Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215152.roa
File: AS215152.roa (raw, json)
Hash identifier: ctz7QXiKxRe9Z0TI0A+fNygxebgMtsarMf+0s3FOAwY=
Subject key identifier: 61:28:B4:1A:E8:54:E6:9E:F4:84:F3:62:D2:C9:F1:B2:FE:73:7D:C2
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0695AA5F25556A7A939B43A667D657B30B2BE1AC
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215152.roa
Signing time: Tue 02 Jun 2026 15:15:48 +0000
ROA not before: Tue 02 Jun 2026 15:10:48 +0000
ROA not after: Tue 01 Jun 2027 15:15:48 +0000
asID: 215152
IP address blocks: 82.22.49.0/24 maxlen: 24
82.24.25.0/24 maxlen: 24
82.24.48.0/24 maxlen: 24
82.25.16.0/24 maxlen: 24
82.26.205.0/24 maxlen: 24
82.27.133.0/24 maxlen: 24
82.39.128.0/24 maxlen: 24
82.39.239.0/24 maxlen: 24
82.47.17.0/24 maxlen: 24
82.47.45.0/24 maxlen: 24
82.47.51.0/24 maxlen: 24
82.47.99.0/24 maxlen: 24
82.47.157.0/24 maxlen: 24
82.47.168.0/24 maxlen: 24
82.47.182.0/24 maxlen: 24
84.75.207.0/24 maxlen: 24
84.75.210.0/24 maxlen: 24
84.75.240.0/24 maxlen: 24
178.83.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:95:aa:5f:25:55:6a:7a:93:9b:43:a6:67:d6:57:b3:0b:2b:e1:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 2 15:10:48 2026 GMT
Not After : Jun 1 15:15:48 2027 GMT
Subject: CN=6128B41AE854E69EF484F362D2C9F1B2FE737DC2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0c:b2:1d:90:10:0a:ba:40:e9:aa:8f:bd:86:
09:19:d6:ea:61:aa:fb:fc:e6:95:c8:3a:db:14:7c:
a5:ea:14:4d:b5:f2:78:e5:90:1b:1f:f5:79:2a:ec:
0f:b3:79:d2:7a:c3:41:be:67:8a:f3:ef:97:f2:1d:
1a:11:b9:aa:d7:8e:66:2e:76:6b:5d:69:90:e5:97:
00:e7:4d:91:64:f3:b9:1d:5d:fd:0e:82:78:1a:69:
a8:24:0a:17:1a:69:4f:83:72:93:fc:65:b9:f2:22:
db:6c:08:23:52:30:f1:53:1e:6f:30:ea:12:89:bd:
f6:40:6d:02:01:f7:90:88:59:92:fa:8a:a7:de:43:
4f:1d:72:d3:d7:1c:29:cc:78:a6:51:64:05:e1:75:
d5:fc:9b:67:89:22:76:f6:63:12:9f:c2:96:3a:f4:
0d:47:fe:e4:05:e7:7d:bc:0c:4d:ee:bb:70:8b:cb:
6c:ac:f1:91:32:40:f5:35:d0:07:bb:ee:c6:61:2e:
9f:2b:0e:e2:f5:20:ca:1a:0e:2c:da:36:b8:2a:e6:
5b:80:8e:2d:b7:89:70:70:8b:da:b1:43:db:ac:69:
5a:dd:8f:b1:5b:92:22:3d:71:d2:f0:42:28:15:d1:
2c:40:cc:ed:b3:93:7a:82:be:28:bf:4e:97:a8:7d:
ed:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:28:B4:1A:E8:54:E6:9E:F4:84:F3:62:D2:C9:F1:B2:FE:73:7D:C2
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215152.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.49.0/24
82.24.25.0/24
82.24.48.0/24
82.25.16.0/24
82.26.205.0/24
82.27.133.0/24
82.39.128.0/24
82.39.239.0/24
82.47.17.0/24
82.47.45.0/24
82.47.51.0/24
82.47.99.0/24
82.47.157.0/24
82.47.168.0/24
82.47.182.0/24
84.75.207.0/24
84.75.210.0/24
84.75.240.0/24
178.83.89.0/24
Signature Algorithm: sha256WithRSAEncryption
51:47:70:6c:a9:3c:dc:e4:29:50:91:76:e6:ec:cc:fb:f6:41:
2f:2a:b3:69:3b:78:30:d6:6d:90:0b:d8:a2:6d:f0:c4:5e:92:
03:b8:d9:02:4f:6d:b5:94:c7:0a:b5:60:8b:39:9d:9b:0d:b5:
ff:76:28:7a:db:95:97:9d:67:df:e5:6c:71:e5:3d:68:0f:eb:
c1:ea:62:9a:7e:aa:c2:f5:83:f3:2f:f2:c7:35:65:d6:37:36:
bd:df:1f:e3:17:fe:32:21:1e:76:3d:b1:a1:37:38:de:53:3a:
52:82:6d:b0:24:d8:28:ed:e3:f3:35:ac:49:54:c2:d8:ce:9e:
02:7a:c5:b7:3b:a4:59:80:9f:86:20:1b:db:29:e4:b4:ed:a6:
d5:38:b8:dd:fc:8d:fd:f9:5e:20:26:98:9b:83:72:46:16:4e:
d9:73:86:da:71:4f:1b:e3:5e:29:b0:f0:ef:e8:98:d0:08:24:
8c:6a:53:17:7c:08:79:a4:2c:cd:cf:11:17:50:3a:16:87:f3:
4b:74:e6:fc:b6:80:c4:39:ec:5b:ed:fc:d3:53:94:b9:4d:75:
90:92:34:f5:d1:cf:9b:c3:09:41:df:e6:49:fc:1d:af:e6:56:
7f:4a:8a:31:cb:26:a3:3e:6f:d9:d4:54:29:ff:36:4c:42:c7:
71:73:a8:4f
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIUBpWqXyVVanqTm0OmZ9ZXswsr4awwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDIxNTEwNDhaFw0yNzA2MDExNTE1NDhaMDMxMTAvBgNV
BAMTKDYxMjhCNDFBRTg1NEU2OUVGNDg0RjM2MkQyQzlGMUIyRkU3MzdEQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8DLIdkBAKukDpqo+9hgkZ1uph
qvv85pXIOtsUfKXqFE218njlkBsf9Xkq7A+zedJ6w0G+Z4rz75fyHRoRuarXjmYu
dmtdaZDllwDnTZFk87kdXf0OgngaaagkChcaaU+DcpP8ZbnyIttsCCNSMPFTHm8w
6hKJvfZAbQIB95CIWZL6iqfeQ08dctPXHCnMeKZRZAXhddX8m2eJInb2YxKfwpY6
9A1H/uQF5328DE3uu3CLy2ys8ZEyQPU10Ae77sZhLp8rDuL1IMoaDizaNrgq5luA
ji23iXBwi9qxQ9usaVrdj7FbkiI9cdLwQigV0SxAzO2zk3qCvii/Tpeofe1bAgMB
AAGjggJ3MIICczAdBgNVHQ4EFgQUYSi0GuhU5p70hPNi0snxsv5zfcIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1MTUyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAFIW
MQMEAFIYGQMEAFIYMAMEAFIZEAMEAFIazQMEAFIbhQMEAFIngAMEAFIn7wMEAFIv
EQMEAFIvLQMEAFIvMwMEAFIvYwMEAFIvnQMEAFIvqAMEAFIvtgMEAFRLzwMEAFRL
0gMEAFRL8AMEALJTWTANBgkqhkiG9w0BAQsFAAOCAQEAUUdwbKk83OQpUJF25uzM
+/ZBLyqzaTt4MNZtkAvYom3wxF6SA7jZAk9ttZTHCrVgizmdmw21/3YoetuVl51n
3+VsceU9aA/rwepimn6qwvWD8y/yxzVl1jc2vd8f4xf+MiEedj2xoTc43lM6UoJt
sCTYKO3j8zWsSVTC2M6eAnrFtzukWYCfhiAb2ynktO2m1Ti43fyN/fleICaYm4Ny
RhZO2XOG2nFPG+NeKbDw7+iY0AgkjGpTF3wIeaQszc8RF1A6FofzS3Tm/LaAxDns
W+3801OUuU11kJI09dHPm8MJQd/mSfwdr+ZWf0qKMcsmoz5v2dRUKf82TELHcXOo
Tw==
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:10:58 2026 by rpki-client