Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215703.roa
File:                     AS215703.roa (raw, json)
Hash identifier:          7CPkKQEWA4qmazp6kzB3pljKlH1sZPmoX1NaoIBHvic=
Subject key identifier:   AF:1B:EC:93:55:48:18:ED:68:17:45:D4:25:B3:00:BD:02:C2:55:B3
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       118A8C7AEEA157EB4B8C648EE762BB7F65B06724
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215703.roa
Signing time:             Mon 29 Jun 2026 15:38:51 +0000
ROA not before:           Mon 29 Jun 2026 15:33:51 +0000
ROA not after:            Mon 28 Jun 2027 15:38:51 +0000
asID:                     215703
IP address blocks:        82.22.23.0/24 maxlen: 24
                          82.22.174.0/24 maxlen: 24
                          82.22.184.0/24 maxlen: 24
                          82.23.183.0/24 maxlen: 24
                          82.27.2.0/24 maxlen: 24
                          82.29.1.0/24 maxlen: 24
                          82.38.148.0/24 maxlen: 24
                          82.47.171.0/24 maxlen: 24
                          178.83.44.0/24 maxlen: 24
                          2a13:9500:177::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Jul 2026 16:14:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:8a:8c:7a:ee:a1:57:eb:4b:8c:64:8e:e7:62:bb:7f:65:b0:67:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jun 29 15:33:51 2026 GMT
            Not After : Jun 28 15:38:51 2027 GMT
        Subject: CN=AF1BEC93554818ED681745D425B300BD02C255B3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:4f:6c:e4:1d:28:66:fe:99:31:2d:8d:c8:80:
                    ab:13:65:5a:0c:72:6b:c2:18:51:ef:9f:e5:32:80:
                    86:ae:59:bb:c8:34:44:50:66:29:3c:9c:19:a1:ac:
                    ff:5d:78:66:da:05:f6:3b:72:64:1e:2e:5c:8c:d4:
                    51:04:7a:2e:a7:8b:7b:81:a9:01:20:fb:7f:72:24:
                    e4:52:5d:e8:78:04:32:af:52:db:a0:5e:88:0d:04:
                    93:9a:e9:ae:99:b2:7e:cc:ca:ec:28:5e:bb:bf:46:
                    63:d6:11:10:b1:7d:3e:6c:2e:89:18:23:f1:e4:ef:
                    b4:fa:a8:13:b3:dc:34:a4:43:c4:6a:b4:aa:a3:c3:
                    e1:eb:da:e1:a4:a8:f0:ed:ed:53:20:54:ab:83:02:
                    a0:6d:07:3f:32:b6:0b:85:e5:de:d0:5f:85:fd:00:
                    6c:42:d7:67:52:74:f4:08:3d:bc:26:ab:e8:cc:5b:
                    25:9c:67:4a:61:8a:0b:e6:e3:88:bf:2b:0a:a0:43:
                    69:5e:7c:d7:f5:77:c5:04:28:ee:63:a3:67:20:34:
                    cf:39:b3:8e:c5:d6:8b:bb:04:ac:00:e5:71:6c:77:
                    fa:57:5e:0c:11:ff:23:91:4a:c2:43:c6:85:a8:53:
                    90:84:f4:a5:75:70:72:76:8f:df:d0:46:da:1c:5a:
                    70:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:1B:EC:93:55:48:18:ED:68:17:45:D4:25:B3:00:BD:02:C2:55:B3
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215703.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.22.23.0/24
                  82.22.174.0/24
                  82.22.184.0/24
                  82.23.183.0/24
                  82.27.2.0/24
                  82.29.1.0/24
                  82.38.148.0/24
                  82.47.171.0/24
                  178.83.44.0/24
                IPv6:
                  2a13:9500:177::/48

    Signature Algorithm: sha256WithRSAEncryption
         04:c2:50:15:fb:bf:59:6f:56:9d:41:8c:55:a8:4a:f9:46:77:
         81:d8:83:66:d0:ae:db:2c:64:a4:96:de:00:e8:12:a8:06:e6:
         28:ed:cb:b9:4f:ef:aa:1e:ee:8c:e0:4a:55:9b:87:49:dc:a7:
         b1:c1:80:9b:e2:bc:da:b5:7a:1c:50:fd:23:cd:82:99:83:86:
         f4:78:94:2d:ff:d9:da:23:b3:db:77:a6:e2:94:1b:0f:6d:7e:
         a8:b8:57:54:4d:06:db:5c:b4:86:74:06:ca:d8:27:ed:52:10:
         40:e4:a6:c9:ed:c2:ac:90:2f:f7:c7:48:0e:9e:d9:2b:1d:3c:
         96:04:e8:b7:81:92:56:e1:39:c7:dd:4e:74:92:17:2d:14:95:
         bc:e1:07:a1:74:ad:2c:ee:e9:26:47:e9:97:a2:f7:67:bb:b2:
         5b:4b:59:b5:87:e5:e1:01:ee:40:e9:fa:8a:bf:15:2e:00:02:
         1f:78:07:80:31:fa:f9:29:2a:0d:03:47:36:3f:07:0c:3e:f8:
         29:57:66:41:f0:73:13:d1:ea:22:8d:80:d5:15:50:87:12:3a:
         dd:92:40:d7:49:05:4f:42:8c:6e:b0:10:f3:20:c5:e5:61:15:
         ee:a9:35:93:07:e1:f2:2f:f6:b0:be:b7:e3:6b:58:26:44:db:
         b0:48:00:37
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIUEYqMeu6hV+tLjGSO52K7f2WwZyQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MjkxNTMzNTFaFw0yNzA2MjgxNTM4NTFaMDMxMTAvBgNV
BAMTKEFGMUJFQzkzNTU0ODE4RUQ2ODE3NDVENDI1QjMwMEJEMDJDMjU1QjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3T2zkHShm/pkxLY3IgKsTZVoM
cmvCGFHvn+UygIauWbvINERQZik8nBmhrP9deGbaBfY7cmQeLlyM1FEEei6ni3uB
qQEg+39yJORSXeh4BDKvUtugXogNBJOa6a6Zsn7MyuwoXru/RmPWERCxfT5sLokY
I/Hk77T6qBOz3DSkQ8RqtKqjw+Hr2uGkqPDt7VMgVKuDAqBtBz8ytguF5d7QX4X9
AGxC12dSdPQIPbwmq+jMWyWcZ0phigvm44i/KwqgQ2lefNf1d8UEKO5jo2cgNM85
s47F1ou7BKwA5XFsd/pXXgwR/yORSsJDxoWoU5CE9KV1cHJ2j9/QRtocWnATAgMB
AAGjggJLMIICRzAdBgNVHQ4EFgQUrxvsk1VIGO1oF0XUJbMAvQLCVbMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1NzAzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA8BAIAATA2AwQAUhYX
AwQAUhauAwQAUha4AwQAUhe3AwQAUhsCAwQAUh0BAwQAUiaUAwQAUi+rAwQAslMs
MA8EAgACMAkDBwAqE5UAAXcwDQYJKoZIhvcNAQELBQADggEBAATCUBX7v1lvVp1B
jFWoSvlGd4HYg2bQrtssZKSW3gDoEqgG5ijty7lP76oe7ozgSlWbh0ncp7HBgJvi
vNq1ehxQ/SPNgpmDhvR4lC3/2dojs9t3puKUGw9tfqi4V1RNBttctIZ0BsrYJ+1S
EEDkpsntwqyQL/fHSA6e2SsdPJYE6LeBklbhOcfdTnSSFy0UlbzhB6F0rSzu6SZH
6Zei92e7sltLWbWH5eEB7kDp+oq/FS4AAh94B4Ax+vkpKg0DRzY/Bww++ClXZkHw
cxPR6iKNgNUVUIcSOt2SQNdJBU9CjG6wEPMgxeVhFe6pNZMH4fIv9rC+t+NrWCZE
27BIADc=
-----END CERTIFICATE-----
Generated at Fri Jul 17 23:08:45 2026 by rpki-client