Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215607.roa
File: AS215607.roa (raw, json)
Hash identifier: 7wAQOvMe+SUaQEFk43m/RHPnujF7m8sr07hcSu26y+s=
Subject key identifier: 31:F1:66:71:45:51:D3:65:12:73:CF:8F:A7:51:DA:94:7D:07:ED:17
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 773DE5EB90B33A3E5A9351227AD46D54E22AC9B3
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215607.roa
Signing time: Tue 16 Jun 2026 08:35:03 +0000
ROA not before: Tue 16 Jun 2026 08:30:03 +0000
ROA not after: Tue 15 Jun 2027 08:35:03 +0000
asID: 215607
IP address blocks: 96.62.249.0/24 maxlen: 24
143.14.20.0/24 maxlen: 24
162.141.179.0/24 maxlen: 24
162.141.183.0/24 maxlen: 24
167.148.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 23 Jun 2026 14:23:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:3d:e5:eb:90:b3:3a:3e:5a:93:51:22:7a:d4:6d:54:e2:2a:c9:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 16 08:30:03 2026 GMT
Not After : Jun 15 08:35:03 2027 GMT
Subject: CN=31F166714551D3651273CF8FA751DA947D07ED17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:65:8c:6f:9c:3c:1f:ff:0d:ea:72:63:76:b7:
fb:58:69:8a:86:ae:2a:6b:fc:82:85:e6:a6:bb:4d:
02:0a:69:3b:80:4a:f5:31:22:e2:0b:f9:64:e7:47:
d8:5e:9e:ca:57:3e:1f:11:cc:70:f9:0d:6b:ea:07:
f3:01:52:1b:cb:61:ca:6b:ff:f0:e6:8f:b8:c2:d2:
c3:85:0c:e8:0d:b6:fa:2b:4b:cd:88:99:ec:ac:e4:
b2:35:12:bd:13:83:44:67:1a:d2:47:91:da:79:79:
a1:ab:af:6e:da:70:21:5e:77:db:36:95:3d:61:18:
c3:81:10:96:54:25:50:42:27:97:01:23:a1:bd:a2:
1f:e8:8a:a0:a1:a3:f6:60:09:c9:ab:f1:7d:96:b3:
ad:75:d3:15:3b:9e:18:25:fb:26:32:63:5c:7b:32:
3e:30:99:3b:47:02:03:38:a3:ee:95:45:1d:6f:08:
f3:a2:07:ac:fd:c6:1c:3b:ed:7a:bc:09:97:c2:a0:
8b:f1:93:d6:2e:86:9c:d9:57:c2:76:e1:ca:88:46:
3e:2c:3c:53:23:ae:26:c2:c5:92:e9:2d:b1:73:b5:
e8:0e:97:ed:a5:77:7a:5a:13:e8:02:2f:d2:bb:3d:
66:de:66:f3:5c:72:4b:a9:b4:69:1c:41:6a:d2:2e:
c9:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:F1:66:71:45:51:D3:65:12:73:CF:8F:A7:51:DA:94:7D:07:ED:17
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215607.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.249.0/24
143.14.20.0/24
162.141.179.0/24
162.141.183.0/24
167.148.214.0/24
Signature Algorithm: sha256WithRSAEncryption
20:26:07:c7:2a:84:a6:cc:bc:c1:42:93:8c:ce:1c:70:80:4c:
33:8c:f4:3d:1c:be:14:f2:40:27:e7:0a:0f:ec:fa:73:d2:12:
b4:a9:4c:02:64:21:dc:9d:52:e8:27:12:b2:65:80:b8:cb:d2:
f2:1b:42:72:ea:2f:11:0d:79:08:48:57:21:5d:4b:59:00:2a:
7c:30:3f:3a:df:4e:eb:77:43:e6:89:35:bb:2b:14:c0:08:d2:
ea:82:c4:48:ad:a8:d7:c8:93:e6:7f:a8:df:3f:3b:66:33:06:
a8:81:c3:bc:57:08:c4:5e:b4:2a:58:03:1e:45:5c:0d:68:e1:
ff:13:63:a5:4c:26:f6:d1:b5:e0:df:b5:73:88:34:8f:a0:51:
99:3c:cc:af:bf:a1:fc:57:14:ab:d8:44:90:41:13:65:8c:ec:
51:1f:00:1a:93:a6:0a:b3:d0:df:5f:30:44:69:28:82:85:bb:
78:63:f1:0b:37:c0:0f:ea:24:f6:9f:0a:58:6c:0d:eb:d4:f4:
25:0f:0c:a5:2d:9b:9c:fe:c1:fa:66:33:7d:d6:22:eb:a2:69:
a1:7a:88:bf:48:02:0c:a2:69:29:14:ea:c9:af:37:04:68:28:
5e:f1:76:3f:fd:52:95:9c:4a:ae:19:12:c2:3d:8f:e3:40:69:
17:34:29:0d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUdz3l65CzOj5ak1EietRtVOIqybMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA2MTYwODMwMDNaFw0yNzA2MTUwODM1MDNaMDMxMTAvBgNV
BAMTKDMxRjE2NjcxNDU1MUQzNjUxMjczQ0Y4RkE3NTFEQTk0N0QwN0VEMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMZYxvnDwf/w3qcmN2t/tYaYqG
ripr/IKF5qa7TQIKaTuASvUxIuIL+WTnR9henspXPh8RzHD5DWvqB/MBUhvLYcpr
//Dmj7jC0sOFDOgNtvorS82Imeys5LI1Er0Tg0RnGtJHkdp5eaGrr27acCFed9s2
lT1hGMOBEJZUJVBCJ5cBI6G9oh/oiqCho/ZgCcmr8X2Ws6110xU7nhgl+yYyY1x7
Mj4wmTtHAgM4o+6VRR1vCPOiB6z9xhw77Xq8CZfCoIvxk9YuhpzZV8J24cqIRj4s
PFMjribCxZLpLbFztegOl+2ld3paE+gCL9K7PWbeZvNcckuptGkcQWrSLslDAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUMfFmcUVR02USc8+Pp1HalH0H7RcwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE1NjA3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAYD75
AwQAjw4UAwQAoo2zAwQAoo23AwQAp5TWMA0GCSqGSIb3DQEBCwUAA4IBAQAgJgfH
KoSmzLzBQpOMzhxwgEwzjPQ9HL4U8kAn5woP7Ppz0hK0qUwCZCHcnVLoJxKyZYC4
y9LyG0Jy6i8RDXkISFchXUtZACp8MD86307rd0PmiTW7KxTACNLqgsRIrajXyJPm
f6jfPztmMwaogcO8VwjEXrQqWAMeRVwNaOH/E2OlTCb20bXg37VziDSPoFGZPMyv
v6H8VxSr2ESQQRNljOxRHwAak6YKs9DfXzBEaSiChbt4Y/ELN8AP6iT2nwpYbA3r
1PQlDwylLZuc/sH6ZjN91iLrommheoi/SAIMomkpFOrJrzcEaChe8XY//VKVnEqu
GRLCPY/jQGkXNCkN
-----END CERTIFICATE-----
Generated at Mon Jun 22 18:22:48 2026 by rpki-client