Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215153.roa
File: AS215153.roa (raw, json)
Hash identifier: YYc+gYub+DfblJw5p/RaYQK1Du2PAVpt531A1uF+ZWY=
Subject key identifier: BA:76:4B:92:4C:49:87:37:66:DD:87:BA:EB:6A:39:FA:BB:74:0E:55
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 388713B6F49BFCDBDA7F0E2E4AE8DAD1DCC0EB82
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215153.roa
Signing time: Fri 23 Aug 2024 08:01:20 +0000
ROA not before: Fri 23 Aug 2024 07:56:20 +0000
ROA not after: Fri 22 Aug 2025 08:01:20 +0000
asID: 215153
IP address blocks: 2a0f:85c1:3b0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:87:13:b6:f4:9b:fc:db:da:7f:0e:2e:4a:e8:da:d1:dc:c0:eb:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:20 2024 GMT
Not After : Aug 22 08:01:20 2025 GMT
Subject: CN=BA764B924C49873766DD87BAEB6A39FABB740E55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:42:84:c4:57:13:1e:a9:bd:2f:7f:32:7d:2b:
77:1b:25:05:d9:7c:1f:f1:75:25:44:73:6c:18:83:
65:04:78:bc:bd:70:22:06:1f:79:cc:9e:06:7b:e1:
b9:5e:ec:26:21:ee:35:29:f0:e1:bc:41:6a:48:8d:
25:dd:d1:40:4d:0a:26:b5:24:27:f0:6c:24:ae:12:
6f:f2:a3:d5:ef:0e:b8:68:67:4c:62:e9:eb:1a:30:
4e:4b:b6:44:25:a8:94:81:5b:bc:df:0c:d5:05:83:
17:c6:13:1f:90:1c:bc:37:3f:75:84:bf:be:d0:63:
f4:b0:d7:ce:81:1b:21:9d:97:f8:ee:9d:52:1b:ca:
8d:40:17:e7:7d:db:1f:74:d3:72:f4:5e:c3:b5:ec:
01:40:58:03:b0:d4:66:7e:eb:1d:2e:6d:32:88:39:
1e:e7:76:5a:44:30:49:45:32:24:09:b1:d9:af:39:
a1:e8:18:0e:29:62:69:38:91:20:08:c3:d0:0a:de:
52:70:bf:b6:5e:e6:c6:dc:59:98:66:07:4d:dc:19:
e8:bb:17:60:bd:75:59:27:ae:2a:7e:28:13:30:a2:
ab:00:95:82:3b:c4:15:1a:64:3a:0f:16:60:24:de:
80:f0:61:3d:bb:1e:89:85:b5:74:ac:9e:1b:99:c5:
15:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:76:4B:92:4C:49:87:37:66:DD:87:BA:EB:6A:39:FA:BB:74:0E:55
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215153.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3b0::/48
Signature Algorithm: sha256WithRSAEncryption
3d:c9:a0:d7:64:ba:1b:8a:0a:6f:77:e8:47:eb:59:c4:8e:63:
38:86:68:0d:a0:7a:e3:6f:ab:5b:57:5f:ae:ef:01:33:61:ab:
e7:ab:cb:02:ab:51:26:7d:0d:ba:94:57:19:be:0c:48:53:68:
0c:8d:27:0d:ce:73:ad:e1:7a:6d:64:87:3c:5c:8c:dd:81:53:
0c:f2:28:3d:c5:fb:75:e4:f7:86:31:7c:72:a6:ce:bc:ee:eb:
08:dd:cb:9f:02:14:18:27:e1:f4:89:cf:c8:47:26:ab:32:64:
4a:0c:f3:71:83:da:3a:f9:91:84:1a:9a:be:50:38:85:b9:56:
4a:09:8b:26:c1:ee:79:e2:5b:dc:5b:a8:ea:12:d0:e8:25:10:
3e:c3:db:d1:6b:ba:78:b3:bf:de:4f:eb:4a:85:44:61:c7:6b:
16:f7:e3:5e:53:a9:1b:a3:ca:45:53:07:26:a1:be:9c:3c:12:
1c:b9:68:9f:9c:a9:8d:d9:1d:69:77:cf:11:46:5a:cb:36:a8:
ce:1f:65:3c:22:87:1f:3a:8b:3c:32:59:73:61:3d:4c:8a:3f:
f1:f8:ba:48:13:f4:2e:e6:c5:65:83:b1:04:81:da:9b:ba:72:
1c:74:87:e1:1a:92:fc:4a:10:bd:4e:04:70:6e:84:7e:63:64:
42:5e:a5:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUOIcTtvSb/Nvafw4uSuja0dzA64IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MjBaFw0yNTA4MjIwODAxMjBaMDMxMTAvBgNV
BAMTKEJBNzY0QjkyNEM0OTg3Mzc2NkREODdCQUVCNkEzOUZBQkI3NDBFNTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2QoTEVxMeqb0vfzJ9K3cbJQXZ
fB/xdSVEc2wYg2UEeLy9cCIGH3nMngZ74ble7CYh7jUp8OG8QWpIjSXd0UBNCia1
JCfwbCSuEm/yo9XvDrhoZ0xi6esaME5LtkQlqJSBW7zfDNUFgxfGEx+QHLw3P3WE
v77QY/Sw186BGyGdl/junVIbyo1AF+d92x9003L0XsO17AFAWAOw1GZ+6x0ubTKI
OR7ndlpEMElFMiQJsdmvOaHoGA4pYmk4kSAIw9AK3lJwv7Ze5sbcWZhmB03cGei7
F2C9dVknrip+KBMwoqsAlYI7xBUaZDoPFmAk3oDwYT27HomFtXSsnhuZxRVJAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUunZLkkxJhzdm3Ye662o5+rt0DlUwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE1MTUzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQOwMA0GCSqGSIb3DQEBCwUAA4IBAQA9yaDXZLobigpvd+hH61nEjmM4hmgNoHrj
b6tbV1+u7wEzYavnq8sCq1EmfQ26lFcZvgxIU2gMjScNznOt4XptZIc8XIzdgVMM
8ig9xft15PeGMXxyps687usI3cufAhQYJ+H0ic/IRyarMmRKDPNxg9o6+ZGEGpq+
UDiFuVZKCYsmwe554lvcW6jqEtDoJRA+w9vRa7p4s7/eT+tKhURhx2sW9+NeU6kb
o8pFUwcmob6cPBIcuWifnKmN2R1pd88RRlrLNqjOH2U8IocfOos8MllzYT1Mij/x
+LpIE/Qu5sVlg7EEgdqbunIcdIfhGpL8ShC9TgRwboR+Y2RCXqU6
-----END CERTIFICATE-----
Generated at Thu Sep 19 13:52:02 2024 by rpki-client on console-fra.rpki-client.org