Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215154.roa
File: AS215154.roa (raw, json)
Hash identifier: ofkGDuHZWVm0ViPMQk73bIgZkZ4vOBw4yF29jy3IheQ=
Subject key identifier: 11:F6:5B:40:B5:B9:42:62:CE:41:C5:D1:E4:2D:62:B1:DA:2D:F2:A0
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 2B05340A90376991C8B614FDD00E2D74F5349A0A
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215154.roa
Signing time: Fri 23 Aug 2024 08:01:14 +0000
ROA not before: Fri 23 Aug 2024 07:56:14 +0000
ROA not after: Fri 22 Aug 2025 08:01:14 +0000
asID: 215154
IP address blocks: 2a0f:85c1:3b1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:05:34:0a:90:37:69:91:c8:b6:14:fd:d0:0e:2d:74:f5:34:9a:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:14 2024 GMT
Not After : Aug 22 08:01:14 2025 GMT
Subject: CN=11F65B40B5B94262CE41C5D1E42D62B1DA2DF2A0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:54:f2:41:82:d4:2d:2d:03:54:e6:97:4c:03:
b5:43:e2:72:84:9c:05:4b:c6:7e:43:66:2d:3b:5f:
75:07:d0:27:1f:10:cb:b9:6a:fb:55:3b:63:63:6f:
4d:bf:15:27:bc:6b:30:05:f6:c4:c6:c5:77:17:19:
25:12:ec:83:21:5e:fc:19:ae:f6:fa:89:35:dc:da:
43:9a:9a:22:ac:5a:32:21:33:d7:7e:d2:be:7d:18:
4e:fc:ab:ee:a6:f7:22:7f:f1:93:a4:4f:a6:b4:9c:
13:84:77:49:47:2b:bd:d2:87:c3:b8:95:92:64:ea:
ba:c9:f5:fb:ef:94:90:36:ae:8e:a1:d9:00:47:38:
b9:c5:39:b2:04:41:b2:2e:b0:59:82:51:38:26:f5:
81:38:37:44:f5:6f:89:ea:b6:c1:5f:bc:9e:7e:93:
82:ef:af:c6:84:73:ae:a3:c3:ae:7c:d0:dc:8c:8c:
ea:87:e0:ae:59:d0:c5:21:1c:fa:17:12:01:69:63:
cb:b4:04:46:65:27:b0:a0:98:3d:5e:d3:c1:8e:57:
d8:dc:a8:da:39:67:e4:ed:4e:19:21:3c:20:a1:d6:
22:9c:44:fa:c3:35:f4:77:4d:bf:96:c7:f6:4e:6f:
4c:dd:8a:c5:87:d0:6d:05:db:fb:12:85:29:02:45:
f6:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:F6:5B:40:B5:B9:42:62:CE:41:C5:D1:E4:2D:62:B1:DA:2D:F2:A0
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215154.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3b1::/48
Signature Algorithm: sha256WithRSAEncryption
01:0e:df:8d:10:8f:38:e9:c2:4d:9c:d3:f0:1e:22:95:ba:4b:
65:e1:b1:aa:2f:45:e5:4e:e4:76:30:55:02:a5:b7:81:be:d4:
89:36:d4:f0:58:97:68:5e:aa:09:7b:d9:f9:6c:66:9e:47:e0:
44:5d:97:5f:f4:2a:37:06:b9:e3:f5:b9:60:63:29:d1:f8:bf:
ed:b9:7c:c5:f1:ed:2a:3d:ba:4e:d0:e6:98:3b:b8:e5:71:a1:
1d:f0:98:eb:0d:16:ee:7c:01:2e:18:de:57:c5:c3:8b:df:db:
a3:77:43:03:2f:15:d0:59:17:b9:33:57:8b:e6:7a:4e:a4:2b:
fd:46:38:af:2e:5c:a9:01:1d:b8:f3:49:5f:8f:f6:3e:da:af:
ac:37:9a:1d:66:b7:0b:22:63:27:59:95:36:be:1b:e9:52:83:
6c:78:94:51:84:ad:d0:0b:d9:30:c7:40:26:15:28:58:c3:07:
74:5f:b3:40:b3:99:9f:c9:4b:c9:7d:07:69:64:38:bc:be:9c:
f7:2f:a4:14:03:a7:d5:c1:9a:62:b9:47:b7:99:8c:84:af:7b:
f4:a3:33:e4:7f:29:37:46:cb:a3:f3:b2:72:41:60:7c:d9:69:
54:f3:b5:af:ae:5f:f5:a5:dd:8c:69:66:29:9f:95:cb:55:95:
99:85:65:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUKwU0CpA3aZHIthT90A4tdPU0mgowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MTRaFw0yNTA4MjIwODAxMTRaMDMxMTAvBgNV
BAMTKDExRjY1QjQwQjVCOTQyNjJDRTQxQzVEMUU0MkQ2MkIxREEyREYyQTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBVPJBgtQtLQNU5pdMA7VD4nKE
nAVLxn5DZi07X3UH0CcfEMu5avtVO2Njb02/FSe8azAF9sTGxXcXGSUS7IMhXvwZ
rvb6iTXc2kOamiKsWjIhM9d+0r59GE78q+6m9yJ/8ZOkT6a0nBOEd0lHK73Sh8O4
lZJk6rrJ9fvvlJA2ro6h2QBHOLnFObIEQbIusFmCUTgm9YE4N0T1b4nqtsFfvJ5+
k4Lvr8aEc66jw6580NyMjOqH4K5Z0MUhHPoXEgFpY8u0BEZlJ7CgmD1e08GOV9jc
qNo5Z+TtThkhPCCh1iKcRPrDNfR3Tb+Wx/ZOb0zdisWH0G0F2/sShSkCRfYDAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUEfZbQLW5QmLOQcXR5C1isdot8qAwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE1MTU0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQOxMA0GCSqGSIb3DQEBCwUAA4IBAQABDt+NEI846cJNnNPwHiKVuktl4bGqL0Xl
TuR2MFUCpbeBvtSJNtTwWJdoXqoJe9n5bGaeR+BEXZdf9Co3Brnj9blgYynR+L/t
uXzF8e0qPbpO0OaYO7jlcaEd8JjrDRbufAEuGN5XxcOL39ujd0MDLxXQWRe5M1eL
5npOpCv9RjivLlypAR2480lfj/Y+2q+sN5odZrcLImMnWZU2vhvpUoNseJRRhK3Q
C9kwx0AmFShYwwd0X7NAs5mfyUvJfQdpZDi8vpz3L6QUA6fVwZpiuUe3mYyEr3v0
ozPkfyk3Rsuj87JyQWB82WlU87Wvrl/1pd2MaWYpn5XLVZWZhWXD
-----END CERTIFICATE-----
Generated at Thu Sep 19 13:12:08 2024 by rpki-client on console-ams.rpki-client.org