
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215172.roa
File: AS215172.roa (raw, json)
Hash identifier: 3yLrHYcUKRsLK0GoeU+2kjl/tyEahYiSHj9mqpc+kbQ=
Subject key identifier: 4D:48:AA:43:EF:92:B8:76:6B:21:58:35:AF:5B:3E:A7:07:4B:55:09
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 39BC65C0D9B3D64E8ACF85AE5804861A44F3D80E
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215172.roa
Signing time: Fri 26 Jun 2026 08:08:39 +0000
ROA not before: Fri 26 Jun 2026 08:03:39 +0000
ROA not after: Fri 25 Jun 2027 08:08:39 +0000
asID: 215172
IP address blocks: 2a0f:85c1:3ad::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Jul 2026 23:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:bc:65:c0:d9:b3:d6:4e:8a:cf:85:ae:58:04:86:1a:44:f3:d8:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Jun 26 08:03:39 2026 GMT
Not After : Jun 25 08:08:39 2027 GMT
Subject: CN=4D48AA43EF92B8766B215835AF5B3EA7074B5509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6c:5f:38:ff:8c:ce:d8:df:6c:34:1a:f1:f4:
7a:ba:12:7c:e6:ff:5d:42:13:f7:a6:68:b4:a3:74:
ad:5c:8f:a0:7c:11:ac:dd:06:37:53:f9:43:fa:90:
8b:3e:7a:c0:fa:2b:5f:ec:7f:a8:ef:f1:31:61:10:
16:88:0e:31:9a:e8:47:29:1f:51:d5:8e:56:fc:8e:
52:d3:9b:e4:0f:4a:01:85:70:e2:ce:52:0b:a5:50:
63:bc:96:dd:2b:6f:f1:ea:bf:56:31:9f:29:22:b4:
ea:e3:04:84:98:02:91:cc:ab:44:26:bb:03:eb:b0:
d0:76:77:75:ff:95:cc:2b:ee:9a:42:1f:e6:ff:34:
aa:3d:f3:f1:31:7f:3f:85:ae:1c:f4:01:9a:fc:80:
73:50:93:e0:41:81:e2:ad:dd:7b:27:a8:b6:40:56:
eb:69:d3:f8:f8:67:2a:91:0e:f5:5c:a4:a6:14:f1:
c1:e2:a5:b2:fd:7d:8f:c3:53:25:bd:16:6a:71:f4:
b9:de:15:43:d5:81:52:4e:c8:4d:4b:00:f2:67:1a:
ca:f8:f1:c3:5c:0d:8c:a2:6a:82:3f:bd:b1:c0:24:
aa:55:bb:a0:d6:bd:95:eb:78:42:31:05:a4:43:1c:
55:13:3c:d0:1e:95:5b:c5:ce:50:d5:65:91:96:4a:
01:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:48:AA:43:EF:92:B8:76:6B:21:58:35:AF:5B:3E:A7:07:4B:55:09
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215172.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3ad::/48
Signature Algorithm: sha256WithRSAEncryption
85:86:02:46:72:b8:b0:a7:59:32:bf:4a:22:72:a4:56:c4:52:
5f:d0:61:1e:d5:1b:2d:58:32:d9:87:b8:a7:76:4a:6d:35:8f:
38:cc:cc:5e:7c:a7:e5:88:0c:5f:db:8f:f2:07:75:38:c0:78:
c7:ae:29:3b:7c:6c:c3:70:02:f9:1a:88:a5:a8:44:b5:c5:ba:
b9:c5:59:e5:bb:5b:d9:19:55:8c:d4:3a:c0:98:50:12:23:55:
e1:d8:22:c3:d6:6c:c2:f6:e1:53:51:4f:9e:89:30:81:fb:d8:
02:94:4d:f7:7a:54:5d:f2:bd:5f:d6:a1:65:70:be:d9:1c:43:
91:11:45:6f:30:b0:79:cf:26:97:0a:72:7e:be:be:fb:f2:d4:
81:45:44:17:75:9a:2e:5a:e9:56:2b:24:28:7a:5b:96:5d:2e:
8d:b9:08:60:ff:70:c4:a0:27:9e:32:09:c2:3f:1c:9d:66:42:
b0:5b:25:64:e5:42:40:54:06:7f:c9:7d:2d:3f:a9:b6:da:09:
4c:b8:91:30:49:f3:06:09:db:96:9d:f2:3f:19:28:ec:c9:fe:
10:12:b7:83:f1:37:a2:a8:f9:9f:6e:94:a6:f8:ea:b4:e0:4a:
77:c0:41:95:94:85:4a:41:6e:07:91:5a:8b:f3:94:e4:14:a0:
5b:78:65:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUObxlwNmz1k6Kz4WuWASGGkTz2A4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNjA2MjYwODAzMzlaFw0yNzA2MjUwODA4MzlaMDMxMTAvBgNV
BAMTKDRENDhBQTQzRUY5MkI4NzY2QjIxNTgzNUFGNUIzRUE3MDc0QjU1MDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWbF84/4zO2N9sNBrx9Hq6Enzm
/11CE/emaLSjdK1cj6B8EazdBjdT+UP6kIs+esD6K1/sf6jv8TFhEBaIDjGa6Ecp
H1HVjlb8jlLTm+QPSgGFcOLOUgulUGO8lt0rb/Hqv1YxnykitOrjBISYApHMq0Qm
uwPrsNB2d3X/lcwr7ppCH+b/NKo98/Exfz+Frhz0AZr8gHNQk+BBgeKt3XsnqLZA
Vutp0/j4ZyqRDvVcpKYU8cHipbL9fY/DUyW9Fmpx9LneFUPVgVJOyE1LAPJnGsr4
8cNcDYyiaoI/vbHAJKpVu6DWvZXreEIxBaRDHFUTPNAelVvFzlDVZZGWSgF/AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUTUiqQ++SuHZrIVg1r1s+pwdLVQkwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE1MTcyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQOtMA0GCSqGSIb3DQEBCwUAA4IBAQCFhgJGcriwp1kyv0oicqRWxFJf0GEe1Rst
WDLZh7indkptNY84zMxefKfliAxf24/yB3U4wHjHrik7fGzDcAL5GoilqES1xbq5
xVnlu1vZGVWM1DrAmFASI1Xh2CLD1mzC9uFTUU+eiTCB+9gClE33elRd8r1f1qFl
cL7ZHEOREUVvMLB5zyaXCnJ+vr778tSBRUQXdZouWulWKyQoeluWXS6NuQhg/3DE
oCeeMgnCPxydZkKwWyVk5UJAVAZ/yX0tP6m22glMuJEwSfMGCduWnfI/GSjsyf4Q
EreD8TeiqPmfbpSm+Oq04Ep3wEGVlIVKQW4HkVqL85TkFKBbeGXZ
-----END CERTIFICATE-----
Generated at Fri Jul 17 07:28:00 2026 by rpki-client