Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215743.roa
File: AS215743.roa (raw, json)
Hash identifier: PTjnrNiv9uhBfxaB3ZvsaAuv68p5V2HrAWGKte/w9rE=
Subject key identifier: C5:CA:1F:F8:E9:A6:2C:3D:EC:09:AD:4A:C3:A3:E4:F3:88:CD:80:8F
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 1A515A0CF148CF698639FDB405D0B41608D15F61
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215743.roa
Signing time: Fri 23 Aug 2024 08:01:23 +0000
ROA not before: Fri 23 Aug 2024 07:56:23 +0000
ROA not after: Fri 22 Aug 2025 08:01:23 +0000
asID: 215743
IP address blocks: 2a0f:85c1:347::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:51:5a:0c:f1:48:cf:69:86:39:fd:b4:05:d0:b4:16:08:d1:5f:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:23 2024 GMT
Not After : Aug 22 08:01:23 2025 GMT
Subject: CN=C5CA1FF8E9A62C3DEC09AD4AC3A3E4F388CD808F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:bf:cf:de:d7:d3:12:57:a8:ae:c2:41:de:3a:
3b:1b:62:82:c2:0a:5d:e1:bc:9a:f8:f8:dd:05:91:
16:0d:10:99:b1:ab:73:d4:a7:ee:93:f0:c4:5a:26:
97:8a:a4:a4:90:be:72:36:42:3d:c2:b4:0a:7c:c4:
19:21:06:ff:de:66:15:26:2b:e3:9e:48:b8:ee:51:
a1:ec:69:fe:62:a4:dd:a8:78:e4:d3:1a:31:46:77:
3c:66:8c:ff:99:03:63:30:4c:f7:e4:40:de:df:82:
0b:40:09:ba:46:38:bf:a3:e2:d3:84:e1:dd:30:95:
57:bc:94:d3:f0:20:cc:6c:89:bf:3e:f0:2c:6a:5d:
b0:55:56:62:79:d2:eb:96:05:f4:da:64:64:8f:c8:
36:ed:d5:4a:d7:49:c2:d1:3f:8d:41:63:ad:c7:ed:
02:8b:dc:85:96:bf:f2:94:e3:36:30:56:79:12:6b:
38:76:1f:f4:11:0a:e8:aa:34:db:4f:f8:7d:df:75:
5e:52:e7:72:a9:d9:45:6e:08:2c:b0:dc:d9:34:fc:
92:6d:32:f0:45:92:0d:e7:ab:0a:c8:ee:71:7b:1d:
91:ee:29:46:3c:e5:4a:5b:01:82:18:7e:7f:21:af:
b5:20:cb:d7:14:1a:2c:3b:fd:77:3a:59:ef:6b:9a:
7a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:CA:1F:F8:E9:A6:2C:3D:EC:09:AD:4A:C3:A3:E4:F3:88:CD:80:8F
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215743.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:347::/48
Signature Algorithm: sha256WithRSAEncryption
bd:dd:55:e7:84:09:83:99:73:8c:f1:de:d2:e4:5b:25:8b:3a:
bb:3a:d0:95:eb:4e:f6:83:e3:fc:60:a0:85:40:3e:33:03:91:
3d:e8:5d:90:ec:1b:c9:29:7a:74:12:c4:f7:99:13:1b:9b:1b:
dc:b7:d5:1b:39:cc:9d:b1:c0:cb:c7:4f:52:bf:84:44:70:fb:
da:94:5e:26:b7:bd:d6:8f:d7:2b:5b:b3:f7:2d:7a:91:29:72:
9a:15:5f:af:14:eb:01:82:dc:f4:fe:a0:c4:d1:f3:c2:c4:27:
0e:87:2c:51:3e:12:e6:52:31:aa:e8:f5:d9:15:ca:cc:62:7c:
5b:a0:e0:eb:8f:21:2f:ab:6f:04:af:17:dc:3b:51:b7:ac:1e:
22:83:a1:70:92:90:5c:dd:48:35:25:b7:35:6b:b9:72:9f:18:
47:1c:c1:94:99:12:99:83:9a:a2:b1:33:49:21:2a:c4:df:07:
f7:88:b4:57:0a:7a:26:fd:94:3c:08:3c:af:d5:40:03:ab:17:
11:5f:74:fb:e4:a4:e8:33:b6:e8:77:ea:53:71:25:b6:28:de:
5f:31:1c:ec:5e:36:4a:6f:ed:82:6f:1c:4b:37:8a:f0:82:d8:
ce:83:89:89:8f:64:e4:9a:e7:f7:cb:31:ad:70:60:83:a6:78:
e3:59:39:00
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUGlFaDPFIz2mGOf20BdC0FgjRX2EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MjNaFw0yNTA4MjIwODAxMjNaMDMxMTAvBgNV
BAMTKEM1Q0ExRkY4RTlBNjJDM0RFQzA5QUQ0QUMzQTNFNEYzODhDRDgwOEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlv8/e19MSV6iuwkHeOjsbYoLC
Cl3hvJr4+N0FkRYNEJmxq3PUp+6T8MRaJpeKpKSQvnI2Qj3CtAp8xBkhBv/eZhUm
K+OeSLjuUaHsaf5ipN2oeOTTGjFGdzxmjP+ZA2MwTPfkQN7fggtACbpGOL+j4tOE
4d0wlVe8lNPwIMxsib8+8CxqXbBVVmJ50uuWBfTaZGSPyDbt1UrXScLRP41BY63H
7QKL3IWWv/KU4zYwVnkSazh2H/QRCuiqNNtP+H3fdV5S53Kp2UVuCCyw3Nk0/JJt
MvBFkg3nqwrI7nF7HZHuKUY85UpbAYIYfn8hr7Ugy9cUGiw7/Xc6We9rmnrTAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUxcof+OmmLD3sCa1Kw6Pk84jNgI8wHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE1NzQzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQNHMA0GCSqGSIb3DQEBCwUAA4IBAQC93VXnhAmDmXOM8d7S5Fslizq7OtCV6072
g+P8YKCFQD4zA5E96F2Q7BvJKXp0EsT3mRMbmxvct9UbOcydscDLx09Sv4REcPva
lF4mt73Wj9crW7P3LXqRKXKaFV+vFOsBgtz0/qDE0fPCxCcOhyxRPhLmUjGq6PXZ
FcrMYnxboODrjyEvq28ErxfcO1G3rB4ig6FwkpBc3Ug1Jbc1a7lynxhHHMGUmRKZ
g5qisTNJISrE3wf3iLRXCnom/ZQ8CDyv1UADqxcRX3T75KToM7bod+pTcSW2KN5f
MRzsXjZKb+2CbxxLN4rwgtjOg4mJj2Tkmuf3yzGtcGCDpnjjWTkA
-----END CERTIFICATE-----
Generated at Sat Nov 23 17:14:15 2024 by rpki-client on console-ams.rpki-client.org