Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS215294.roa
File:                     AS215294.roa (raw, json)
Hash identifier:          xMGqrPKgMMIMKGaWlRMKOax9ueqPR0WI6ERheGSfdUE=
Subject key identifier:   E9:BB:2F:10:CD:88:81:4C:62:E4:9C:C8:48:09:44:A8:C1:DF:4D:E0
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       25B4B25BC0D527E70911C54BDF76DBE62EE38075
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS215294.roa
Signing time:             Mon 07 Jul 2025 12:05:07 +0000
ROA not before:           Mon 07 Jul 2025 12:00:07 +0000
ROA not after:            Mon 06 Jul 2026 12:05:07 +0000
asID:                     215294
IP address blocks:        178.93.74.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 13:47:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:b4:b2:5b:c0:d5:27:e7:09:11:c5:4b:df:76:db:e6:2e:e3:80:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Jul  7 12:00:07 2025 GMT
            Not After : Jul  6 12:05:07 2026 GMT
        Subject: CN=E9BB2F10CD88814C62E49CC8480944A8C1DF4DE0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:f1:d8:d7:8d:0f:05:0e:d4:c3:0d:f0:e3:6c:
                    37:f2:1a:9f:b6:4d:20:a8:59:07:d2:13:2c:e5:e2:
                    7b:fe:66:d9:f0:ac:a5:9c:22:a1:64:33:c4:ac:5f:
                    11:23:05:6e:df:41:3e:9e:22:4c:5c:69:41:e4:92:
                    1c:04:2f:ed:58:54:ea:a2:c2:35:04:e7:42:ce:bb:
                    c7:e9:15:8b:ae:5b:d9:15:9b:8e:33:90:ce:b4:8c:
                    10:c0:a1:65:1f:6b:29:ee:c4:d2:1b:45:f6:62:53:
                    7a:b2:c3:02:3e:59:58:01:8c:a3:fc:08:3b:51:eb:
                    36:85:a0:af:b3:30:fb:d0:b0:39:a7:2b:d7:a3:1d:
                    44:1c:13:bd:c4:7f:8d:c0:2f:e9:9f:4e:b2:cd:14:
                    36:f9:44:69:d7:bb:db:73:80:6b:ff:ca:84:37:1b:
                    e1:a1:5c:38:8f:c2:fc:3c:70:08:a2:7c:75:f1:3a:
                    06:26:90:48:fa:b7:e3:79:53:91:48:17:af:a4:fd:
                    71:da:f3:f0:02:68:7f:59:a9:c4:86:29:eb:f9:7c:
                    e6:09:83:08:8a:81:2d:f9:00:d5:31:5b:9e:bc:d4:
                    83:b1:47:e9:a4:a2:40:f6:e8:e0:d6:48:46:58:b9:
                    a7:98:0e:52:95:59:ea:4b:0e:07:80:c7:02:da:8d:
                    c5:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:BB:2F:10:CD:88:81:4C:62:E4:9C:C8:48:09:44:A8:C1:DF:4D:E0
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS215294.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.93.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:25:ef:8a:66:26:76:11:a4:16:36:a0:7e:00:69:1c:65:86:
         7a:89:64:db:da:16:b9:4b:be:06:dd:a4:be:17:80:04:36:01:
         e1:82:2b:02:54:d1:4b:ea:e2:09:5a:76:87:43:8c:da:f3:ec:
         c2:0d:5d:77:a7:43:53:6f:0f:79:d1:22:33:a3:cb:a3:bd:59:
         63:81:2b:28:0d:fb:82:fb:6d:94:f3:2a:1c:4f:15:81:fd:3b:
         eb:5f:11:be:ee:46:28:eb:ec:13:e7:7e:29:a2:8c:4e:87:1f:
         d9:de:8b:16:12:af:db:46:af:6a:89:c8:35:de:24:1f:14:37:
         9a:75:ba:27:1c:5f:c6:cc:c8:bb:b2:9f:99:8c:95:b7:12:5a:
         4c:1b:c4:9b:2d:d1:be:34:af:2e:2f:1d:41:2c:ff:57:5e:68:
         24:70:9c:3b:5b:12:df:b2:3c:af:ea:c0:64:50:e2:c9:8d:96:
         1b:ba:2c:e4:da:77:da:6c:39:ad:80:4d:b9:2b:54:cf:0b:b1:
         bb:2a:f9:20:77:90:e5:73:1b:fd:58:9d:49:ed:f1:fe:86:a2:
         22:50:82:a2:64:16:95:94:51:e6:78:b6:0a:64:bc:89:d6:f0:
         fd:c0:44:ea:e6:b4:7e:6c:33:d3:38:88:99:70:c0:f2:11:a4:
         81:3d:2b:6f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUJbSyW8DVJ+cJEcVL33bb5i7jgHUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA3MDcxMjAwMDdaFw0yNjA3MDYxMjA1MDdaMDMxMTAvBgNV
BAMTKEU5QkIyRjEwQ0Q4ODgxNEM2MkU0OUNDODQ4MDk0NEE4QzFERjRERTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC48djXjQ8FDtTDDfDjbDfyGp+2
TSCoWQfSEyzl4nv+ZtnwrKWcIqFkM8SsXxEjBW7fQT6eIkxcaUHkkhwEL+1YVOqi
wjUE50LOu8fpFYuuW9kVm44zkM60jBDAoWUfaynuxNIbRfZiU3qywwI+WVgBjKP8
CDtR6zaFoK+zMPvQsDmnK9ejHUQcE73Ef43AL+mfTrLNFDb5RGnXu9tzgGv/yoQ3
G+GhXDiPwvw8cAiifHXxOgYmkEj6t+N5U5FIF6+k/XHa8/ACaH9ZqcSGKev5fOYJ
gwiKgS35ANUxW5681IOxR+mkokD26ODWSEZYuaeYDlKVWepLDgeAxwLajcXFAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU6bsvEM2IgUxi5JzISAlEqMHfTeAwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE1Mjk0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsl1K
MA0GCSqGSIb3DQEBCwUAA4IBAQBTJe+KZiZ2EaQWNqB+AGkcZYZ6iWTb2ha5S74G
3aS+F4AENgHhgisCVNFL6uIJWnaHQ4za8+zCDV13p0NTbw950SIzo8ujvVljgSso
DfuC+22U8yocTxWB/TvrXxG+7kYo6+wT534pooxOhx/Z3osWEq/bRq9qicg13iQf
FDeadbonHF/GzMi7sp+ZjJW3ElpMG8SbLdG+NK8uLx1BLP9XXmgkcJw7WxLfsjyv
6sBkUOLJjZYbuizk2nfabDmtgE25K1TPC7G7Kvkgd5Dlcxv9WJ1J7fH+hqIiUIKi
ZBaVlFHmeLYKZLyJ1vD9wETq5rR+bDPTOIiZcMDyEaSBPStv
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:29:21 2025 by rpki-client