Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215304.roa
File:                     AS215304.roa (raw, json)
Hash identifier:          l+h873w1NLNFVHE0aZj+PoFLmO/ELGLTnxO7/phSW+Q=
Subject key identifier:   80:38:BD:FC:96:51:4A:9C:93:A5:C9:00:2B:43:8C:0E:4E:B1:19:0C
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       17838789A5EDA82283F92BB64B076696E27C5235
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215304.roa
Signing time:             Mon 06 Jul 2026 00:03:26 +0000
ROA not before:           Sun 05 Jul 2026 23:58:26 +0000
ROA not after:            Mon 05 Jul 2027 00:03:26 +0000
asID:                     215304
IP address blocks:        82.26.72.0/23 maxlen: 24
                          82.26.78.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Jul 2026 16:14:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:83:87:89:a5:ed:a8:22:83:f9:2b:b6:4b:07:66:96:e2:7c:52:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jul  5 23:58:26 2026 GMT
            Not After : Jul  5 00:03:26 2027 GMT
        Subject: CN=8038BDFC96514A9C93A5C9002B438C0E4EB1190C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:9a:98:6a:0b:5a:1d:eb:df:8d:a1:a3:ab:ed:
                    5c:1d:65:8b:2a:88:9b:61:ba:1b:c7:2e:a6:36:7d:
                    4e:e5:c5:56:c0:66:ef:41:f4:74:8f:45:e0:59:f8:
                    99:8b:44:b5:89:5f:5e:23:33:87:37:17:99:e4:e1:
                    ee:02:01:bd:02:14:0d:d0:06:79:25:61:73:89:77:
                    50:45:26:3a:52:3d:5e:bc:8d:1b:11:b5:62:d9:7e:
                    00:d1:ee:73:46:bb:d0:e6:c7:cb:f0:0e:6b:be:5a:
                    b2:1f:bd:10:14:b6:b2:54:5a:e3:dc:d3:ae:b8:f4:
                    0c:af:fd:cc:df:d1:2a:55:43:af:0a:00:07:a8:2e:
                    77:a7:62:87:ad:42:7f:e8:77:54:f8:31:bb:e7:7e:
                    bd:80:d0:41:37:e5:c3:62:6d:9d:eb:fc:31:5c:eb:
                    2d:91:88:ff:20:43:83:d0:8c:87:fb:ed:dc:53:b7:
                    9e:b4:79:ec:18:b4:8a:2e:74:73:e2:7e:3e:3b:c2:
                    aa:c7:c0:57:f5:c7:92:7b:95:67:6c:f6:cf:1a:a9:
                    1e:b4:a8:52:a6:0a:cb:29:06:1c:23:41:d3:b2:90:
                    eb:0d:a2:65:80:84:3b:26:fb:ec:ff:45:82:16:f9:
                    8f:a2:29:a7:37:4a:68:46:ce:5d:1a:b5:3b:4f:8f:
                    61:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:38:BD:FC:96:51:4A:9C:93:A5:C9:00:2B:43:8C:0E:4E:B1:19:0C
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215304.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.26.72.0/23
                  82.26.78.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a7:fe:bc:47:6c:4d:97:4b:8a:07:2a:a5:c7:7a:dd:b3:b1:4e:
         81:68:7a:37:99:b4:9e:dd:c5:1a:70:cb:dc:e7:aa:b4:f6:fd:
         86:c7:8f:79:eb:22:5b:cd:8f:6e:c1:53:eb:92:13:57:57:4f:
         65:d9:cd:e2:3b:b3:c4:c2:27:79:96:b7:d4:b1:92:e3:51:a0:
         ec:f5:41:53:e4:3d:0a:86:bf:45:8c:cf:03:67:76:95:80:34:
         b6:37:5e:c4:b3:fe:65:fb:26:a5:21:66:75:09:7c:f7:8b:a3:
         83:5d:55:37:77:78:d6:88:a5:df:b6:22:be:fb:82:ab:d0:49:
         0a:7c:47:dd:7f:98:db:03:e1:fd:20:39:41:7b:f1:8a:65:09:
         c7:99:10:69:7d:c1:4c:e4:ff:2e:ef:34:ef:ca:76:b1:b2:5e:
         69:93:c9:fc:76:19:3a:4b:ba:f7:21:19:39:b2:d7:12:df:40:
         b7:fc:b2:3c:91:97:31:50:27:c5:7a:ca:aa:33:f1:19:88:7c:
         07:71:07:bd:e9:57:f7:d5:84:13:1f:fc:06:46:16:f8:95:94:
         50:54:34:b9:51:d1:1b:60:0d:9a:b1:44:ab:4b:0a:fc:a7:2b:
         4a:d3:f0:f0:37:73:c4:d9:ca:c0:47:15:23:77:08:17:55:cb:
         59:c2:b4:1d
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUF4OHiaXtqCKD+Su2SwdmluJ8UjUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA3MDUyMzU4MjZaFw0yNzA3MDUwMDAzMjZaMDMxMTAvBgNV
BAMTKDgwMzhCREZDOTY1MTRBOUM5M0E1QzkwMDJCNDM4QzBFNEVCMTE5MEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHmphqC1od69+NoaOr7VwdZYsq
iJthuhvHLqY2fU7lxVbAZu9B9HSPReBZ+JmLRLWJX14jM4c3F5nk4e4CAb0CFA3Q
BnklYXOJd1BFJjpSPV68jRsRtWLZfgDR7nNGu9Dmx8vwDmu+WrIfvRAUtrJUWuPc
06649Ayv/czf0SpVQ68KAAeoLnenYoetQn/od1T4Mbvnfr2A0EE35cNibZ3r/DFc
6y2RiP8gQ4PQjIf77dxTt560eewYtIoudHPifj47wqrHwFf1x5J7lWds9s8aqR60
qFKmCsspBhwjQdOykOsNomWAhDsm++z/RYIW+Y+iKac3SmhGzl0atTtPj2ExAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUgDi9/JZRSpyTpckAK0OMDk6xGQwwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUhpI
AwQBUhpOMA0GCSqGSIb3DQEBCwUAA4IBAQCn/rxHbE2XS4oHKqXHet2zsU6BaHo3
mbSe3cUacMvc56q09v2Gx4956yJbzY9uwVPrkhNXV09l2c3iO7PEwid5lrfUsZLj
UaDs9UFT5D0Khr9FjM8DZ3aVgDS2N17Es/5l+yalIWZ1CXz3i6ODXVU3d3jWiKXf
tiK++4Kr0EkKfEfdf5jbA+H9IDlBe/GKZQnHmRBpfcFM5P8u7zTvynaxsl5pk8n8
dhk6S7r3IRk5stcS30C3/LI8kZcxUCfFesqqM/EZiHwHcQe96Vf31YQTH/wGRhb4
lZRQVDS5UdEbYA2asUSrSwr8pytK0/DwN3PE2crARxUjdwgXVctZwrQd
-----END CERTIFICATE-----
Generated at Fri Jul 17 23:08:24 2026 by rpki-client