Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS215645.roa
File: AS215645.roa (raw, json)
Hash identifier: NoUY6QkfphFM1A0xAaNDvTrNJBFW0eAouchOZ7Sbokg=
Subject key identifier: 21:B2:A5:64:44:22:F1:C1:C8:0F:FF:BB:35:1E:79:3B:C8:F5:C6:51
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 4068BF801108D388F5C34C256D61878F649DC7A7
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS215645.roa
Signing time: Mon 21 Jul 2025 16:42:26 +0000
ROA not before: Mon 21 Jul 2025 16:37:26 +0000
ROA not after: Mon 20 Jul 2026 16:42:26 +0000
asID: 215645
IP address blocks: 31.40.196.0/24 maxlen: 24
31.40.197.0/24 maxlen: 24
31.40.204.0/24 maxlen: 24
37.221.77.0/24 maxlen: 24
37.221.79.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
92.249.63.0/24 maxlen: 24
93.190.8.0/24 maxlen: 24
139.28.48.0/24 maxlen: 24
139.28.49.0/24 maxlen: 24
139.28.50.0/24 maxlen: 24
139.28.51.0/24 maxlen: 24
176.96.129.0/24 maxlen: 24
176.96.130.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 12:27:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:68:bf:80:11:08:d3:88:f5:c3:4c:25:6d:61:87:8f:64:9d:c7:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jul 21 16:37:26 2025 GMT
Not After : Jul 20 16:42:26 2026 GMT
Subject: CN=21B2A5644422F1C1C80FFFBB351E793BC8F5C651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:17:50:e3:3f:ae:a2:9e:98:63:05:8a:7f:92:
43:ae:3c:3b:8a:c0:16:c2:1b:51:98:64:0b:4f:2f:
e3:58:1b:79:e4:4c:d7:ed:fe:04:d5:2f:f6:d3:20:
9b:2c:eb:2d:bd:cd:81:26:c5:50:07:2b:95:69:94:
2f:00:07:17:72:f0:1d:79:eb:47:63:47:1b:fd:55:
49:4a:22:1e:ab:9c:2b:ff:06:e6:d8:4a:41:be:5a:
84:40:ba:e3:04:ba:99:ae:ce:31:1b:de:0f:79:12:
fe:c5:92:c7:d8:bf:9e:0d:41:ec:1b:5d:fd:90:e5:
a5:26:96:f0:5c:0a:fa:87:6c:06:3f:f3:eb:48:81:
af:c5:cd:9e:2e:8d:2d:70:e9:e3:53:e6:a7:0c:20:
51:01:5a:e3:66:fd:4b:20:82:e1:8e:dc:37:00:ab:
06:eb:b1:f3:86:9e:fd:d9:d3:74:5a:cf:bb:f2:86:
3d:39:e3:71:ca:8b:a0:a6:d5:84:23:cf:16:d8:50:
63:30:71:47:1a:c6:42:ee:7e:c2:17:a7:13:3c:bf:
3f:e7:df:77:1f:af:ca:25:46:2f:35:33:de:2b:06:
58:97:9c:d2:43:5b:0c:a7:3e:38:30:03:c4:bc:05:
90:36:d7:4c:c5:e1:47:c6:1a:0d:64:8d:c1:b7:8d:
e9:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:B2:A5:64:44:22:F1:C1:C8:0F:FF:BB:35:1E:79:3B:C8:F5:C6:51
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS215645.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.196.0/23
31.40.204.0/24
37.221.77.0/24
37.221.79.0/24
85.235.74.0/24
92.249.63.0/24
93.190.8.0/24
139.28.48.0/22
176.96.129.0-176.96.130.255
217.18.208.0/24
Signature Algorithm: sha256WithRSAEncryption
92:57:aa:e4:cc:f5:c9:62:ef:21:91:b6:f7:f1:3a:e5:16:50:
b4:23:db:95:30:4b:26:8d:c1:24:2a:fd:05:e4:3a:4e:d2:2a:
b2:c5:f6:2e:3f:de:87:26:88:f1:18:e0:61:02:fb:f8:3f:4c:
4d:09:5f:01:d6:9a:12:95:36:7d:2e:1b:32:92:2a:4d:39:77:
6a:93:76:76:08:7f:c3:2a:d2:df:59:e5:89:57:55:90:41:a0:
eb:29:03:e9:1b:0f:81:af:ca:18:41:3e:64:88:5c:14:7d:86:
ed:9e:12:77:ec:d9:eb:83:f3:51:0d:a3:3e:60:7b:3b:a4:da:
8d:6d:9a:55:41:2b:c3:d3:ce:51:87:55:14:5b:51:bb:57:5a:
6c:8a:38:a1:c1:d9:0e:ba:db:0c:04:bf:f3:91:55:44:fc:b8:
b2:6a:ac:c8:93:a5:e2:eb:a1:4a:a7:d7:07:8a:ed:0d:de:bb:
1d:5c:35:fa:24:e0:9d:f3:55:41:9d:c4:b7:4b:91:fb:b0:fe:
8c:63:5f:e6:4d:72:fd:df:4e:82:cf:bf:5c:77:98:cd:2d:6e:
36:e0:3c:27:ff:23:1f:f4:ee:93:ac:66:0e:98:6d:28:03:2d:
76:94:52:84:6d:f4:00:22:81:4e:e0:03:65:f9:d4:4f:79:ea:
66:75:f5:19
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUQGi/gBEI04j1w0wlbWGHj2Sdx6cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA3MjExNjM3MjZaFw0yNjA3MjAxNjQyMjZaMDMxMTAvBgNV
BAMTKDIxQjJBNTY0NDQyMkYxQzFDODBGRkZCQjM1MUU3OTNCQzhGNUM2NTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUF1DjP66inphjBYp/kkOuPDuK
wBbCG1GYZAtPL+NYG3nkTNft/gTVL/bTIJss6y29zYEmxVAHK5VplC8ABxdy8B15
60djRxv9VUlKIh6rnCv/BubYSkG+WoRAuuMEupmuzjEb3g95Ev7FksfYv54NQewb
Xf2Q5aUmlvBcCvqHbAY/8+tIga/FzZ4ujS1w6eNT5qcMIFEBWuNm/UsgguGO3DcA
qwbrsfOGnv3Z03Raz7vyhj0543HKi6Cm1YQjzxbYUGMwcUcaxkLufsIXpxM8vz/n
33cfr8olRi81M94rBliXnNJDWwynPjgwA8S8BZA210zF4UfGGg1kjcG3jelHAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUIbKlZEQi8cHID/+7NR55O8j1xlEwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjE1NjQ1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQBHyjE
AwQAHyjMAwQAJd1NAwQAJd1PAwQAVetKAwQAXPk/AwQAXb4IAwQCixwwMAwDBACw
YIEDBACwYIIDBADZEtAwDQYJKoZIhvcNAQELBQADggEBAJJXquTM9cli7yGRtvfx
OuUWULQj25UwSyaNwSQq/QXkOk7SKrLF9i4/3ocmiPEY4GEC+/g/TE0JXwHWmhKV
Nn0uGzKSKk05d2qTdnYIf8Mq0t9Z5YlXVZBBoOspA+kbD4GvyhhBPmSIXBR9hu2e
Enfs2euD81ENoz5gezuk2o1tmlVBK8PTzlGHVRRbUbtXWmyKOKHB2Q662wwEv/OR
VUT8uLJqrMiTpeLroUqn1weK7Q3eux1cNfok4J3zVUGdxLdLkfuw/oxjX+ZNcv3f
ToLPv1x3mM0tbjbgPCf/Ix/07pOsZg6YbSgDLXaUUoRt9AAigU7gA2X51E956mZ1
9Rk=
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:31:08 2025 by rpki-client