Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215152.roa
File: AS215152.roa (raw, json)
Hash identifier: oDutnNW39NMFPGyInIAtUEP/iMtQhYZRPvgiCj/y7hI=
Subject key identifier: D6:BB:36:C9:2C:7E:B9:38:D9:76:49:43:60:6C:E9:86:1A:EA:63:1F
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 06C2873FB3F7C27175710CECA30B260D25A0474C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215152.roa
Signing time: Thu 09 Apr 2026 09:42:47 +0000
ROA not before: Thu 09 Apr 2026 09:37:47 +0000
ROA not after: Thu 08 Apr 2027 09:42:47 +0000
asID: 215152
IP address blocks: 82.24.25.0/24 maxlen: 24
82.26.155.0/24 maxlen: 24
82.29.6.0/24 maxlen: 24
82.38.105.0/24 maxlen: 24
82.41.75.0/24 maxlen: 24
82.41.122.0/24 maxlen: 24
84.75.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 Apr 2026 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:c2:87:3f:b3:f7:c2:71:75:71:0c:ec:a3:0b:26:0d:25:a0:47:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 9 09:37:47 2026 GMT
Not After : Apr 8 09:42:47 2027 GMT
Subject: CN=D6BB36C92C7EB938D9764943606CE9861AEA631F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:2f:29:54:de:e9:51:da:4e:f9:30:6c:de:63:
68:57:fd:69:c3:87:36:b8:dd:45:80:fa:11:2c:89:
da:6b:4e:02:f1:43:6e:d6:20:e4:a3:56:65:8c:d5:
20:e0:86:27:66:1a:18:10:26:37:1b:f3:ba:91:24:
f0:d9:c2:84:0e:72:0e:bc:3c:2f:be:a0:bc:91:8b:
02:aa:82:ef:5b:c4:8f:8a:1d:2e:29:2e:57:55:1f:
22:28:ee:09:50:af:0a:58:bd:0b:b9:76:39:c4:59:
70:4a:cc:64:7d:c8:62:80:79:62:b3:08:57:73:c3:
05:81:56:66:60:3c:d6:f4:33:06:01:75:f0:9b:50:
40:78:42:e4:51:91:58:75:00:a2:6f:ae:06:f3:e1:
b6:8a:5e:a4:d3:17:31:d0:2a:26:65:b1:9d:45:9e:
8c:6b:e9:27:2f:75:ff:73:09:72:a9:9d:10:24:39:
bd:da:58:23:7a:29:9c:86:79:91:ad:09:a0:cb:eb:
4f:e2:52:f3:f2:dd:e4:df:d7:68:68:36:b3:dd:53:
82:fd:59:41:09:e1:f3:92:40:6f:13:1e:7e:a9:42:
fd:fa:7c:13:5c:53:18:61:71:4c:e8:81:ca:18:7d:
f2:13:a4:fa:a4:94:8c:63:2e:44:b2:ce:3f:8d:ea:
88:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:BB:36:C9:2C:7E:B9:38:D9:76:49:43:60:6C:E9:86:1A:EA:63:1F
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215152.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.24.25.0/24
82.26.155.0/24
82.29.6.0/24
82.38.105.0/24
82.41.75.0/24
82.41.122.0/24
84.75.175.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:2b:b9:d9:12:7a:c8:c7:d7:9e:bc:8a:55:a9:e2:8d:50:25:
2e:99:e9:4c:51:13:4b:6a:37:37:c2:2e:df:69:23:5c:57:5f:
7d:e5:09:0e:cd:44:40:0b:a8:13:df:1e:1d:d2:24:db:ed:84:
ae:e8:ac:be:8b:fe:34:b5:9c:95:43:c0:8b:3c:10:7c:eb:94:
56:5d:4f:11:1e:f1:55:a8:f4:39:8a:1f:96:a3:67:60:bb:ee:
90:84:8d:4e:dc:46:58:e2:ea:ef:30:03:ec:eb:e7:e1:70:f8:
2a:6f:b5:66:34:7b:d9:ab:3c:f6:0c:05:66:c1:6a:d1:38:63:
f7:87:48:f9:48:b4:c9:3c:9c:9d:1f:af:89:f2:fc:08:de:55:
7f:35:80:e3:b1:d9:a7:0c:a3:6f:8c:cb:a7:2b:91:6f:1f:a5:
31:b1:b1:f5:1c:4c:52:7b:5e:12:24:66:ab:93:43:6f:a2:ac:
f0:c6:2e:3a:ec:e0:0f:ea:8c:0e:b0:d6:36:9c:0f:2c:0c:bf:
7b:c2:ca:52:0e:4e:59:bc:ee:46:4b:49:69:04:db:d3:af:11:
9a:ee:79:31:5e:20:99:1b:a8:9b:f6:f4:57:f2:42:19:b8:e3:
2d:fc:dd:fc:e2:3c:bd:af:19:57:69:2e:00:eb:60:dd:80:24:
5e:51:d5:17
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUBsKHP7P3wnF1cQzsowsmDSWgR0wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MDkwOTM3NDdaFw0yNzA0MDgwOTQyNDdaMDMxMTAvBgNV
BAMTKEQ2QkIzNkM5MkM3RUI5MzhEOTc2NDk0MzYwNkNFOTg2MUFFQTYzMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRLylU3ulR2k75MGzeY2hX/WnD
hza43UWA+hEsidprTgLxQ27WIOSjVmWM1SDghidmGhgQJjcb87qRJPDZwoQOcg68
PC++oLyRiwKqgu9bxI+KHS4pLldVHyIo7glQrwpYvQu5djnEWXBKzGR9yGKAeWKz
CFdzwwWBVmZgPNb0MwYBdfCbUEB4QuRRkVh1AKJvrgbz4baKXqTTFzHQKiZlsZ1F
noxr6Scvdf9zCXKpnRAkOb3aWCN6KZyGeZGtCaDL60/iUvPy3eTf12hoNrPdU4L9
WUEJ4fOSQG8THn6pQv36fBNcUxhhcUzogcoYffITpPqklIxjLkSyzj+N6ojbAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQU1rs2ySx+uTjZdklDYGzphhrqYx8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1MTUyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUhgZ
AwQAUhqbAwQAUh0GAwQAUiZpAwQAUilLAwQAUil6AwQAVEuvMA0GCSqGSIb3DQEB
CwUAA4IBAQAsK7nZEnrIx9eevIpVqeKNUCUumelMURNLajc3wi7faSNcV1995QkO
zURAC6gT3x4d0iTb7YSu6Ky+i/40tZyVQ8CLPBB865RWXU8RHvFVqPQ5ih+Wo2dg
u+6QhI1O3EZY4urvMAPs6+fhcPgqb7VmNHvZqzz2DAVmwWrROGP3h0j5SLTJPJyd
H6+J8vwI3lV/NYDjsdmnDKNvjMunK5FvH6UxsbH1HExSe14SJGark0Nvoqzwxi46
7OAP6owOsNY2nA8sDL97wspSDk5ZvO5GS0lpBNvTrxGa7nkxXiCZG6ib9vRX8kIZ
uOMt/N384jy9rxlXaS4A62DdgCReUdUX
-----END CERTIFICATE-----
Generated at Mon Apr 13 12:27:08 2026 by rpki-client