Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215703.roa
File: AS215703.roa (raw, json)
Hash identifier: fn2GK59IkG4ZJ4rZPE+zbKF6WISayl4eBNPe0a2tIjk=
Subject key identifier: F0:14:38:11:C6:83:20:1B:F0:FF:29:EC:A2:9D:84:2F:23:62:93:94
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 12F93BD60A06F50CED8638FD2D4F947E8093C496
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215703.roa
Signing time: Sat 16 May 2026 13:20:29 +0000
ROA not before: Sat 16 May 2026 13:15:29 +0000
ROA not after: Sat 15 May 2027 13:20:29 +0000
asID: 215703
IP address blocks: 82.22.23.0/24 maxlen: 24
82.22.174.0/24 maxlen: 24
82.22.184.0/24 maxlen: 24
82.23.183.0/24 maxlen: 24
82.27.2.0/24 maxlen: 24
82.29.1.0/24 maxlen: 24
82.38.148.0/24 maxlen: 24
2a13:9500:177::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:f9:3b:d6:0a:06:f5:0c:ed:86:38:fd:2d:4f:94:7e:80:93:c4:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 16 13:15:29 2026 GMT
Not After : May 15 13:20:29 2027 GMT
Subject: CN=F0143811C683201BF0FF29ECA29D842F23629394
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b1:21:b9:4c:33:a4:19:bd:d2:ea:66:08:a0:
d5:be:67:5d:aa:11:ee:7a:98:ff:25:a8:7b:dc:70:
d9:1d:53:b6:40:c1:ae:10:04:b9:ad:16:91:90:c9:
4a:1f:f3:3f:79:cf:50:76:01:4c:c2:a5:02:5b:6f:
54:c2:5a:e4:fe:de:e7:99:d3:30:96:9c:6b:d0:45:
d3:6c:49:7d:8e:4a:e1:40:8f:97:32:7c:83:f5:38:
7b:e9:56:d4:39:1e:f9:63:6b:e4:06:8e:34:ae:ff:
8a:12:15:8e:fa:bf:92:3b:a9:d4:0a:c9:b4:9d:a3:
11:c8:77:de:19:79:1e:83:40:e4:5a:36:43:41:c7:
4c:b8:eb:bf:f2:b4:2c:26:89:04:78:ff:74:6e:2c:
e8:cc:72:5a:59:4e:71:4f:f0:7f:6a:99:a5:e5:98:
b6:dd:db:b9:f6:4d:ac:1b:eb:54:39:5a:38:f9:3d:
cf:19:40:01:2d:60:85:59:7d:40:5e:09:68:03:08:
3f:22:1a:4b:43:4f:fe:cc:6e:e1:82:79:b5:fb:46:
bb:a0:a5:36:ef:12:e5:fd:6f:59:a9:8e:2d:e8:c1:
80:1d:8c:d5:67:06:9c:a3:87:4c:64:f9:9e:30:6d:
0e:b5:6e:1b:60:9e:8d:e3:6b:7c:5d:71:84:c1:70:
b5:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:14:38:11:C6:83:20:1B:F0:FF:29:EC:A2:9D:84:2F:23:62:93:94
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215703.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.23.0/24
82.22.174.0/24
82.22.184.0/24
82.23.183.0/24
82.27.2.0/24
82.29.1.0/24
82.38.148.0/24
IPv6:
2a13:9500:177::/48
Signature Algorithm: sha256WithRSAEncryption
6b:23:98:46:6d:da:5b:26:91:78:a1:dd:a5:4c:9e:3d:9c:d5:
9e:b2:fc:3c:00:16:43:1d:cf:e6:d9:0c:3a:b0:e2:89:b1:60:
3f:d5:7e:4a:1a:48:38:43:dc:12:de:3e:7a:96:4a:bd:08:58:
7d:30:22:a0:0e:7b:e7:8e:26:b8:59:47:98:53:c2:0b:6d:53:
27:72:27:6f:d8:ba:39:90:0c:b6:77:f1:43:1b:63:44:c5:78:
f0:6a:71:8e:28:93:8b:68:b3:86:a0:66:2a:06:88:02:f9:f2:
43:67:49:04:37:aa:70:02:13:8d:4d:c3:f1:1f:3a:78:d5:ad:
cb:f4:d5:ce:6e:ab:0c:a0:8e:56:47:87:49:75:65:7b:f2:6c:
45:34:88:ba:0b:b5:6e:f5:30:90:9b:34:4d:09:8b:c4:89:31:
0b:14:76:4e:6a:71:9c:29:12:23:e2:3a:65:8d:57:04:1f:04:
c9:22:bc:79:6c:79:73:17:aa:50:8d:f7:26:c4:ef:bc:04:12:
d6:8e:8b:78:f7:92:26:ad:07:1d:60:0c:68:93:7c:5e:e7:4e:
47:0e:df:60:38:e0:13:cf:5d:06:35:04:27:e6:31:ac:4b:dc:
7c:6c:7d:e7:ec:72:34:de:82:e0:48:ba:61:6f:ed:c9:91:8c:
dc:0c:7e:f2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUEvk71goG9Qzthjj9LU+UfoCTxJYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MTYxMzE1MjlaFw0yNzA1MTUxMzIwMjlaMDMxMTAvBgNV
BAMTKEYwMTQzODExQzY4MzIwMUJGMEZGMjlFQ0EyOUQ4NDJGMjM2MjkzOTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTsSG5TDOkGb3S6mYIoNW+Z12q
Ee56mP8lqHvccNkdU7ZAwa4QBLmtFpGQyUof8z95z1B2AUzCpQJbb1TCWuT+3ueZ
0zCWnGvQRdNsSX2OSuFAj5cyfIP1OHvpVtQ5Hvlja+QGjjSu/4oSFY76v5I7qdQK
ybSdoxHId94ZeR6DQORaNkNBx0y467/ytCwmiQR4/3RuLOjMclpZTnFP8H9qmaXl
mLbd27n2Tawb61Q5Wjj5Pc8ZQAEtYIVZfUBeCWgDCD8iGktDT/7MbuGCebX7Rrug
pTbvEuX9b1mpji3owYAdjNVnBpyjh0xk+Z4wbQ61bhtgno3ja3xdcYTBcLWPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU8BQ4EcaDIBvw/ynsop2ELyNik5QwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1NzAzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQAUhYX
AwQAUhauAwQAUha4AwQAUhe3AwQAUhsCAwQAUh0BAwQAUiaUMA8EAgACMAkDBwAq
E5UAAXcwDQYJKoZIhvcNAQELBQADggEBAGsjmEZt2lsmkXih3aVMnj2c1Z6y/DwA
FkMdz+bZDDqw4omxYD/VfkoaSDhD3BLePnqWSr0IWH0wIqAOe+eOJrhZR5hTwgtt
UydyJ2/YujmQDLZ38UMbY0TFePBqcY4ok4tos4agZioGiAL58kNnSQQ3qnACE41N
w/EfOnjVrcv01c5uqwygjlZHh0l1ZXvybEU0iLoLtW71MJCbNE0Ji8SJMQsUdk5q
cZwpEiPiOmWNVwQfBMkivHlseXMXqlCN9ybE77wEEtaOi3j3kiatBx1gDGiTfF7n
TkcO32A44BPPXQY1BCfmMaxL3HxsfefscjTeguBIumFv7cmRjNwMfvI=
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:11:33 2026 by rpki-client