Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215135.roa
File: AS215135.roa (raw, json)
Hash identifier: idvSkqrcc/DfZC6wehRwpvdwJS2Ub8K7sYghfaA+pcA=
Subject key identifier: FA:2B:E3:73:03:8E:43:C2:62:F4:1D:12:E5:9B:7F:5B:45:28:F6:50
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 72137B728A04C4E5FD2901D73462EB26D7A36982
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215135.roa
Signing time: Fri 23 Aug 2024 08:01:17 +0000
ROA not before: Fri 23 Aug 2024 07:56:17 +0000
ROA not after: Fri 22 Aug 2025 08:01:17 +0000
asID: 215135
IP address blocks: 2a0f:85c1:3b9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:13:7b:72:8a:04:c4:e5:fd:29:01:d7:34:62:eb:26:d7:a3:69:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:17 2024 GMT
Not After : Aug 22 08:01:17 2025 GMT
Subject: CN=FA2BE373038E43C262F41D12E59B7F5B4528F650
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e6:a1:e9:fb:f9:2d:1b:98:8f:55:ca:b4:98:
e4:49:7f:92:60:1c:f2:ea:f8:a9:1a:0b:d3:3c:00:
06:43:c8:7b:a2:0e:1e:b8:8e:ca:03:d1:99:54:70:
70:74:20:b4:12:21:dc:9d:ba:79:a5:51:a3:04:88:
cb:af:e5:87:0f:ff:1e:b2:00:ca:fb:a2:38:02:4b:
ac:5f:08:b2:09:da:3f:20:cd:e7:33:21:cc:ac:51:
19:7e:a4:17:f2:c4:6b:5b:8d:14:d2:03:fe:20:67:
68:3f:28:d4:e2:12:cb:90:7e:02:08:7f:65:69:fa:
c9:2a:95:a3:a0:a5:62:64:35:98:bf:45:3d:5f:e8:
68:c3:11:f5:71:df:01:ae:89:73:d2:0b:87:ca:75:
b2:05:a7:dd:00:a1:92:5a:dc:a8:f6:85:14:71:dd:
0e:02:4c:84:0f:f1:87:5c:fe:0e:7c:fa:4d:19:b2:
3e:9e:0c:dd:4d:98:44:92:30:ea:54:3b:45:82:dd:
dc:60:64:93:c5:a5:28:2d:5f:2c:af:a1:44:5a:70:
e8:a3:31:12:49:04:f6:7d:8f:72:3d:89:0e:68:3f:
c0:94:0a:40:3a:59:1c:0f:a7:3c:cd:23:e5:21:5c:
86:4d:f9:0b:5c:f2:e6:8f:4d:94:c6:70:fd:4d:a9:
e9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:2B:E3:73:03:8E:43:C2:62:F4:1D:12:E5:9B:7F:5B:45:28:F6:50
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3b9::/48
Signature Algorithm: sha256WithRSAEncryption
0d:69:cb:1f:e6:46:69:81:b1:69:86:b3:b6:08:71:dd:e3:f6:
48:02:0f:bf:f1:a5:71:d0:9a:c4:5c:b4:b6:15:5f:73:c2:86:
89:f6:f5:0c:a0:28:cf:c6:b8:59:70:59:dd:13:42:71:b5:f8:
f5:45:ee:79:12:2d:36:d8:b4:0a:6a:bc:50:a8:ad:87:e2:b4:
d0:5e:36:a0:7b:d4:22:a2:b1:2e:7a:3d:92:ea:70:20:58:f4:
b2:1b:56:6d:f8:fb:61:1e:a3:74:52:aa:90:04:f7:02:5b:dc:
55:45:fb:de:c3:a5:55:23:bb:04:b5:c9:db:69:ee:2b:24:44:
d8:f5:e7:5c:48:9d:26:0d:7d:8c:46:81:ee:00:cc:08:1d:f0:
21:a1:bd:60:ee:2d:4b:ad:3a:9b:e1:97:df:49:0a:f4:e1:8e:
86:8c:5e:b1:d3:d1:0e:12:91:24:ae:5e:d2:5b:39:07:bd:92:
2b:1d:95:4a:ae:b2:81:a9:30:7c:cf:e4:53:d0:4f:6e:4f:bb:
49:a3:eb:5c:bb:16:99:be:d7:ab:a9:c7:0e:a2:82:d5:a6:7f:
a8:7d:5e:c5:9f:6b:72:6b:6d:c3:4c:66:1e:65:ce:a4:76:60:
73:29:ec:c6:cc:46:00:4c:cb:8a:68:e4:70:5e:e4:6e:bf:a9:
26:13:9f:8c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUchN7cooExOX9KQHXNGLrJtejaYIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MTdaFw0yNTA4MjIwODAxMTdaMDMxMTAvBgNV
BAMTKEZBMkJFMzczMDM4RTQzQzI2MkY0MUQxMkU1OUI3RjVCNDUyOEY2NTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv5qHp+/ktG5iPVcq0mORJf5Jg
HPLq+KkaC9M8AAZDyHuiDh64jsoD0ZlUcHB0ILQSIdydunmlUaMEiMuv5YcP/x6y
AMr7ojgCS6xfCLIJ2j8gzeczIcysURl+pBfyxGtbjRTSA/4gZ2g/KNTiEsuQfgII
f2Vp+skqlaOgpWJkNZi/RT1f6GjDEfVx3wGuiXPSC4fKdbIFp90AoZJa3Kj2hRRx
3Q4CTIQP8Ydc/g58+k0Zsj6eDN1NmESSMOpUO0WC3dxgZJPFpSgtXyyvoURacOij
MRJJBPZ9j3I9iQ5oP8CUCkA6WRwPpzzNI+UhXIZN+Qtc8uaPTZTGcP1NqekVAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU+ivjcwOOQ8Ji9B0S5Zt/W0Uo9lAwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE1MTM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQO5MA0GCSqGSIb3DQEBCwUAA4IBAQANacsf5kZpgbFphrO2CHHd4/ZIAg+/8aVx
0JrEXLS2FV9zwoaJ9vUMoCjPxrhZcFndE0Jxtfj1Re55Ei022LQKarxQqK2H4rTQ
Xjage9QiorEuej2S6nAgWPSyG1Zt+PthHqN0UqqQBPcCW9xVRfvew6VVI7sEtcnb
ae4rJETY9edcSJ0mDX2MRoHuAMwIHfAhob1g7i1LrTqb4ZffSQr04Y6GjF6x09EO
EpEkrl7SWzkHvZIrHZVKrrKBqTB8z+RT0E9uT7tJo+tcuxaZvterqccOooLVpn+o
fV7Fn2tya23DTGYeZc6kdmBzKezGzEYATMuKaORwXuRuv6kmE5+M
-----END CERTIFICATE-----
Generated at Thu Nov 21 12:18:36 2024 by rpki-client on console-ams.rpki-client.org