Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215152.roa
File: AS215152.roa (raw, json)
Hash identifier: Q9W2XpFPPzgz0/1AZCrVh7bcByYBY3+p5WMeKBiSwqU=
Subject key identifier: B9:DF:0C:3A:71:B2:63:9E:9D:AD:29:1E:83:BA:13:35:C9:CC:FB:D1
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 77F3DB0EE2B9F1A871F3730AF9F3B83CFE6FE6A4
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215152.roa
Signing time: Mon 09 Feb 2026 09:45:49 +0000
ROA not before: Mon 09 Feb 2026 09:40:49 +0000
ROA not after: Mon 08 Feb 2027 09:45:49 +0000
asID: 215152
IP address blocks: 82.24.25.0/24 maxlen: 24
82.26.155.0/24 maxlen: 24
82.29.6.0/24 maxlen: 24
82.38.61.0/24 maxlen: 24
82.41.75.0/24 maxlen: 24
82.41.122.0/24 maxlen: 24
82.41.170.0/24 maxlen: 24
82.41.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Feb 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:f3:db:0e:e2:b9:f1:a8:71:f3:73:0a:f9:f3:b8:3c:fe:6f:e6:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 9 09:40:49 2026 GMT
Not After : Feb 8 09:45:49 2027 GMT
Subject: CN=B9DF0C3A71B2639E9DAD291E83BA1335C9CCFBD1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b6:c9:63:ef:fe:62:c2:62:be:3d:de:be:0e:
19:df:f9:f1:2c:9d:c1:52:99:7c:7a:17:4a:10:47:
fd:14:26:54:30:a5:b3:17:02:99:64:c9:c8:ed:02:
85:97:26:60:32:d7:35:ad:89:d7:bf:cf:0a:e6:64:
50:11:12:a6:89:91:01:c3:bb:10:d9:31:71:9d:23:
a0:bd:24:5e:c4:a3:0e:3d:ee:54:93:99:92:da:58:
28:d3:ae:aa:95:62:e1:71:10:76:15:09:85:41:17:
b4:14:26:04:c0:d7:41:56:3f:70:90:c7:c6:7d:77:
d0:38:72:ec:4a:9d:72:79:94:38:43:6d:c2:9b:02:
d3:25:af:9f:20:c0:5b:77:d3:88:4b:b6:f0:0b:91:
c2:e5:27:64:ef:fd:64:3f:91:fd:d8:90:28:f3:f2:
ab:1a:e3:cd:a1:f5:71:5f:90:2b:d9:cb:2f:18:98:
6e:f0:c6:29:60:57:20:d0:ba:29:a0:fe:8f:d8:8c:
2b:af:2c:66:0f:13:82:17:56:14:f7:99:a3:d5:50:
37:94:f0:c7:6e:39:2a:e9:8e:10:ae:c2:94:d7:e8:
bf:6f:58:41:18:55:de:89:06:e4:cc:cb:50:b0:28:
8f:c8:a3:4a:73:df:ee:f3:fd:dc:07:01:66:d8:1c:
c4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:DF:0C:3A:71:B2:63:9E:9D:AD:29:1E:83:BA:13:35:C9:CC:FB:D1
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215152.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.24.25.0/24
82.26.155.0/24
82.29.6.0/24
82.38.61.0/24
82.41.75.0/24
82.41.122.0/24
82.41.170.0/24
82.41.196.0/24
Signature Algorithm: sha256WithRSAEncryption
61:cf:41:45:90:80:3c:4a:6a:b0:b2:f1:04:06:d0:ef:97:ab:
4c:1f:70:d1:6b:25:19:ef:0f:16:cc:ec:ea:21:c7:c4:89:cb:
a7:9c:2d:9b:bb:31:78:aa:5e:b4:25:82:d2:95:be:82:e3:da:
a9:33:a9:fa:a4:8e:4e:7c:74:78:4d:58:6d:ca:36:bd:16:d1:
82:46:0c:90:87:12:2e:69:51:33:f4:1b:ed:ae:a1:be:f7:36:
98:58:d3:6f:5a:c6:9c:e5:c0:9b:c5:17:c9:c5:05:61:57:54:
61:fe:fb:73:15:7c:d4:cb:c5:77:e6:fe:31:2c:50:30:89:db:
ad:c0:68:04:be:93:d8:cb:54:eb:05:bf:c5:f0:d2:be:f1:4b:
e1:1a:ba:18:0c:39:45:f1:2f:44:1f:e6:25:b6:55:19:5f:72:
3e:7f:c6:a7:05:3a:22:11:72:bd:87:d2:ff:a5:f4:0f:c3:27:
ab:8d:b0:33:7d:e6:ee:04:dc:a2:4b:17:84:ac:9d:c7:d5:5b:
2e:31:51:a0:f0:22:a7:39:73:8e:8f:8a:ed:50:ab:59:72:d7:
52:11:c2:2f:45:c7:94:e3:58:9b:44:4a:ee:ca:c6:5f:d5:e8:
b7:ad:8e:c6:44:4b:34:50:89:c3:c3:e8:19:26:ee:36:82:35:
61:f8:9a:70
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUd/PbDuK58ahx83MK+fO4PP5v5qQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAyMDkwOTQwNDlaFw0yNzAyMDgwOTQ1NDlaMDMxMTAvBgNV
BAMTKEI5REYwQzNBNzFCMjYzOUU5REFEMjkxRTgzQkExMzM1QzlDQ0ZCRDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPtslj7/5iwmK+Pd6+Dhnf+fEs
ncFSmXx6F0oQR/0UJlQwpbMXAplkycjtAoWXJmAy1zWtide/zwrmZFAREqaJkQHD
uxDZMXGdI6C9JF7Eow497lSTmZLaWCjTrqqVYuFxEHYVCYVBF7QUJgTA10FWP3CQ
x8Z9d9A4cuxKnXJ5lDhDbcKbAtMlr58gwFt304hLtvALkcLlJ2Tv/WQ/kf3YkCjz
8qsa482h9XFfkCvZyy8YmG7wxilgVyDQuimg/o/YjCuvLGYPE4IXVhT3maPVUDeU
8MduOSrpjhCuwpTX6L9vWEEYVd6JBuTMy1CwKI/Io0pz3+7z/dwHAWbYHMQFAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUud8MOnGyY56drSkeg7oTNcnM+9EwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1MTUyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUhgZ
AwQAUhqbAwQAUh0GAwQAUiY9AwQAUilLAwQAUil6AwQAUimqAwQAUinEMA0GCSqG
SIb3DQEBCwUAA4IBAQBhz0FFkIA8SmqwsvEEBtDvl6tMH3DRayUZ7w8WzOzqIcfE
icunnC2buzF4ql60JYLSlb6C49qpM6n6pI5OfHR4TVhtyja9FtGCRgyQhxIuaVEz
9BvtrqG+9zaYWNNvWsac5cCbxRfJxQVhV1Rh/vtzFXzUy8V35v4xLFAwidutwGgE
vpPYy1TrBb/F8NK+8UvhGroYDDlF8S9EH+YltlUZX3I+f8anBToiEXK9h9L/pfQP
wyerjbAzfebuBNyiSxeErJ3H1VsuMVGg8CKnOXOOj4rtUKtZctdSEcIvRceU41ib
REruysZf1ei3rY7GREs0UInDw+gZJu42gjVh+Jpw
-----END CERTIFICATE-----
Generated at Thu Feb 26 09:20:44 2026 by rpki-client