqMW/rtze7Wf4+qNpy9/+
8Wm+rvoqBKXkz5qp+yUIL0Sx8xZpq8dyiy6SZ+DVZsi2oOmJC56UjsAv3CvXcQVO
vmMIAy8AB+wr4byuHDM5teXf+w+zzSGLBWUqkeZ9+hBg4H+far7N78/3q9sZQwv/
65hPu3PNO82yM7Vp5DiiIKUpNbhqckG97h/dhWhln8dQ7RPTqjZGE4P9qmvujbCx
rwq6Hh1lqKcIqK+I3XCW4Ua+kuq8/vczBwtG7fr8aRQma1FOXhUET4XEmrv62DQu
6pppnJMQsgpvG7m0
-----END CERTIFICATE-----
Generated at Thu Feb 26 09:20:32 2026 by rpki-client