Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215241.roa
File: AS215241.roa (raw, json)
Hash identifier: y/vrvr4Tg8Nd18VsVGENkJeFXzCicLJIa0omniK2R9E=
Subject key identifier: AA:49:C9:E0:5F:89:81:86:21:8B:D1:CE:B9:58:FF:38:C9:54:0E:F3
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 378BBD8D44CA9E8B105A108F3C4A446C96500695
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215241.roa
Signing time: Fri 23 Aug 2024 08:01:15 +0000
ROA not before: Fri 23 Aug 2024 07:56:15 +0000
ROA not after: Fri 22 Aug 2025 08:01:15 +0000
asID: 215241
IP address blocks: 2a0f:85c1:3a4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:8b:bd:8d:44:ca:9e:8b:10:5a:10:8f:3c:4a:44:6c:96:50:06:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:15 2024 GMT
Not After : Aug 22 08:01:15 2025 GMT
Subject: CN=AA49C9E05F898186218BD1CEB958FF38C9540EF3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9a:cd:b2:48:2b:fd:06:56:97:4c:68:76:64:
12:95:d6:fd:1f:4d:62:f5:8a:c8:08:d1:4d:3e:7f:
3d:a8:3d:e8:9f:5e:d2:fe:d7:14:cd:0d:b3:b3:c8:
d0:8b:9a:e2:b2:16:1b:21:f2:40:a3:49:d3:d0:42:
b8:ed:55:20:48:0f:1d:6e:2e:9c:ec:d7:84:d8:92:
fd:88:bd:a6:77:0d:ca:6b:70:92:ab:bc:e4:fd:99:
19:ea:46:38:f3:ac:43:3e:c6:ff:09:d5:64:02:9a:
0c:00:04:53:aa:23:8c:e4:a1:ce:32:b4:aa:43:bd:
36:9b:25:40:9b:cf:6a:b4:5a:3d:39:d6:1c:70:04:
a7:a7:a8:50:a9:33:36:54:63:f2:d9:72:bc:7e:1d:
7b:5d:50:4c:3f:ce:5e:68:d7:b5:2d:9b:02:1b:b3:
bc:65:0b:2a:2e:ab:68:f4:7a:42:c0:1e:1c:95:1e:
fb:5b:a6:16:53:c3:e9:1b:ce:e1:59:2c:db:46:e3:
bf:0f:85:41:f6:28:0d:8f:6b:9f:af:ad:5c:de:70:
99:12:a1:8b:9b:0b:7b:fe:51:89:c5:a4:f6:74:c8:
56:30:a3:c0:12:30:93:61:d3:4a:e3:90:d5:cc:37:
7a:6c:c5:f1:02:eb:65:c7:ca:6e:0e:54:63:d4:0d:
00:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:49:C9:E0:5F:89:81:86:21:8B:D1:CE:B9:58:FF:38:C9:54:0E:F3
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215241.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3a4::/48
Signature Algorithm: sha256WithRSAEncryption
97:c2:f2:8c:dd:8b:4d:ae:44:74:a6:49:67:04:8d:c5:4d:5f:
ec:fa:eb:7b:bf:10:e3:e5:80:68:d9:0e:6d:4b:f2:34:b9:50:
db:64:8f:18:98:1d:f2:d1:af:b1:02:ce:de:e4:24:c0:48:1d:
6e:f4:d5:36:17:91:db:93:3f:4c:59:14:10:d6:50:9f:e1:be:
a2:cb:97:cc:2b:f7:34:04:7e:69:1e:44:74:f5:42:c6:30:62:
d4:fb:da:b3:21:b1:0c:aa:7f:1d:2f:32:b7:b5:5a:77:0c:a4:
7b:93:f7:f3:01:d3:d6:7b:3a:76:b0:7e:cf:6c:c6:aa:19:27:
9d:a2:a3:20:53:c5:9a:a2:10:b3:1c:53:02:39:8a:b6:68:14:
11:75:c8:70:29:14:78:dc:17:5d:bd:5a:da:d7:46:ea:a6:f0:
56:56:47:5d:d3:e8:44:d6:eb:e1:0e:1a:5d:9c:9f:4f:8a:26:
1d:c4:7e:b1:43:40:9b:f7:65:0d:f1:ad:30:f5:d6:51:30:f2:
fe:9a:cd:aa:18:74:6f:20:cf:8d:22:a2:8e:c6:93:fb:37:e9:
97:0a:e2:65:aa:4c:95:1f:db:a4:a6:c7:32:2d:ab:38:b0:63:
6a:e4:28:78:76:9d:0f:ce:e4:5d:ec:2f:ff:5b:f5:ba:91:45:
fd:b5:e0:7d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUN4u9jUTKnosQWhCPPEpEbJZQBpUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MTVaFw0yNTA4MjIwODAxMTVaMDMxMTAvBgNV
BAMTKEFBNDlDOUUwNUY4OTgxODYyMThCRDFDRUI5NThGRjM4Qzk1NDBFRjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMms2ySCv9BlaXTGh2ZBKV1v0f
TWL1isgI0U0+fz2oPeifXtL+1xTNDbOzyNCLmuKyFhsh8kCjSdPQQrjtVSBIDx1u
Lpzs14TYkv2IvaZ3DcprcJKrvOT9mRnqRjjzrEM+xv8J1WQCmgwABFOqI4zkoc4y
tKpDvTabJUCbz2q0Wj051hxwBKenqFCpMzZUY/LZcrx+HXtdUEw/zl5o17UtmwIb
s7xlCyouq2j0ekLAHhyVHvtbphZTw+kbzuFZLNtG478PhUH2KA2Pa5+vrVzecJkS
oYubC3v+UYnFpPZ0yFYwo8ASMJNh00rjkNXMN3psxfEC62XHym4OVGPUDQBBAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUqknJ4F+JgYYhi9HOuVj/OMlUDvMwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE1MjQxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQOkMA0GCSqGSIb3DQEBCwUAA4IBAQCXwvKM3YtNrkR0pklnBI3FTV/s+ut7vxDj
5YBo2Q5tS/I0uVDbZI8YmB3y0a+xAs7e5CTASB1u9NU2F5Hbkz9MWRQQ1lCf4b6i
y5fMK/c0BH5pHkR09ULGMGLU+9qzIbEMqn8dLzK3tVp3DKR7k/fzAdPWezp2sH7P
bMaqGSedoqMgU8WaohCzHFMCOYq2aBQRdchwKRR43BddvVra10bqpvBWVkdd0+hE
1uvhDhpdnJ9PiiYdxH6xQ0Cb92UN8a0w9dZRMPL+ms2qGHRvIM+NIqKOxpP7N+mX
CuJlqkyVH9ukpscyLas4sGNq5Ch4dp0PzuRd7C//W/W6kUX9teB9
-----END CERTIFICATE-----
Generated at Thu Sep 19 13:52:02 2024 by rpki-client on console-fra.rpki-client.org