Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS14315.roa
File: AS14315.roa (raw, json)
Hash identifier: 1yZiY1NneQDpMinOHAcZMIKiGMWmR7qTKL6HwQN3BU8=
Subject key identifier: 48:99:A5:E2:C7:C3:6E:6A:10:04:14:A2:DA:52:A1:53:56:51:DA:A3
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 5F197526D11AEA113AC9C38E2816465F7BBF50E6
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS14315.roa
Signing time: Wed 15 Jan 2025 02:37:24 +0000
ROA not before: Wed 15 Jan 2025 02:32:24 +0000
ROA not after: Wed 14 Jan 2026 02:37:24 +0000
asID: 14315
IP address blocks: 2a0f:85c1:b49::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:19:75:26:d1:1a:ea:11:3a:c9:c3:8e:28:16:46:5f:7b:bf:50:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Jan 15 02:32:24 2025 GMT
Not After : Jan 14 02:37:24 2026 GMT
Subject: CN=4899A5E2C7C36E6A100414A2DA52A1535651DAA3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a9:6d:22:cb:18:aa:aa:e0:1a:f5:49:0d:17:
91:72:b5:d2:a0:fe:3f:6b:0a:80:7d:0c:a2:90:f9:
41:d3:53:2e:1e:a5:06:4b:88:2a:f7:0a:40:26:ad:
a3:d3:60:d6:58:78:0f:c5:ba:f4:84:21:e2:83:8f:
4f:f3:61:6a:97:e6:a5:2d:32:db:ac:d6:9f:d1:03:
b9:0b:8d:fb:a4:1a:7e:5a:4c:fb:db:0a:fb:e8:11:
1a:23:7d:15:73:4e:82:76:38:0d:60:5a:5c:13:fe:
c4:51:90:aa:87:f9:87:b6:ba:94:00:f7:4d:90:6e:
43:d4:6a:91:57:c3:a9:d8:8b:f6:fd:b0:7a:3c:71:
3d:35:03:0f:f6:69:27:2b:75:87:0c:a5:e6:1e:a7:
e2:39:4b:44:9f:b9:34:b8:27:34:63:0e:23:27:92:
ac:a4:52:13:ad:d1:aa:ab:c8:95:08:94:ef:08:0c:
00:d3:38:79:6d:46:2e:ff:68:0b:b2:e6:bd:cb:ac:
3e:6a:16:41:db:7b:c5:00:a9:9f:cb:57:24:51:fd:
22:17:ac:4a:61:1b:8f:d2:17:73:1a:cc:55:f4:30:
b9:8b:4e:69:58:00:98:ba:8c:ec:13:fa:80:76:e3:
3a:63:59:50:76:2e:fa:7a:76:89:4c:36:b2:6c:f3:
04:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:99:A5:E2:C7:C3:6E:6A:10:04:14:A2:DA:52:A1:53:56:51:DA:A3
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS14315.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:b49::/48
Signature Algorithm: sha256WithRSAEncryption
a8:1d:b5:21:da:3d:84:3f:fb:49:52:ee:ad:01:c5:b0:e0:41:
d8:00:3c:12:c6:40:38:85:e7:5d:3b:0d:63:17:a9:a5:cf:55:
f3:08:b4:b0:ed:2f:ab:a2:82:4d:f1:3c:db:26:9d:5d:69:ab:
99:09:6c:55:9f:c8:2c:d2:43:26:9f:d0:38:21:4e:b0:a8:0e:
12:6e:24:b0:0c:bd:25:c3:91:a7:f2:bd:97:3d:ab:5a:ce:0b:
a7:24:67:c8:9b:c7:76:68:03:e4:29:80:69:82:56:23:ea:da:
44:7e:1c:c3:86:9c:9f:55:5d:70:45:c1:75:7c:3f:aa:44:83:
9b:be:ec:73:47:c2:8f:88:32:f0:56:82:31:88:6b:e1:b1:74:
a3:b0:5f:4b:9f:ee:60:d5:ec:64:fd:50:ae:32:f9:18:47:0f:
d5:9d:ad:9c:a0:28:7f:0c:ff:76:55:f5:f8:dd:da:d3:76:a6:
6d:da:9f:2b:62:45:3b:bd:b8:7b:4b:43:44:10:25:99:f3:64:
f7:69:c4:2f:14:7f:51:c2:ed:87:3d:70:c4:0d:b0:c2:56:20:
02:a2:e1:bc:55:f4:a8:db:a0:5c:a4:95:c6:5f:8a:fe:68:33:
4c:1c:7a:50:8e:a4:17:69:fb:de:c3:ef:d8:07:51:99:fb:f6:
90:d4:41:f2
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUXxl1JtEa6hE6ycOOKBZGX3u/UOYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTAxMTUwMjMyMjRaFw0yNjAxMTQwMjM3MjRaMDMxMTAvBgNV
BAMTKDQ4OTlBNUUyQzdDMzZFNkExMDA0MTRBMkRBNTJBMTUzNTY1MURBQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2qW0iyxiqquAa9UkNF5FytdKg
/j9rCoB9DKKQ+UHTUy4epQZLiCr3CkAmraPTYNZYeA/FuvSEIeKDj0/zYWqX5qUt
Mtus1p/RA7kLjfukGn5aTPvbCvvoERojfRVzToJ2OA1gWlwT/sRRkKqH+Ye2upQA
902QbkPUapFXw6nYi/b9sHo8cT01Aw/2aScrdYcMpeYep+I5S0SfuTS4JzRjDiMn
kqykUhOt0aqryJUIlO8IDADTOHltRi7/aAuy5r3LrD5qFkHbe8UAqZ/LVyRR/SIX
rEphG4/SF3MazFX0MLmLTmlYAJi6jOwT+oB24zpjWVB2Lvp6dolMNrJs8wT1AgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUSJml4sfDbmoQBBSi2lKhU1ZR2qMwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMTQzMTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqD4XB
C0kwDQYJKoZIhvcNAQELBQADggEBAKgdtSHaPYQ/+0lS7q0BxbDgQdgAPBLGQDiF
5107DWMXqaXPVfMItLDtL6uigk3xPNsmnV1pq5kJbFWfyCzSQyaf0DghTrCoDhJu
JLAMvSXDkafyvZc9q1rOC6ckZ8ibx3ZoA+QpgGmCViPq2kR+HMOGnJ9VXXBFwXV8
P6pEg5u+7HNHwo+IMvBWgjGIa+GxdKOwX0uf7mDV7GT9UK4y+RhHD9WdrZygKH8M
/3ZV9fjd2tN2pm3anytiRTu9uHtLQ0QQJZnzZPdpxC8Uf1HC7Yc9cMQNsMJWIAKi
4bxV9KjboFyklcZfiv5oM0wcelCOpBdp+97D79gHUZn79pDUQfI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:45:52 2025 by rpki-client