Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215304.roa
File: AS215304.roa (raw, json)
Hash identifier: 8ZWdPMHCHe30Agv/pCfSlve7MTlpP7Q1u/QlJPYSsqs=
Subject key identifier: 72:B4:98:2F:DF:97:6A:DF:E9:14:B4:DF:F4:55:00:1A:22:80:A6:32
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3E3CEF66286F59CEDF4B6542E0DF1EE61CEF02E3
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215304.roa
Signing time: Sat 24 May 2025 00:01:59 +0000
ROA not before: Fri 23 May 2025 23:56:59 +0000
ROA not after: Sat 23 May 2026 00:01:59 +0000
asID: 215304
IP address blocks: 96.62.103.0/24 maxlen: 24
96.62.115.0/24 maxlen: 24
148.135.154.0/24 maxlen: 24
148.135.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 12:47:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:3c:ef:66:28:6f:59:ce:df:4b:65:42:e0:df:1e:e6:1c:ef:02:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 23 23:56:59 2025 GMT
Not After : May 23 00:01:59 2026 GMT
Subject: CN=72B4982FDF976ADFE914B4DFF455001A2280A632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:49:bf:0c:ed:cb:87:07:35:54:2b:78:63:e9:
af:e7:e5:06:d5:c8:3d:9d:4e:80:f1:59:f6:f2:f3:
90:18:aa:4c:13:f8:5d:38:48:d5:71:1b:cd:3f:4f:
c1:61:02:b2:c3:9d:4a:23:b1:52:76:49:2d:b8:ee:
f1:91:ce:ab:8f:06:b6:a4:98:4b:d4:04:34:eb:55:
d8:04:cd:fc:a4:db:6f:af:9e:fc:0c:11:70:6b:7d:
35:e1:8f:ff:22:a9:d7:a8:5a:21:5f:bb:43:59:85:
ea:80:2c:1d:60:4b:ef:85:cd:8f:48:dc:57:eb:6b:
f6:59:3e:85:5a:ca:71:50:1d:bf:f8:10:ac:78:4a:
68:2a:c0:9e:0b:6a:cc:44:ae:1e:0b:54:7e:b1:19:
46:77:79:7f:b8:23:f9:90:28:be:b4:89:5d:0e:8a:
18:a0:1b:1b:14:cf:8c:56:3a:b1:93:d3:a4:af:bd:
5f:d7:cb:45:be:1c:50:52:aa:e5:ce:90:49:4e:f3:
78:2a:3f:6b:95:8e:2c:df:4e:21:ce:b1:26:6c:e7:
bd:54:b4:bb:49:c3:da:05:0e:4f:13:8c:2c:68:7d:
78:e0:4b:bb:10:65:07:fc:fe:a3:e6:94:df:c4:0f:
59:04:ba:19:43:8c:9d:d3:70:93:39:5f:2b:e6:36:
a3:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:B4:98:2F:DF:97:6A:DF:E9:14:B4:DF:F4:55:00:1A:22:80:A6:32
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.103.0/24
96.62.115.0/24
148.135.154.0/24
148.135.181.0/24
Signature Algorithm: sha256WithRSAEncryption
55:48:3e:34:09:21:ac:79:e8:58:df:19:76:97:d4:a7:b7:9c:
5f:0c:58:cb:3f:4e:10:0f:f5:e7:ea:2f:fa:4c:9d:a4:c8:a7:
2e:01:5e:f6:7d:d2:30:56:a9:5a:59:e2:e8:a6:d9:76:4b:d6:
21:18:a1:69:8f:29:92:2e:dc:ee:45:f2:95:e0:2e:2f:f9:ea:
83:0e:c4:a6:e9:e2:d2:ac:9d:b9:48:60:be:60:29:35:30:ba:
f9:b8:a7:4f:51:bf:2c:6c:bc:bd:f7:f6:23:4a:4a:44:57:3d:
67:f8:49:30:d8:5e:b1:80:4e:39:c4:a0:d0:a9:74:03:39:17:
03:e4:95:e8:6a:98:0a:40:86:2e:68:14:43:f1:99:b4:c2:f6:
c4:9a:23:2d:8c:e3:71:45:b1:85:21:38:8b:ce:9b:42:c4:20:
3c:2b:68:14:36:a6:76:6a:bd:50:88:0f:ab:b7:96:1a:a5:a0:
b6:8d:4c:c7:74:90:79:6c:ca:be:95:94:93:37:0c:5e:9b:4e:
03:81:31:c8:06:d8:87:0f:f5:f1:a3:e4:20:38:d5:1c:8a:70:
35:a1:21:a7:9e:69:63:71:2a:3f:d2:36:65:c1:53:39:00:30:
86:26:5e:87:c5:b5:76:c5:e0:33:ae:af:16:73:82:32:fb:47:
bc:e0:e1:47
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUPjzvZihvWc7fS2VC4N8e5hzvAuMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MjMyMzU2NTlaFw0yNjA1MjMwMDAxNTlaMDMxMTAvBgNV
BAMTKDcyQjQ5ODJGREY5NzZBREZFOTE0QjRERkY0NTUwMDFBMjI4MEE2MzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOSb8M7cuHBzVUK3hj6a/n5QbV
yD2dToDxWfby85AYqkwT+F04SNVxG80/T8FhArLDnUojsVJ2SS247vGRzquPBrak
mEvUBDTrVdgEzfyk22+vnvwMEXBrfTXhj/8iqdeoWiFfu0NZheqALB1gS++FzY9I
3Ffra/ZZPoVaynFQHb/4EKx4SmgqwJ4LasxErh4LVH6xGUZ3eX+4I/mQKL60iV0O
ihigGxsUz4xWOrGT06SvvV/Xy0W+HFBSquXOkElO83gqP2uVjizfTiHOsSZs571U
tLtJw9oFDk8TjCxofXjgS7sQZQf8/qPmlN/ED1kEuhlDjJ3TcJM5XyvmNqNTAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUcrSYL9+Xat/pFLTf9FUAGiKApjIwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE1MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAYD5n
AwQAYD5zAwQAlIeaAwQAlIe1MA0GCSqGSIb3DQEBCwUAA4IBAQBVSD40CSGseehY
3xl2l9Snt5xfDFjLP04QD/Xn6i/6TJ2kyKcuAV72fdIwVqlaWeLoptl2S9YhGKFp
jymSLtzuRfKV4C4v+eqDDsSm6eLSrJ25SGC+YCk1MLr5uKdPUb8sbLy99/YjSkpE
Vz1n+Ekw2F6xgE45xKDQqXQDORcD5JXoapgKQIYuaBRD8Zm0wvbEmiMtjONxRbGF
ITiLzptCxCA8K2gUNqZ2ar1QiA+rt5YapaC2jUzHdJB5bMq+lZSTNwxem04DgTHI
BtiHD/Xxo+QgONUcinA1oSGnnmljcSo/0jZlwVM5ADCGJl6HxbV2xeAzrq8Wc4Iy
+0e84OFH
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:25:45 2025 by rpki-client