Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215152.roa
File: AS215152.roa (raw, json)
Hash identifier: QEct6qZzSCjwTrUKXHRv9aN+c+dpHoHbkcM+PD8xoHg=
Subject key identifier: 42:62:0A:5B:5C:4D:DB:29:A8:96:D0:B0:5E:5C:D1:15:03:DE:3A:61
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5E36203D4D6B8E4B2A65F910BA83F7445539DE1C
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215152.roa
Signing time: Wed 01 Apr 2026 02:13:11 +0000
ROA not before: Wed 01 Apr 2026 02:08:11 +0000
ROA not after: Wed 31 Mar 2027 02:13:11 +0000
asID: 215152
IP address blocks: 181.214.209.0/24 maxlen: 24
181.215.58.0/24 maxlen: 24
191.96.5.0/24 maxlen: 24
191.96.157.0/24 maxlen: 24
191.101.151.0/24 maxlen: 24
2a0a:7a00::/29 maxlen: 48
2a0a:9200::/29 maxlen: 48
2a0a:a600::/29 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 Apr 2026 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:36:20:3d:4d:6b:8e:4b:2a:65:f9:10:ba:83:f7:44:55:39:de:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 1 02:08:11 2026 GMT
Not After : Mar 31 02:13:11 2027 GMT
Subject: CN=42620A5B5C4DDB29A896D0B05E5CD11503DE3A61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:63:22:28:e2:97:b5:69:d1:61:20:45:63:c1:
9a:29:8d:bc:cc:6c:cd:45:66:ae:11:d2:15:ba:18:
97:ae:24:df:56:76:af:df:d3:cd:af:82:31:85:0b:
c7:55:65:56:43:04:b0:c9:b4:77:6d:bf:62:9b:f4:
0d:a0:e1:6e:cb:24:0c:2b:e1:52:9c:b8:2c:98:63:
b2:cd:06:ee:ac:1e:a7:e8:e0:2c:0a:ec:e3:0b:ed:
0c:94:89:02:70:a8:08:50:02:ab:44:cc:59:f8:15:
bf:44:93:c1:91:00:af:c5:f8:19:db:1e:8a:4c:8a:
24:19:ba:db:d5:79:28:e8:e4:33:e8:0f:e9:0d:39:
e0:42:86:91:15:fe:01:de:8f:28:e4:35:d9:1e:74:
02:df:ee:b1:55:ed:5c:dc:b4:a1:14:99:73:0b:1e:
fb:fc:e3:71:0f:64:03:3a:76:66:b9:a7:32:63:2c:
1e:66:3b:68:aa:cb:cb:d8:ef:08:e5:46:3e:7f:5d:
72:d3:1e:53:79:ac:23:19:57:a6:cd:a2:1d:b3:d4:
54:1a:d0:78:5e:a9:6b:62:7e:26:38:c4:c7:65:f9:
eb:d4:de:80:20:9a:9f:94:6e:e1:c1:3f:f2:ae:eb:
ce:24:95:09:ea:57:ef:de:49:50:ae:77:1e:f0:6d:
f1:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:62:0A:5B:5C:4D:DB:29:A8:96:D0:B0:5E:5C:D1:15:03:DE:3A:61
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215152.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.209.0/24
181.215.58.0/24
191.96.5.0/24
191.96.157.0/24
191.101.151.0/24
IPv6:
2a0a:7a00::/29
2a0a:9200::/29
2a0a:a600::/29
Signature Algorithm: sha256WithRSAEncryption
64:9e:16:24:9c:97:69:7a:46:dc:db:80:f3:30:42:81:e5:6c:
b3:f5:cb:87:c4:a7:ee:5a:ee:f9:53:3c:bf:98:ba:36:06:e6:
2b:e9:5d:e2:09:65:61:ca:13:f3:ac:cb:e9:37:fc:a0:ac:8e:
31:20:d6:b1:57:72:d3:29:40:40:a0:d1:45:c9:96:e8:a7:16:
fb:34:b5:ca:d8:b3:03:8d:48:23:cb:4a:17:2e:95:7a:52:9d:
25:75:bb:17:de:d0:5f:da:66:13:2c:37:07:62:64:8b:f4:cf:
d8:78:8e:70:b1:28:d9:12:70:73:b4:cc:ec:f9:53:2e:04:34:
dc:dc:7c:44:84:07:32:60:67:81:73:3d:fa:7f:be:4b:24:f8:
f0:8b:12:67:ab:f0:c6:d4:e2:ad:60:b2:63:53:ae:15:03:ba:
ae:c9:98:29:16:8b:63:de:a0:05:72:22:25:d4:da:90:53:8b:
3a:d6:4f:91:c7:22:6f:36:de:1d:c5:5e:6e:27:36:0e:49:d9:
0f:48:bf:7a:c8:37:ad:f4:e8:4b:b9:fe:b3:f2:58:57:94:75:
15:d9:40:9a:94:f8:99:11:8f:28:ab:92:a9:4d:74:d9:9b:28:
2f:41:77:45:fe:06:44:7c:8d:5a:0b:00:78:51:68:3f:1c:c7:
2b:bf:8b:7a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXjYgPU1rjksqZfkQuoP3RFU53hwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA0MDEwMjA4MTFaFw0yNzAzMzEwMjEzMTFaMDMxMTAvBgNV
BAMTKDQyNjIwQTVCNUM0RERCMjlBODk2RDBCMDVFNUNEMTE1MDNERTNBNjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcYyIo4pe1adFhIEVjwZopjbzM
bM1FZq4R0hW6GJeuJN9Wdq/f082vgjGFC8dVZVZDBLDJtHdtv2Kb9A2g4W7LJAwr
4VKcuCyYY7LNBu6sHqfo4CwK7OML7QyUiQJwqAhQAqtEzFn4Fb9Ek8GRAK/F+Bnb
HopMiiQZutvVeSjo5DPoD+kNOeBChpEV/gHejyjkNdkedALf7rFV7VzctKEUmXML
Hvv843EPZAM6dma5pzJjLB5mO2iqy8vY7wjlRj5/XXLTHlN5rCMZV6bNoh2z1FQa
0HheqWtifiY4xMdl+evU3oAgmp+UbuHBP/Ku684klQnqV+/eSVCudx7wbfHlAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUQmIKW1xN2ymoltCwXlzRFQPeOmEwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjE1MTUyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQAtdbR
AwQAtdc6AwQAv2AFAwQAv2CdAwQAv2WXMBsEAgACMBUDBQMqCnoAAwUDKgqSAAMF
AyoKpgAwDQYJKoZIhvcNAQELBQADggEBAGSeFiScl2l6RtzbgPMwQoHlbLP1y4fE
p+5a7vlTPL+YujYG5ivpXeIJZWHKE/Osy+k3/KCsjjEg1rFXctMpQECg0UXJluin
Fvs0tcrYswONSCPLShculXpSnSV1uxfe0F/aZhMsNwdiZIv0z9h4jnCxKNkScHO0
zOz5Uy4ENNzcfESEBzJgZ4FzPfp/vksk+PCLEmer8MbU4q1gsmNTrhUDuq7JmCkW
i2PeoAVyIiXU2pBTizrWT5HHIm823h3FXm4nNg5J2Q9Iv3rIN6306Eu5/rPyWFeU
dRXZQJqU+JkRjyirkqlNdNmbKC9Bd0X+BkR8jVoLAHhRaD8cxyu/i3o=
-----END CERTIFICATE-----
Generated at Mon Apr 13 12:27:07 2026 by rpki-client