Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215152.roa
File: AS215152.roa (raw, json)
Hash identifier: YmaygR/EQ2I7XMJKu01lzy0ixlb89e4tFHflVGkjG9U=
Subject key identifier: 80:40:A5:84:3E:B4:C0:47:8D:30:1B:4F:5B:67:C8:76:F0:B5:D5:54
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 499FDC2A0985E3D5E98015781902EF80FC4D8E15
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215152.roa
Signing time: Sat 23 May 2026 08:20:31 +0000
ROA not before: Sat 23 May 2026 08:15:31 +0000
ROA not after: Sat 22 May 2027 08:20:31 +0000
asID: 215152
IP address blocks: 191.96.245.0/24 maxlen: 24
2a0a:7a00::/29 maxlen: 48
2a0a:9200::/29 maxlen: 48
2a0a:a600::/29 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:32:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:9f:dc:2a:09:85:e3:d5:e9:80:15:78:19:02:ef:80:fc:4d:8e:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 23 08:15:31 2026 GMT
Not After : May 22 08:20:31 2027 GMT
Subject: CN=8040A5843EB4C0478D301B4F5B67C876F0B5D554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:70:fc:e7:7c:d5:05:f1:52:c6:15:85:5c:8e:
47:6e:70:95:aa:30:f8:4f:05:8e:4d:9c:48:fe:d2:
df:52:b3:9d:78:e4:86:de:19:5d:4e:11:40:7b:a9:
84:1d:f7:d3:de:ea:dd:a8:67:ab:8b:94:dd:f2:95:
b0:a0:91:e1:4a:f6:0c:cc:31:ce:ba:a0:55:21:1d:
e4:87:8f:92:e4:bb:37:33:79:42:de:a8:94:2d:86:
b4:bc:0b:2e:4c:b3:43:2b:f4:28:e3:73:ba:24:b7:
0b:5c:7f:1c:79:d4:06:aa:1c:d0:d6:b3:ba:83:a8:
5a:b9:2b:37:49:07:08:e5:2f:65:e5:36:e9:08:3f:
c0:ac:7c:7b:b8:01:aa:84:6f:14:39:2a:5b:0d:27:
e1:b5:eb:6a:98:d9:cb:a7:69:fb:c2:ae:87:e6:7b:
11:9c:be:3c:a6:c8:14:2a:70:a4:8c:2e:7d:63:e6:
98:29:87:66:c4:40:61:14:70:62:79:5b:c0:37:bb:
a9:ed:69:c3:e6:e4:cb:66:aa:da:88:ea:fb:d3:0e:
ef:94:f3:b4:44:65:9b:53:a4:af:b9:64:f5:39:e7:
87:c0:c9:c6:9f:62:36:3c:84:80:ed:5f:51:16:93:
f3:f8:1a:4a:67:b5:02:07:47:38:d6:36:03:cf:9f:
a0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:40:A5:84:3E:B4:C0:47:8D:30:1B:4F:5B:67:C8:76:F0:B5:D5:54
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215152.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.245.0/24
IPv6:
2a0a:7a00::/29
2a0a:9200::/29
2a0a:a600::/29
Signature Algorithm: sha256WithRSAEncryption
03:94:51:7d:b3:f3:7a:2e:89:a1:91:fb:5f:af:69:2a:52:c6:
f0:59:de:5f:ed:97:43:e8:16:d5:e6:ae:0d:c2:c4:82:23:e9:
c0:ec:ca:b4:98:c1:17:0e:2c:02:e4:07:17:88:51:dc:69:ef:
48:35:0f:92:1b:71:cd:81:ab:37:29:d4:0d:f7:a4:80:63:c9:
07:b1:1d:02:3b:95:b0:99:f2:1e:57:9d:26:28:ac:33:6f:d6:
98:3c:6c:33:0d:94:64:e6:5c:9c:eb:c8:dc:e1:34:3b:92:30:
8b:32:d8:38:50:0c:26:96:fa:13:89:77:5e:05:65:39:95:df:
4c:6f:09:2d:18:54:91:29:52:bb:4b:22:20:18:a9:f7:00:69:
22:e6:04:f3:0b:fc:d7:54:62:e8:5e:20:26:32:df:05:c6:4a:
df:75:6f:fc:00:01:fd:eb:7d:6d:3d:06:b8:2f:73:9b:e0:0c:
d9:25:9d:bc:12:86:b5:a2:3c:6f:30:6d:c5:23:e3:c8:6e:75:
da:e7:fb:1f:e6:ed:9c:e5:06:2e:ac:4a:f2:e9:db:45:7a:96:
fa:fa:c9:4e:10:6f:fa:9b:11:28:91:86:fb:7c:07:4b:52:fa:
d0:47:02:04:c8:0d:00:05:0c:9f:d5:5a:ba:74:12:d8:30:6e:
bf:23:44:1e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUSZ/cKgmF49XpgBV4GQLvgPxNjhUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA1MjMwODE1MzFaFw0yNzA1MjIwODIwMzFaMDMxMTAvBgNV
BAMTKDgwNDBBNTg0M0VCNEMwNDc4RDMwMUI0RjVCNjdDODc2RjBCNUQ1NTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3cPznfNUF8VLGFYVcjkducJWq
MPhPBY5NnEj+0t9Ss5145IbeGV1OEUB7qYQd99Pe6t2oZ6uLlN3ylbCgkeFK9gzM
Mc66oFUhHeSHj5LkuzczeULeqJQthrS8Cy5Ms0Mr9Cjjc7oktwtcfxx51AaqHNDW
s7qDqFq5KzdJBwjlL2XlNukIP8CsfHu4AaqEbxQ5KlsNJ+G162qY2cunafvCrofm
exGcvjymyBQqcKSMLn1j5pgph2bEQGEUcGJ5W8A3u6ntacPm5MtmqtqI6vvTDu+U
87REZZtTpK+5ZPU554fAycafYjY8hIDtX1EWk/P4GkpntQIHRzjWNgPPn6D5AgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUgEClhD60wEeNMBtPW2fIdvC11VQwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjE1MTUyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQAv2D1
MBsEAgACMBUDBQMqCnoAAwUDKgqSAAMFAyoKpgAwDQYJKoZIhvcNAQELBQADggEB
AAOUUX2z83ouiaGR+1+vaSpSxvBZ3l/tl0PoFtXmrg3CxIIj6cDsyrSYwRcOLALk
BxeIUdxp70g1D5Ibcc2Bqzcp1A33pIBjyQexHQI7lbCZ8h5XnSYorDNv1pg8bDMN
lGTmXJzryNzhNDuSMIsy2DhQDCaW+hOJd14FZTmV30xvCS0YVJEpUrtLIiAYqfcA
aSLmBPML/NdUYuheICYy3wXGSt91b/wAAf3rfW09Brgvc5vgDNklnbwShrWiPG8w
bcUj48huddrn+x/m7ZzlBi6sSvLp20V6lvr6yU4Qb/qbESiRhvt8B0tS+tBHAgTI
DQAFDJ/VWrp0Etgwbr8jRB4=
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:25:51 2026 by rpki-client