Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215287.roa
File: AS215287.roa (raw, json)
Hash identifier: KFjEMdFC332ju4DtPAshi/CuhFmvZs0s2Q6mVix06Wo=
Subject key identifier: DD:1A:34:7A:E9:69:B2:E3:B4:6B:71:1E:B8:7B:72:CE:41:11:5A:11
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2C24C98E91416C71BA02022AF84D014C451080A8
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215287.roa
Signing time: Sun 08 Mar 2026 08:50:30 +0000
ROA not before: Sun 08 Mar 2026 08:45:30 +0000
ROA not after: Sun 07 Mar 2027 08:50:30 +0000
asID: 215287
IP address blocks: 82.39.119.0/24 maxlen: 24
82.40.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 18:40:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:24:c9:8e:91:41:6c:71:ba:02:02:2a:f8:4d:01:4c:45:10:80:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 8 08:45:30 2026 GMT
Not After : Mar 7 08:50:30 2027 GMT
Subject: CN=DD1A347AE969B2E3B46B711EB87B72CE41115A11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b5:a0:2d:cd:7f:3b:53:90:39:8e:72:81:f0:
72:0f:35:df:35:7a:09:03:72:e0:72:31:ca:c0:96:
c8:f9:24:d9:aa:53:34:31:27:b1:60:65:a1:5c:a3:
38:28:8c:7b:6e:ee:81:62:0b:45:cd:29:91:ef:0d:
c9:e2:3e:ac:5e:57:44:04:9f:88:ab:9a:2d:4b:0e:
b1:05:68:46:5e:bb:8a:5c:8a:0a:77:63:79:50:df:
29:0b:da:a7:b8:d5:55:1e:8b:e7:34:09:fd:1c:70:
bf:3b:6d:7e:1c:9a:fa:6b:45:49:12:90:1e:44:5e:
2f:6d:c2:06:e7:4e:f0:99:80:2d:89:c1:bd:22:8f:
ec:22:3e:69:d9:6e:b6:b9:8a:3d:6e:00:bc:a3:d9:
2e:80:68:d0:d9:cc:9f:0c:3b:8f:de:43:02:95:dd:
0e:90:35:7e:f5:03:ef:c7:e8:85:25:0b:d0:04:fe:
9e:f0:1c:12:1c:96:37:8a:f9:09:86:11:e2:07:19:
c8:7b:16:55:67:2a:c8:e6:aa:f6:52:b4:4d:08:dc:
62:aa:77:ac:2c:61:5a:b1:2a:f2:cc:f7:32:6b:bf:
9c:67:72:cf:96:8d:b5:f5:04:6d:fa:b6:fd:a6:c7:
46:60:bc:8f:52:37:a8:b4:d6:e0:6e:16:12:85:13:
a1:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:1A:34:7A:E9:69:B2:E3:B4:6B:71:1E:B8:7B:72:CE:41:11:5A:11
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215287.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.39.119.0/24
82.40.63.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:fc:a4:8d:58:cf:d7:f0:d7:97:f0:f1:35:69:72:e3:a5:d1:
22:56:08:55:a1:86:33:9c:bd:b9:69:96:70:d4:6e:5e:6c:b3:
5b:37:0e:70:58:4f:b2:e4:d3:1c:3c:f5:84:66:49:f3:61:59:
1a:b9:61:5a:8b:eb:9b:8d:06:e6:a8:dd:4d:b0:6d:f2:5d:38:
67:0f:b6:a9:2f:89:7a:ef:49:a8:71:0a:c3:2f:44:2f:79:aa:
05:a4:31:9b:91:36:38:e5:0c:a9:62:8c:f1:a2:32:0d:e5:93:
01:3a:f8:42:3e:e1:65:43:2d:88:47:65:48:5e:6f:7b:42:7c:
7c:f9:9b:5e:63:a0:0f:e6:fe:c6:20:1f:ed:0a:8c:f7:98:91:
e8:18:46:ea:be:04:c1:1c:07:64:3c:f1:8c:6c:c5:e3:0a:04:
08:88:2d:f6:6b:e7:90:20:bb:1d:19:1e:79:96:62:56:ef:9f:
0d:bb:7b:5f:c8:f6:3a:d0:7b:a7:88:dc:98:15:99:ea:3e:61:
ec:e2:2e:b5:27:21:57:9f:ae:1a:bd:e0:f3:37:d7:31:cd:39:
a5:4e:ec:13:34:0e:7b:36:9e:32:08:58:8e:36:91:2d:28:e3:
d3:2a:e4:a2:fc:ff:3b:e2:48:97:29:ac:c4:e7:bd:f3:a3:d9:
f1:81:ba:d9
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIULCTJjpFBbHG6AgIq+E0BTEUQgKgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMDgwODQ1MzBaFw0yNzAzMDcwODUwMzBaMDMxMTAvBgNV
BAMTKEREMUEzNDdBRTk2OUIyRTNCNDZCNzExRUI4N0I3MkNFNDExMTVBMTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXtaAtzX87U5A5jnKB8HIPNd81
egkDcuByMcrAlsj5JNmqUzQxJ7FgZaFcozgojHtu7oFiC0XNKZHvDcniPqxeV0QE
n4irmi1LDrEFaEZeu4pcigp3Y3lQ3ykL2qe41VUei+c0Cf0ccL87bX4cmvprRUkS
kB5EXi9twgbnTvCZgC2Jwb0ij+wiPmnZbra5ij1uALyj2S6AaNDZzJ8MO4/eQwKV
3Q6QNX71A+/H6IUlC9AE/p7wHBIcljeK+QmGEeIHGch7FlVnKsjmqvZStE0I3GKq
d6wsYVqxKvLM9zJrv5xncs+WjbX1BG36tv2mx0ZgvI9SN6i01uBuFhKFE6GBAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQU3Ro0eulpsuO0a3EeuHtyzkERWhEwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1Mjg3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUid3
AwQAUig/MA0GCSqGSIb3DQEBCwUAA4IBAQAO/KSNWM/X8NeX8PE1aXLjpdEiVghV
oYYznL25aZZw1G5ebLNbNw5wWE+y5NMcPPWEZknzYVkauWFai+ubjQbmqN1NsG3y
XThnD7apL4l670mocQrDL0QveaoFpDGbkTY45QypYozxojIN5ZMBOvhCPuFlQy2I
R2VIXm97Qnx8+ZteY6AP5v7GIB/tCoz3mJHoGEbqvgTBHAdkPPGMbMXjCgQIiC32
a+eQILsdGR55lmJW758Nu3tfyPY60HuniNyYFZnqPmHs4i61JyFXn64aveDzN9cx
zTmlTuwTNA57Np4yCFiONpEtKOPTKuSi/P874kiXKazE573zo9nxgbrZ
-----END CERTIFICATE-----
Generated at Fri Mar 13 02:15:28 2026 by rpki-client