Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215124.roa
File: AS215124.roa (raw, json)
Hash identifier: 8quppxgfo31Njb83+Cb7lRMpuokD/DaCwR+iU2ept1E=
Subject key identifier: 73:67:B2:73:7B:1F:90:00:0A:8B:1D:5C:CC:C2:31:40:EE:73:43:62
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 642410322CD88F95EF8BA04B9794A506D3791C47
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215124.roa
Signing time: Sat 02 May 2026 18:17:15 +0000
ROA not before: Sat 02 May 2026 18:12:15 +0000
ROA not after: Sat 01 May 2027 18:17:15 +0000
asID: 215124
IP address blocks: 191.96.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 18:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:24:10:32:2c:d8:8f:95:ef:8b:a0:4b:97:94:a5:06:d3:79:1c:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 2 18:12:15 2026 GMT
Not After : May 1 18:17:15 2027 GMT
Subject: CN=7367B2737B1F90000A8B1D5CCCC23140EE734362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1e:cf:25:1b:27:b8:31:24:35:64:84:21:9e:
a5:f5:e4:a1:7b:5b:4b:c1:ce:ae:ea:6e:b9:87:c5:
70:2c:2b:7e:59:0a:e1:94:12:35:67:f2:c4:b0:61:
13:4d:ea:7a:ec:49:9d:a7:08:93:d1:fa:a9:4c:99:
3a:5d:cc:d5:d7:58:da:ba:ca:67:4e:12:c2:2c:7d:
a8:65:2a:fc:1f:84:9d:a9:21:b5:ee:1b:fb:92:4c:
f5:35:a8:a2:09:d1:80:a4:54:2d:00:b5:05:36:6b:
79:84:a7:0d:36:dc:fe:a3:6d:d1:5f:be:a6:2c:32:
39:7e:c8:5e:8e:d8:d9:02:79:50:bb:87:11:7d:d7:
7d:3e:3b:75:7f:e0:e6:f8:61:cd:c2:70:e2:87:13:
22:85:42:b5:77:8e:4b:d5:63:ed:cf:45:17:c3:1c:
1f:a8:97:05:21:2c:b5:82:05:d6:fd:c9:90:a3:41:
46:20:35:9d:b9:99:32:f4:fb:3b:25:85:85:80:c6:
06:36:89:d6:54:cc:4d:21:de:6a:5c:10:7d:c3:0b:
bf:fd:4f:c2:59:03:79:61:d8:32:b8:e0:5a:4b:07:
ce:bb:71:e8:65:93:9d:cb:2b:50:3e:2c:d8:cd:69:
d8:bd:5c:ba:05:ff:fb:7c:a4:7f:d5:0c:7d:7b:e6:
4c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:67:B2:73:7B:1F:90:00:0A:8B:1D:5C:CC:C2:31:40:EE:73:43:62
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215124.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.5.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:3a:18:3a:a0:71:08:4d:79:4a:2f:49:b5:43:4a:d5:ba:88:
52:79:12:ed:37:0c:8a:60:6b:26:79:9b:ef:c8:fa:53:ea:09:
4d:a4:e2:6a:17:0c:26:57:18:ed:03:c6:2f:85:77:55:5b:c0:
c5:09:69:92:83:76:14:f7:a4:c3:26:13:82:0a:e3:6c:33:55:
fb:b1:8d:d6:1f:c4:1c:77:42:ca:1a:8a:c9:a3:3e:94:cf:8f:
8f:b8:61:d1:6e:61:3a:2f:79:7c:09:97:8e:71:16:48:19:e2:
26:69:f3:ab:aa:ea:55:53:25:0c:da:b7:b7:8c:61:ba:83:87:
5d:08:a7:8f:e1:df:e0:59:49:9b:6a:92:2b:04:9f:1b:c5:74:
c2:04:f7:12:9f:c4:39:b1:cc:5e:53:7a:88:c7:49:26:3c:eb:
2c:d1:3f:35:f1:eb:dd:a3:35:dc:21:f0:88:e8:ca:ce:29:63:
07:8f:18:fe:aa:ef:c1:3b:25:17:6f:83:b6:6f:bc:c0:19:12:
4c:31:99:32:37:6f:1c:c1:44:8c:d4:e3:09:78:cf:16:3d:34:
08:fc:be:57:72:c4:77:d9:11:e1:33:b5:e7:ce:1b:26:d8:da:
3f:41:3c:b4:3b:86:16:d5:48:bd:b0:de:48:6e:56:de:37:68:
41:e0:35:a1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUZCQQMizYj5Xvi6BLl5SlBtN5HEcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA1MDIxODEyMTVaFw0yNzA1MDExODE3MTVaMDMxMTAvBgNV
BAMTKDczNjdCMjczN0IxRjkwMDAwQThCMUQ1Q0NDQzIzMTQwRUU3MzQzNjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwHs8lGye4MSQ1ZIQhnqX15KF7
W0vBzq7qbrmHxXAsK35ZCuGUEjVn8sSwYRNN6nrsSZ2nCJPR+qlMmTpdzNXXWNq6
ymdOEsIsfahlKvwfhJ2pIbXuG/uSTPU1qKIJ0YCkVC0AtQU2a3mEpw023P6jbdFf
vqYsMjl+yF6O2NkCeVC7hxF9130+O3V/4Ob4Yc3CcOKHEyKFQrV3jkvVY+3PRRfD
HB+olwUhLLWCBdb9yZCjQUYgNZ25mTL0+zslhYWAxgY2idZUzE0h3mpcEH3DC7/9
T8JZA3lh2DK44FpLB867cehlk53LK1A+LNjNadi9XLoF//t8pH/VDH175kzLAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUc2eyc3sfkAAKix1czMIxQO5zQ2IwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjE1MTI0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2AF
MA0GCSqGSIb3DQEBCwUAA4IBAQC1Ohg6oHEITXlKL0m1Q0rVuohSeRLtNwyKYGsm
eZvvyPpT6glNpOJqFwwmVxjtA8YvhXdVW8DFCWmSg3YU96TDJhOCCuNsM1X7sY3W
H8Qcd0LKGorJoz6Uz4+PuGHRbmE6L3l8CZeOcRZIGeImafOrqupVUyUM2re3jGG6
g4ddCKeP4d/gWUmbapIrBJ8bxXTCBPcSn8Q5scxeU3qIx0kmPOss0T818evdozXc
IfCI6MrOKWMHjxj+qu/BOyUXb4O2b7zAGRJMMZkyN28cwUSM1OMJeM8WPTQI/L5X
csR32RHhM7Xnzhsm2No/QTy0O4YW1Ui9sN5IblbeN2hB4DWh
-----END CERTIFICATE-----
Generated at Wed May 6 02:40:19 2026 by rpki-client