Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215304.roa
File: AS215304.roa (raw, json)
Hash identifier: I/GTxnEMx/HHUU1DDPESU4o2gOmKp+GGgBHcRnaPrZQ=
Subject key identifier: 90:AB:0D:E7:D6:E7:0E:12:CF:41:88:0A:AE:43:3A:82:D2:CA:75:C7
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 1EA167552EFE575B9AFC07C56573BF976889D89C
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215304.roa
Signing time: Tue 25 Mar 2025 01:45:14 +0000
ROA not before: Tue 25 Mar 2025 01:40:14 +0000
ROA not after: Tue 24 Mar 2026 01:45:14 +0000
asID: 215304
IP address blocks: 96.62.100.0/24 maxlen: 24
96.62.101.0/24 maxlen: 24
96.62.114.0/24 maxlen: 24
96.62.115.0/24 maxlen: 24
148.135.181.0/24 maxlen: 24
148.135.190.0/24 maxlen: 24
148.135.255.0/24 maxlen: 24
150.241.236.0/24 maxlen: 24
150.241.237.0/24 maxlen: 24
150.241.238.0/24 maxlen: 24
150.241.239.0/24 maxlen: 24
150.241.240.0/24 maxlen: 24
150.241.241.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:a1:67:55:2e:fe:57:5b:9a:fc:07:c5:65:73:bf:97:68:89:d8:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 25 01:40:14 2025 GMT
Not After : Mar 24 01:45:14 2026 GMT
Subject: CN=90AB0DE7D6E70E12CF41880AAE433A82D2CA75C7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c5:52:ac:a9:fa:ec:5f:14:98:3a:ba:d6:e0:
ce:fb:87:0a:01:9b:76:94:35:4a:bd:1f:d2:43:97:
df:cd:b4:46:cd:ee:aa:e3:0b:9e:01:60:89:71:b8:
75:ad:60:39:0a:df:ce:cd:3d:34:b6:8b:53:ae:2c:
db:2b:9c:f5:a8:a8:be:d2:02:e6:d6:9e:d1:5c:fa:
e2:56:01:2a:2e:dd:7c:7e:94:4b:a0:6e:da:77:81:
18:70:e1:5b:30:33:db:9e:4c:b0:bb:a7:12:8a:84:
0b:4d:4e:55:59:52:f1:e1:41:5c:e3:d1:95:eb:5c:
d0:5d:55:d9:b8:00:36:dc:03:cb:b7:76:45:70:fa:
06:80:af:58:90:1a:2a:5c:45:62:4f:a8:81:28:45:
4c:ad:a9:ac:38:71:ae:db:a1:5f:c9:05:21:35:b7:
5c:65:33:18:2a:8c:b2:e9:37:b9:9d:9e:63:40:4d:
fd:07:c4:5a:e2:ea:51:10:a4:df:61:9f:91:71:c8:
a1:92:78:34:aa:ff:60:2f:5c:7f:fc:51:10:c9:1d:
f8:36:81:ae:d5:0d:f8:bc:67:87:ee:f5:87:67:96:
ad:19:d3:4f:cc:25:91:ce:d6:43:60:22:7d:aa:f5:
9d:f1:47:8b:3a:9e:4b:22:6d:59:d4:cc:56:59:ac:
e4:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:AB:0D:E7:D6:E7:0E:12:CF:41:88:0A:AE:43:3A:82:D2:CA:75:C7
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.100.0/23
96.62.114.0/23
148.135.181.0/24
148.135.190.0/24
148.135.255.0/24
150.241.236.0-150.241.241.255
Signature Algorithm: sha256WithRSAEncryption
1c:46:87:31:41:7f:0b:b3:1c:b0:8b:3a:96:2b:68:bb:c2:3c:
c8:ce:48:13:e6:7f:04:a2:9c:fb:50:89:e0:dc:2b:18:92:30:
fa:ed:c8:d3:44:6d:dc:8c:a8:a4:95:cb:7e:15:8d:d4:76:7b:
d5:e4:4a:46:a1:82:61:1c:9d:4b:12:24:cd:1a:5e:a7:9d:b9:
1d:45:7c:9d:4c:b2:5a:5e:a2:93:23:72:0b:ec:5b:73:b4:04:
4f:99:38:7d:e5:dc:d1:fe:65:b6:3d:94:30:40:f6:35:68:33:
12:09:6e:df:b8:e3:6a:4d:d5:a4:82:90:f1:14:9f:a4:ce:37:
c6:bb:77:4b:77:4f:ef:2d:06:62:d2:3d:f6:97:f7:19:54:86:
ae:8e:06:a9:6a:7f:65:e1:85:a0:ce:52:7f:e7:95:c3:25:d3:
1f:b6:ab:ee:5c:b7:af:36:17:d0:e1:e2:0c:61:34:87:f3:99:
95:4f:6e:2d:f2:3a:8e:d4:a2:41:13:c1:e5:15:0f:6d:e7:d7:
04:8a:41:93:ba:45:fe:2a:c3:f9:b2:e4:cd:21:28:e8:f6:6d:
20:d3:3b:a2:b5:e4:14:dd:b1:91:e9:b2:4f:ee:b6:c5:e9:23:
be:74:db:bf:63:b6:a4:24:3b:d0:97:39:0f:ec:65:95:5e:3a:
4c:8e:b5:1d
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUHqFnVS7+V1ua/AfFZXO/l2iJ2JwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAzMjUwMTQwMTRaFw0yNjAzMjQwMTQ1MTRaMDMxMTAvBgNV
BAMTKDkwQUIwREU3RDZFNzBFMTJDRjQxODgwQUFFNDMzQTgyRDJDQTc1QzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8xVKsqfrsXxSYOrrW4M77hwoB
m3aUNUq9H9JDl9/NtEbN7qrjC54BYIlxuHWtYDkK387NPTS2i1OuLNsrnPWoqL7S
AubWntFc+uJWASou3Xx+lEugbtp3gRhw4VswM9ueTLC7pxKKhAtNTlVZUvHhQVzj
0ZXrXNBdVdm4ADbcA8u3dkVw+gaAr1iQGipcRWJPqIEoRUytqaw4ca7boV/JBSE1
t1xlMxgqjLLpN7mdnmNATf0HxFri6lEQpN9hn5FxyKGSeDSq/2AvXH/8URDJHfg2
ga7VDfi8Z4fu9Ydnlq0Z00/MJZHO1kNgIn2q9Z3xR4s6nksibVnUzFZZrORjAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUkKsN59bnDhLPQYgKrkM6gtLKdccwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE1MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBYD5k
AwQBYD5yAwQAlIe1AwQAlIe+AwQAlIf/MAwDBAKW8ewDBAGW8fAwDQYJKoZIhvcN
AQELBQADggEBABxGhzFBfwuzHLCLOpYraLvCPMjOSBPmfwSinPtQieDcKxiSMPrt
yNNEbdyMqKSVy34VjdR2e9XkSkahgmEcnUsSJM0aXqeduR1FfJ1MslpeopMjcgvs
W3O0BE+ZOH3l3NH+ZbY9lDBA9jVoMxIJbt+442pN1aSCkPEUn6TON8a7d0t3T+8t
BmLSPfaX9xlUhq6OBqlqf2XhhaDOUn/nlcMl0x+2q+5ct682F9Dh4gxhNIfzmZVP
bi3yOo7UokETweUVD23n1wSKQZO6Rf4qw/my5M0hKOj2bSDTO6K15BTdsZHpsk/u
tsXpI750279jtqQkO9CXOQ/sZZVeOkyOtR0=
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:41:36 2025 by rpki-client