Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215304.roa
File: AS215304.roa (raw, json)
Hash identifier: 2vA1iLvXDEz7797bWLBir15fa/jFSGajsQK1ohz2mtk=
Subject key identifier: 57:F9:95:F1:15:34:10:38:22:50:E6:FB:15:40:32:25:17:2D:E5:23
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 58EC6C03F3C5B9547CE80455EF72DD120DB1E519
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215304.roa
Signing time: Fri 23 May 2025 17:32:07 +0000
ROA not before: Fri 23 May 2025 17:27:07 +0000
ROA not after: Fri 22 May 2026 17:32:07 +0000
asID: 215304
IP address blocks: 82.26.72.0/23 maxlen: 24
82.26.78.0/23 maxlen: 24
82.26.87.0/24 maxlen: 24
82.26.91.0/24 maxlen: 24
82.26.93.0/24 maxlen: 24
82.26.94.0/24 maxlen: 24
82.26.110.0/24 maxlen: 24
82.27.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 05:59:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:ec:6c:03:f3:c5:b9:54:7c:e8:04:55:ef:72:dd:12:0d:b1:e5:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 23 17:27:07 2025 GMT
Not After : May 22 17:32:07 2026 GMT
Subject: CN=57F995F1153410382250E6FB15403225172DE523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:90:7f:14:36:d1:50:12:59:89:c0:72:6d:c6:
e5:4e:cb:2c:7e:d8:7e:8f:75:d1:17:bf:de:a0:e3:
93:da:8e:24:96:b2:6c:45:18:5a:a7:69:a5:83:cb:
e9:f2:e5:43:d4:ad:2f:25:ce:1a:81:81:5d:eb:5c:
fa:66:91:8b:21:44:5e:a7:9b:1e:46:58:b0:6f:25:
ad:25:b1:4a:f6:e8:7a:57:ee:b7:46:6a:2d:e3:59:
3b:53:ba:b6:72:04:c4:2f:f2:93:c9:25:5a:d5:e6:
f2:55:a4:fd:cc:41:c3:15:77:f2:63:a2:82:28:b9:
d5:bb:fd:f8:d3:1a:17:d6:d9:cb:59:7b:13:86:0f:
5c:a3:ce:c3:95:2d:b5:5e:6b:29:65:2e:20:03:5d:
1e:c7:73:b5:b8:88:45:24:8e:07:4d:f3:0e:49:0c:
6f:a6:b4:45:06:7f:fb:46:5e:1d:a5:c8:12:da:4a:
8f:2b:ae:9c:da:1c:7f:df:37:d1:9b:be:d3:4c:0e:
f5:16:6a:74:ba:eb:58:8e:2c:34:1d:07:00:c7:18:
3b:c8:85:7a:fa:48:8f:24:0a:8c:cd:59:99:98:38:
ae:2a:c8:e7:9a:01:93:56:2b:8d:e2:44:7f:0d:2c:
70:00:cc:1b:75:12:e5:f1:82:cf:99:83:fb:9a:d8:
09:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:F9:95:F1:15:34:10:38:22:50:E6:FB:15:40:32:25:17:2D:E5:23
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.26.72.0/23
82.26.78.0/23
82.26.87.0/24
82.26.91.0/24
82.26.93.0-82.26.94.255
82.26.110.0/24
82.27.123.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:42:45:c6:bb:98:b3:ac:57:a0:7c:8b:ca:78:d4:96:a7:94:
9e:3a:60:61:80:65:25:3c:0d:dd:6e:aa:4e:21:c0:16:1c:fc:
66:7d:a5:2e:ac:c7:d6:5e:b2:6c:ac:14:4d:31:82:78:6b:36:
2d:3f:09:36:15:e6:42:a6:41:f5:bc:b5:89:fa:4e:51:7f:de:
f6:9a:ff:12:36:ad:f6:ff:c8:2c:a2:8c:83:0d:45:fa:db:b2:
53:42:2d:21:80:59:58:54:56:df:40:84:46:bb:6b:27:5a:67:
c7:0b:5d:d6:4f:fc:3d:15:94:58:2a:d7:60:82:8f:5f:b6:74:
ef:73:85:ab:05:dd:7d:cb:df:1f:4e:e5:37:b3:78:dc:44:b9:
bc:31:61:bc:f4:b3:2a:ce:4a:16:d0:9d:0d:db:bd:11:30:c2:
62:88:03:f5:7e:51:c3:9a:31:23:02:d0:ee:e6:f5:0a:52:98:
79:6c:a0:51:25:5e:80:64:88:56:8b:80:fc:3a:5a:b3:97:6e:
da:c2:a2:dc:f0:95:a0:50:a8:cf:17:de:83:d2:6b:05:b8:36:
a1:ff:3a:67:34:b9:80:2e:b2:88:76:80:21:77:93:09:3a:89:
08:e3:bb:77:74:ba:57:67:f7:46:05:9b:d2:92:f4:84:3f:5e:
d4:66:f7:76
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUWOxsA/PFuVR86ARV73LdEg2x5RkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA1MjMxNzI3MDdaFw0yNjA1MjIxNzMyMDdaMDMxMTAvBgNV
BAMTKDU3Rjk5NUYxMTUzNDEwMzgyMjUwRTZGQjE1NDAzMjI1MTcyREU1MjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEkH8UNtFQElmJwHJtxuVOyyx+
2H6PddEXv96g45PajiSWsmxFGFqnaaWDy+ny5UPUrS8lzhqBgV3rXPpmkYshRF6n
mx5GWLBvJa0lsUr26HpX7rdGai3jWTtTurZyBMQv8pPJJVrV5vJVpP3MQcMVd/Jj
ooIoudW7/fjTGhfW2ctZexOGD1yjzsOVLbVeayllLiADXR7Hc7W4iEUkjgdN8w5J
DG+mtEUGf/tGXh2lyBLaSo8rrpzaHH/fN9GbvtNMDvUWanS661iOLDQdBwDHGDvI
hXr6SI8kCozNWZmYOK4qyOeaAZNWK43iRH8NLHAAzBt1EuXxgs+Zg/ua2An9AgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUV/mV8RU0EDgiUOb7FUAyJRct5SMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBUhpI
AwQBUhpOAwQAUhpXAwQAUhpbMAwDBABSGl0DBABSGl4DBABSGm4DBABSG3swDQYJ
KoZIhvcNAQELBQADggEBACpCRca7mLOsV6B8i8p41JanlJ46YGGAZSU8Dd1uqk4h
wBYc/GZ9pS6sx9ZesmysFE0xgnhrNi0/CTYV5kKmQfW8tYn6TlF/3vaa/xI2rfb/
yCyijIMNRfrbslNCLSGAWVhUVt9AhEa7aydaZ8cLXdZP/D0VlFgq12CCj1+2dO9z
hasF3X3L3x9O5TezeNxEubwxYbz0syrOShbQnQ3bvREwwmKIA/V+UcOaMSMC0O7m
9QpSmHlsoFElXoBkiFaLgPw6WrOXbtrCotzwlaBQqM8X3oPSawW4NqH/Omc0uYAu
soh2gCF3kwk6iQjju3d0uldn90YFm9KS9IQ/XtRm93Y=
-----END CERTIFICATE-----
Generated at Fri Jun 6 11:53:10 2025 by rpki-client