Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215216.roa
File: AS215216.roa (raw, json)
Hash identifier: sJsHHXNXeasOKyxyW48GwLbJL4PYjt3h0TXFHybzujQ=
Subject key identifier: AA:AC:FA:1A:B2:50:A0:18:09:0C:6C:E4:BA:61:CD:BF:7E:8D:DF:72
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 2619C4158A532783B0760E4D98F828BFCB2A7FCC
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215216.roa
Signing time: Fri 23 Aug 2024 08:01:14 +0000
ROA not before: Fri 23 Aug 2024 07:56:14 +0000
ROA not after: Fri 22 Aug 2025 08:01:14 +0000
asID: 215216
IP address blocks: 2a0f:85c1:3a8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:19:c4:15:8a:53:27:83:b0:76:0e:4d:98:f8:28:bf:cb:2a:7f:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:14 2024 GMT
Not After : Aug 22 08:01:14 2025 GMT
Subject: CN=AAACFA1AB250A018090C6CE4BA61CDBF7E8DDF72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a0:cc:ab:ec:a2:d7:f7:4f:f3:b2:ab:79:dc:
dd:79:96:00:37:7e:c4:e3:26:88:9c:f3:50:12:59:
44:c5:ee:77:a1:1d:24:8e:6f:24:02:f0:77:7c:89:
d2:5e:dc:23:b4:40:79:18:3b:d0:7c:32:01:32:cd:
b6:3e:77:41:e1:aa:f3:0e:0b:8c:56:21:f7:a1:b1:
51:3c:a8:d7:30:e5:fc:32:d6:3d:5d:2e:fd:4e:c7:
86:dd:dc:52:ab:fc:7b:e8:e5:24:84:13:1f:c5:50:
a4:da:32:43:ed:9d:8b:16:4d:6a:bf:18:d4:ab:21:
17:15:e4:d8:5a:56:a3:d1:09:ac:ff:f5:45:ea:6c:
b7:2d:58:f1:67:85:72:ba:b7:8d:05:28:d7:6c:18:
0a:62:2a:67:55:6d:06:74:82:7f:f3:87:bc:f8:01:
8b:3a:49:bf:3a:5a:af:ec:99:d3:c4:cc:60:d4:aa:
56:de:46:fd:5e:be:db:8a:c2:e4:d6:13:2d:0f:21:
e1:d6:0d:74:95:3e:56:e8:68:4d:68:ae:2d:68:1d:
9c:1f:70:cf:ba:bd:2c:1d:82:93:ac:34:83:75:ad:
b4:f6:0c:47:cd:fe:df:c8:23:92:52:fe:8a:ed:f5:
5b:0d:8f:ea:6d:6e:0d:71:18:71:63:e1:ca:f3:11:
48:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:AC:FA:1A:B2:50:A0:18:09:0C:6C:E4:BA:61:CD:BF:7E:8D:DF:72
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215216.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3a8::/48
Signature Algorithm: sha256WithRSAEncryption
21:60:84:06:19:65:a1:2a:b3:e1:91:0b:fb:8b:16:c2:6f:73:
34:c3:29:05:29:a8:df:b8:34:61:6f:a2:d4:42:3a:1e:52:04:
ce:92:ff:6a:fc:a7:15:29:a7:1b:b0:66:68:35:0d:82:78:06:
e2:53:8c:75:4a:ef:c9:8d:0a:0a:39:79:63:07:d7:c9:e3:12:
b1:22:5d:2f:a8:65:c5:bc:9e:81:ba:4d:b7:df:43:4e:22:d4:
7c:5d:0d:51:0d:b0:5a:0b:55:ea:c9:c8:11:b8:d0:2e:81:c6:
63:76:9e:16:8c:8d:05:ee:3f:14:19:a2:6a:df:2d:91:12:3e:
36:df:17:a9:ff:73:35:94:9c:0a:ff:06:5b:0b:b8:8b:49:9a:
53:c0:92:e1:99:d7:a9:00:f4:60:86:c8:35:f7:cc:7d:58:36:
42:2e:64:ae:f9:76:77:db:55:be:23:4b:b8:ad:5a:a3:df:95:
cc:04:57:1c:9b:e4:1f:ea:f6:8d:41:3e:61:27:bb:eb:c5:4d:
54:a1:8b:7e:ab:2e:46:8c:b4:73:5a:24:21:19:2e:35:c5:38:
f0:ff:74:96:8c:b3:dc:ff:d9:30:00:37:17:1c:38:11:67:39:
3b:5e:bf:7f:5e:df:b4:e3:ef:78:51:2c:90:b3:b7:ed:05:8b:
25:a6:95:e9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUJhnEFYpTJ4Owdg5NmPgov8sqf8wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MTRaFw0yNTA4MjIwODAxMTRaMDMxMTAvBgNV
BAMTKEFBQUNGQTFBQjI1MEEwMTgwOTBDNkNFNEJBNjFDREJGN0U4RERGNzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZoMyr7KLX90/zsqt53N15lgA3
fsTjJoic81ASWUTF7nehHSSObyQC8Hd8idJe3CO0QHkYO9B8MgEyzbY+d0HhqvMO
C4xWIfehsVE8qNcw5fwy1j1dLv1Ox4bd3FKr/Hvo5SSEEx/FUKTaMkPtnYsWTWq/
GNSrIRcV5NhaVqPRCaz/9UXqbLctWPFnhXK6t40FKNdsGApiKmdVbQZ0gn/zh7z4
AYs6Sb86Wq/smdPEzGDUqlbeRv1evtuKwuTWEy0PIeHWDXSVPlboaE1ori1oHZwf
cM+6vSwdgpOsNIN1rbT2DEfN/t/II5JS/ort9VsNj+ptbg1xGHFj4crzEUh9AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUqqz6GrJQoBgJDGzkumHNv36N33IwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE1MjE2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQOoMA0GCSqGSIb3DQEBCwUAA4IBAQAhYIQGGWWhKrPhkQv7ixbCb3M0wykFKajf
uDRhb6LUQjoeUgTOkv9q/KcVKacbsGZoNQ2CeAbiU4x1Su/JjQoKOXljB9fJ4xKx
Il0vqGXFvJ6Buk2330NOItR8XQ1RDbBaC1XqycgRuNAugcZjdp4WjI0F7j8UGaJq
3y2REj423xep/3M1lJwK/wZbC7iLSZpTwJLhmdepAPRghsg198x9WDZCLmSu+XZ3
21W+I0u4rVqj35XMBFccm+Qf6vaNQT5hJ7vrxU1UoYt+qy5GjLRzWiQhGS41xTjw
/3SWjLPc/9kwADcXHDgRZzk7Xr9/Xt+04+94USyQs7ftBYslppXp
-----END CERTIFICATE-----
Generated at Thu Sep 19 13:12:08 2024 by rpki-client on console-ams.rpki-client.org