
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215084.roa
File: AS215084.roa (raw, json)
Hash identifier: tu7pGhzp2W7iirBPovuIP+VB+rDEtyiWn6Hmr50u4U4=
Subject key identifier: A4:19:0E:78:56:1A:90:E7:89:B2:49:1D:62:CE:12:ED:2B:09:BC:29
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 669D08387F02FCF82EC86FB07BAC9AA5097193B4
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215084.roa
Signing time: Fri 26 Jun 2026 08:08:45 +0000
ROA not before: Fri 26 Jun 2026 08:03:45 +0000
ROA not after: Fri 25 Jun 2027 08:08:45 +0000
asID: 215084
IP address blocks: 2a0f:85c1:3c4::/48 maxlen: 48
2a0f:85c1:80f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 Jul 2026 05:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:9d:08:38:7f:02:fc:f8:2e:c8:6f:b0:7b:ac:9a:a5:09:71:93:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Jun 26 08:03:45 2026 GMT
Not After : Jun 25 08:08:45 2027 GMT
Subject: CN=A4190E78561A90E789B2491D62CE12ED2B09BC29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:79:e0:18:4a:1d:c6:99:7c:23:2a:7e:1c:76:
b9:aa:e9:2b:df:fe:20:7c:3f:fb:11:b7:b7:33:49:
10:a4:e8:cb:10:ee:d0:c4:a5:db:7e:09:78:16:c0:
7a:72:ab:3d:55:f2:4b:86:fd:f8:c4:8c:87:8e:3c:
d7:b1:4f:c4:79:8f:39:b6:4a:27:2e:5e:ef:88:73:
63:ef:ed:e5:98:0b:f2:d6:bf:c7:2e:a8:66:3c:12:
80:49:cd:f0:29:bf:5c:53:0c:8f:78:94:dd:1a:9c:
2a:61:db:d8:bf:99:34:2a:e7:68:63:7f:6c:a5:5c:
dc:5b:09:14:3f:bd:7f:a4:ee:cc:3c:b2:8f:23:25:
47:90:eb:a3:9e:5e:d6:50:61:f5:a4:92:dc:50:0b:
2a:da:ee:10:23:36:7f:24:13:14:12:31:7a:12:83:
0b:d1:36:ad:4f:40:9b:31:9a:b6:b0:f4:03:36:fa:
d1:fa:02:de:56:2a:a4:e8:df:87:6b:4d:95:e1:fe:
36:2a:83:72:83:74:1c:7a:e0:1a:f5:74:6d:1e:c2:
1f:fd:7f:f2:7d:91:30:4f:c1:89:54:f1:df:06:7a:
3b:69:8d:55:7e:b1:2e:a5:bd:cd:09:2a:23:65:e2:
02:8c:8b:ae:21:8f:01:44:21:6f:26:36:ee:74:1d:
71:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:19:0E:78:56:1A:90:E7:89:B2:49:1D:62:CE:12:ED:2B:09:BC:29
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215084.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3c4::/48
2a0f:85c1:80f::/48
Signature Algorithm: sha256WithRSAEncryption
1f:dd:83:ec:ef:66:4f:38:a1:56:e2:e8:c1:ee:ca:d2:55:ac:
c2:50:7a:2e:77:93:66:94:c7:3e:41:43:9c:ac:65:85:20:df:
cf:c4:10:54:d9:06:95:41:95:4c:20:8c:b7:60:7d:47:d8:bd:
2d:19:50:14:65:d0:a6:1a:73:d7:bc:d9:af:0a:b3:70:bf:7a:
9a:d0:91:3f:8c:1a:c4:ca:79:18:c3:a2:b6:a7:64:a2:ca:77:
0f:70:72:84:a8:18:50:c9:78:45:24:50:68:93:14:e0:fc:ac:
c1:0e:51:10:94:13:f9:0e:e0:0c:ee:a0:66:f8:c3:b0:60:a8:
29:46:ca:48:41:0d:24:a7:cd:49:28:0d:83:6a:fd:a0:1e:a1:
e4:b8:d6:2c:84:7b:f6:a7:75:55:46:b9:5e:7b:c9:4f:1a:e5:
13:b3:8e:11:0b:aa:05:c5:6c:a5:38:dc:9c:d5:57:68:ac:b2:
71:82:e6:a5:83:1c:65:3b:fd:ea:79:04:c3:cc:fc:80:b9:0a:
36:13:c3:8b:d4:44:a2:38:06:2e:35:8c:50:cd:48:83:f3:7a:
a8:1b:99:78:4f:07:55:65:83:e0:d9:1e:fb:65:d3:b0:e9:5f:
7a:ad:e1:af:64:cc:9b:c3:8a:42:b4:61:7c:9c:f0:1e:c6:fd:
d4:b2:85:eb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUZp0IOH8C/PguyG+we6yapQlxk7QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNjA2MjYwODAzNDVaFw0yNzA2MjUwODA4NDVaMDMxMTAvBgNV
BAMTKEE0MTkwRTc4NTYxQTkwRTc4OUIyNDkxRDYyQ0UxMkVEMkIwOUJDMjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzeeAYSh3GmXwjKn4cdrmq6Svf
/iB8P/sRt7czSRCk6MsQ7tDEpdt+CXgWwHpyqz1V8kuG/fjEjIeOPNexT8R5jzm2
SicuXu+Ic2Pv7eWYC/LWv8cuqGY8EoBJzfApv1xTDI94lN0anCph29i/mTQq52hj
f2ylXNxbCRQ/vX+k7sw8so8jJUeQ66OeXtZQYfWkktxQCyra7hAjNn8kExQSMXoS
gwvRNq1PQJsxmraw9AM2+tH6At5WKqTo34drTZXh/jYqg3KDdBx64Br1dG0ewh/9
f/J9kTBPwYlU8d8GejtpjVV+sS6lvc0JKiNl4gKMi64hjwFEIW8mNu50HXG7AgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUpBkOeFYakOeJskkdYs4S7SsJvCkwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE1MDg0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg+F
wQPEAwcAKg+FwQgPMA0GCSqGSIb3DQEBCwUAA4IBAQAf3YPs72ZPOKFW4ujB7srS
VazCUHoud5NmlMc+QUOcrGWFIN/PxBBU2QaVQZVMIIy3YH1H2L0tGVAUZdCmGnPX
vNmvCrNwv3qa0JE/jBrEynkYw6K2p2SiyncPcHKEqBhQyXhFJFBokxTg/KzBDlEQ
lBP5DuAM7qBm+MOwYKgpRspIQQ0kp81JKA2Dav2gHqHkuNYshHv2p3VVRrlee8lP
GuUTs44RC6oFxWylONyc1VdorLJxgualgxxlO/3qeQTDzPyAuQo2E8OL1ESiOAYu
NYxQzUiD83qoG5l4TwdVZYPg2R77ZdOw6V96reGvZMybw4pCtGF8nPAexv3UsoXr
-----END CERTIFICATE-----
Generated at Sun Jul 12 13:31:49 2026 by rpki-client