Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS215152.roa
File: AS215152.roa (raw, json)
Hash identifier: C2UAYA4J6d/r2cTg8A2IxLljtQQaSeBd1NaQlaJnWak=
Subject key identifier: 4B:A9:35:BD:77:84:90:4D:6A:CC:F7:7C:E9:BA:28:C2:44:03:70:55
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 5324DEBE09242283130E2BA507A662D992BC256A
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS215152.roa
Signing time: Wed 03 Jun 2026 02:48:54 +0000
ROA not before: Wed 03 Jun 2026 02:43:54 +0000
ROA not after: Wed 02 Jun 2027 02:48:54 +0000
asID: 215152
IP address blocks: 51.146.4.0/24 maxlen: 24
51.146.15.0/24 maxlen: 24
51.146.17.0/24 maxlen: 24
51.146.19.0/24 maxlen: 24
51.146.104.0/24 maxlen: 24
51.146.240.0/24 maxlen: 24
51.146.246.0/24 maxlen: 24
51.241.53.0/24 maxlen: 24
51.241.64.0/24 maxlen: 24
51.241.65.0/24 maxlen: 24
51.241.73.0/24 maxlen: 24
51.241.76.0/24 maxlen: 24
51.241.99.0/24 maxlen: 24
51.241.126.0/24 maxlen: 24
51.241.145.0/24 maxlen: 24
51.241.167.0/24 maxlen: 24
51.241.196.0/24 maxlen: 24
51.241.197.0/24 maxlen: 24
51.241.203.0/24 maxlen: 24
51.241.208.0/24 maxlen: 24
51.241.211.0/24 maxlen: 24
51.241.232.0/24 maxlen: 24
51.241.233.0/24 maxlen: 24
51.241.234.0/24 maxlen: 24
51.241.237.0/24 maxlen: 24
51.241.252.0/24 maxlen: 24
51.241.253.0/24 maxlen: 24
51.241.254.0/24 maxlen: 24
78.105.141.0/24 maxlen: 24
78.105.149.0/24 maxlen: 24
78.105.152.0/24 maxlen: 24
78.105.156.0/24 maxlen: 24
78.105.157.0/24 maxlen: 24
78.105.161.0/24 maxlen: 24
78.105.167.0/24 maxlen: 24
78.105.168.0/24 maxlen: 24
78.105.170.0/24 maxlen: 24
78.105.174.0/24 maxlen: 24
78.105.192.0/24 maxlen: 24
78.105.209.0/24 maxlen: 24
78.105.212.0/24 maxlen: 24
188.220.17.0/24 maxlen: 24
188.220.94.0/24 maxlen: 24
188.220.151.0/24 maxlen: 24
188.220.153.0/24 maxlen: 24
188.220.223.0/24 maxlen: 24
188.220.233.0/24 maxlen: 24
188.221.30.0/24 maxlen: 24
188.221.33.0/24 maxlen: 24
188.221.52.0/24 maxlen: 24
188.221.106.0/24 maxlen: 24
188.221.114.0/24 maxlen: 24
188.221.115.0/24 maxlen: 24
188.221.131.0/24 maxlen: 24
188.221.133.0/24 maxlen: 24
188.221.148.0/24 maxlen: 24
188.221.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:24:de:be:09:24:22:83:13:0e:2b:a5:07:a6:62:d9:92:bc:25:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Jun 3 02:43:54 2026 GMT
Not After : Jun 2 02:48:54 2027 GMT
Subject: CN=4BA935BD7784904D6ACCF77CE9BA28C244037055
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:a5:30:16:42:9b:21:ef:9d:05:1d:85:46:a0:
1d:1f:ca:f0:7a:ce:67:e2:db:e6:ff:58:d4:34:16:
12:29:81:1e:c8:f3:d2:2f:8e:31:b8:d6:51:36:82:
98:98:28:31:57:47:d0:e0:be:2c:cb:16:95:ec:64:
28:5b:10:3e:ea:51:f1:3b:a6:a7:c4:04:7c:1a:ae:
36:79:58:42:f6:d8:12:c2:3a:11:24:c6:f6:4d:b4:
b3:ab:db:03:a4:86:1f:ca:43:bd:1a:d0:b1:b2:88:
c5:8e:34:6f:3d:54:dd:c1:e4:eb:c2:1b:a8:a0:e6:
89:a9:a7:31:22:0e:2c:11:09:74:87:dc:5e:f8:a7:
96:f4:c9:64:4b:28:2b:6a:63:1e:d1:bd:d2:40:95:
4f:0b:9f:7a:7d:4e:c6:00:3f:0b:85:9f:23:46:87:
04:42:46:b1:44:b9:96:6a:3b:c6:ec:24:28:93:bc:
77:bc:10:1d:e3:42:89:e3:f4:9f:3b:7f:d6:d6:fc:
42:31:af:b3:ea:5c:80:ff:a4:4d:78:4b:26:2e:99:
69:ce:92:71:c9:3f:32:05:d4:63:d7:41:b0:d5:1d:
86:b2:15:56:f1:34:bd:da:33:3a:58:fd:d4:8b:94:
3c:01:4e:87:2d:1e:0b:ce:69:4d:ec:0a:10:64:39:
6b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:A9:35:BD:77:84:90:4D:6A:CC:F7:7C:E9:BA:28:C2:44:03:70:55
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS215152.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.146.4.0/24
51.146.15.0/24
51.146.17.0/24
51.146.19.0/24
51.146.104.0/24
51.146.240.0/24
51.146.246.0/24
51.241.53.0/24
51.241.64.0/23
51.241.73.0/24
51.241.76.0/24
51.241.99.0/24
51.241.126.0/24
51.241.145.0/24
51.241.167.0/24
51.241.196.0/23
51.241.203.0/24
51.241.208.0/24
51.241.211.0/24
51.241.232.0-51.241.234.255
51.241.237.0/24
51.241.252.0-51.241.254.255
78.105.141.0/24
78.105.149.0/24
78.105.152.0/24
78.105.156.0/23
78.105.161.0/24
78.105.167.0-78.105.168.255
78.105.170.0/24
78.105.174.0/24
78.105.192.0/24
78.105.209.0/24
78.105.212.0/24
188.220.17.0/24
188.220.94.0/24
188.220.151.0/24
188.220.153.0/24
188.220.223.0/24
188.220.233.0/24
188.221.30.0/24
188.221.33.0/24
188.221.52.0/24
188.221.106.0/24
188.221.114.0/23
188.221.131.0/24
188.221.133.0/24
188.221.148.0/24
188.221.194.0/24
Signature Algorithm: sha256WithRSAEncryption
63:0b:75:98:85:f8:5c:79:c9:c8:dc:56:35:45:e9:b8:c4:76:
7d:b6:2e:17:4c:10:dd:db:bb:41:80:82:f5:af:55:56:4f:31:
55:2e:f2:ad:40:c0:66:6b:9f:9e:6d:e1:1b:70:62:85:7b:8c:
9b:b2:9c:52:15:8e:b8:48:c1:3a:11:5e:63:7c:cb:ce:6d:cc:
3c:8f:22:a7:fb:4c:2f:0a:3a:6c:7f:fd:2a:2d:ec:5a:4d:d5:
56:07:84:11:a6:3d:1c:d4:99:57:7e:08:69:85:01:b9:03:12:
9c:ed:19:49:6e:86:5b:11:22:34:45:2b:62:4c:a8:71:90:c2:
ea:f3:79:cd:4e:22:23:8e:2f:2c:1d:6b:2d:44:1b:86:3f:d4:
83:7d:f5:b5:5b:57:05:f4:dd:92:c0:c4:ac:f4:0c:54:56:ab:
ee:d6:b1:d3:3e:f1:65:30:8e:91:20:69:ed:23:39:aa:3b:1a:
1a:a8:e1:74:10:de:bc:64:51:f6:4a:a4:dc:57:81:76:53:82:
7d:40:9b:e5:1b:c1:a8:41:de:6e:14:d5:c3:4b:16:77:54:54:
2f:bc:67:ca:5d:e2:52:a1:51:c2:ce:67:e3:9e:71:f0:a6:cd:
a9:0b:96:4b:ed:1c:07:6c:f6:23:56:c8:4f:73:ff:7f:35:c7:
6b:24:2a:c2
-----BEGIN CERTIFICATE-----
MIIGPDCCBSSgAwIBAgIUUyTevgkkIoMTDiulB6Zi2ZK8JWowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjA2MDMwMjQzNTRaFw0yNzA2MDIwMjQ4NTRaMDMxMTAvBgNV
BAMTKDRCQTkzNUJENzc4NDkwNEQ2QUNDRjc3Q0U5QkEyOEMyNDQwMzcwNTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnpTAWQpsh750FHYVGoB0fyvB6
zmfi2+b/WNQ0FhIpgR7I89IvjjG41lE2gpiYKDFXR9DgvizLFpXsZChbED7qUfE7
pqfEBHwarjZ5WEL22BLCOhEkxvZNtLOr2wOkhh/KQ70a0LGyiMWONG89VN3B5OvC
G6ig5omppzEiDiwRCXSH3F74p5b0yWRLKCtqYx7RvdJAlU8Ln3p9TsYAPwuFnyNG
hwRCRrFEuZZqO8bsJCiTvHe8EB3jQonj9J87f9bW/EIxr7PqXID/pE14SyYumWnO
knHJPzIF1GPXQbDVHYayFVbxNL3aMzpY/dSLlDwBToctHgvOaU3sChBkOWspAgMB
AAGjggNGMIIDQjAdBgNVHQ4EFgQUS6k1vXeEkE1qzPd86boowkQDcFUwHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzk2ZTRhYzg2LTE4MDMt
NDk0ZC04YTdiLWMwNTFhNjMxMDc1Mi8wL0FTMjE1MTUyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIIBWQYIKwYBBQUHAQcBAf8EggFIMIIBRDCCAUAEAgAB
MIIBOAMEADOSBAMEADOSDwMEADOSEQMEADOSEwMEADOSaAMEADOS8AMEADOS9gME
ADPxNQMEATPxQAMEADPxSQMEADPxTAMEADPxYwMEADPxfgMEADPxkQMEADPxpwME
ATPxxAMEADPxywMEADPx0AMEADPx0zAMAwQDM/HoAwQAM/HqAwQAM/HtMAwDBAIz
8fwDBAAz8f4DBABOaY0DBABOaZUDBABOaZgDBAFOaZwDBABOaaEwDAMEAE5ppwME
AE5pqAMEAE5pqgMEAE5prgMEAE5pwAMEAE5p0QMEAE5p1AMEALzcEQMEALzcXgME
ALzclwMEALzcmQMEALzc3wMEALzc6QMEALzdHgMEALzdIQMEALzdNAMEALzdagME
AbzdcgMEALzdgwMEALzdhQMEALzdlAMEALzdwjANBgkqhkiG9w0BAQsFAAOCAQEA
Ywt1mIX4XHnJyNxWNUXpuMR2fbYuF0wQ3du7QYCC9a9VVk8xVS7yrUDAZmufnm3h
G3BihXuMm7KcUhWOuEjBOhFeY3zLzm3MPI8ip/tMLwo6bH/9Ki3sWk3VVgeEEaY9
HNSZV34IaYUBuQMSnO0ZSW6GWxEiNEUrYkyocZDC6vN5zU4iI44vLB1rLUQbhj/U
g331tVtXBfTdksDErPQMVFar7tax0z7xZTCOkSBp7SM5qjsaGqjhdBDevGRR9kqk
3FeBdlOCfUCb5RvBqEHebhTVw0sWd1RUL7xnyl3iUqFRws5n455x8KbNqQuWS+0c
B2z2I1bIT3P/fzXHayQqwg==
-----END CERTIFICATE-----
Generated at Wed Jun 3 08:31:21 2026 by rpki-client