Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS215083.roa
File: AS215083.roa (raw, json)
Hash identifier: qne5jaEqxM+hFZJysQcGi6G+1Y775gGw/JR66AI1Ugo=
Subject key identifier: AA:49:31:DD:3A:CA:CA:F0:00:3C:64:3B:C2:43:D7:E7:49:5B:2E:DE
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 031E0C316A59A09763EF5D1F8C5EAAF94DBA5B92
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS215083.roa
Signing time: Tue 04 Feb 2025 00:17:10 +0000
ROA not before: Tue 04 Feb 2025 00:12:10 +0000
ROA not after: Tue 03 Feb 2026 00:17:10 +0000
asID: 215083
IP address blocks: 2a14:7581:ff2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:04:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:1e:0c:31:6a:59:a0:97:63:ef:5d:1f:8c:5e:aa:f9:4d:ba:5b:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Feb 4 00:12:10 2025 GMT
Not After : Feb 3 00:17:10 2026 GMT
Subject: CN=AA4931DD3ACACAF0003C643BC243D7E7495B2EDE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:77:0f:6b:8b:cc:5a:7d:ca:10:7f:41:be:f1:
0e:8c:53:07:a2:d6:65:70:fd:f5:a2:6c:7f:ed:9d:
52:86:b0:10:61:23:8d:c4:36:15:98:10:36:9b:67:
0c:2a:b7:75:ec:c1:07:d5:53:d5:f5:c5:b3:b2:fd:
7b:60:1b:ef:6a:85:ef:eb:0b:a0:0b:65:16:44:f9:
e0:ed:b8:3e:f3:d5:9e:d6:89:b2:48:1d:b9:0b:7a:
11:c2:78:46:fd:57:fc:21:5c:ae:b5:f8:c1:b0:30:
4b:67:c7:a9:b5:f4:0b:27:5b:46:ff:d5:57:f6:16:
82:5e:5a:09:91:99:2e:09:7c:b8:d9:46:b4:fa:cd:
73:c8:94:bb:38:0a:f8:cf:7d:72:68:b8:83:0d:4c:
9a:5a:c8:69:f4:4e:3f:8d:ff:0f:fe:91:64:6f:3f:
e7:ff:1d:26:d5:e3:88:56:fd:51:50:55:de:82:94:
f0:db:dc:c4:0e:0a:b9:f5:20:cf:9d:dd:40:99:d5:
6b:c3:06:0e:93:bd:60:a6:13:8a:0f:f0:8b:39:a3:
77:b4:ee:01:e7:44:a0:3d:13:36:05:2f:37:e4:f6:
d9:4c:0f:c0:e4:ed:b4:5f:48:f7:61:d1:00:a7:9c:
76:ef:29:f1:ab:5c:77:cf:9e:f9:18:4d:56:f0:66:
0a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:49:31:DD:3A:CA:CA:F0:00:3C:64:3B:C2:43:D7:E7:49:5B:2E:DE
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS215083.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:ff2::/48
Signature Algorithm: sha256WithRSAEncryption
08:55:3b:d5:ca:5e:6f:e4:23:23:e9:14:c4:38:70:47:f7:8f:
3c:95:5a:91:1a:25:28:74:6a:34:83:73:0e:0b:34:e0:80:46:
31:56:a0:4b:97:5b:73:84:44:0d:45:7e:28:76:23:04:cb:57:
1d:e5:7f:9b:f9:63:3b:33:00:bc:ee:80:c6:ee:63:3b:58:f7:
22:23:8f:35:a7:06:39:9e:cf:cc:ac:a2:05:f8:d4:bb:db:ac:
74:81:de:a6:49:3f:a2:a5:b5:50:a8:66:f9:5b:3c:3d:5e:6d:
96:a8:84:bc:6d:40:b5:0e:5f:53:a3:95:84:e5:53:c8:7d:6f:
2a:94:74:84:75:66:84:9f:e4:4d:64:9a:2c:53:60:5f:07:22:
f2:55:8f:a1:1a:05:5d:8d:e8:ec:98:24:e5:0e:d9:88:53:0d:
d2:9d:dd:b5:79:12:06:52:bc:16:bd:72:86:92:46:87:da:cd:
98:e9:0f:39:de:2b:38:71:45:67:29:36:10:52:81:72:fe:95:
be:6d:75:c2:39:3e:25:42:b4:6f:7b:fd:01:c1:9e:be:b4:29:
8a:93:c0:e7:3c:da:c6:65:86:d6:d9:0a:d4:60:e4:4d:d8:7e:
e1:85:13:9b:43:10:88:f9:8e:9b:ad:8c:e1:69:94:14:8c:6b:
55:53:f4:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUAx4MMWpZoJdj710fjF6q+U26W5IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTAyMDQwMDEyMTBaFw0yNjAyMDMwMDE3MTBaMDMxMTAvBgNV
BAMTKEFBNDkzMUREM0FDQUNBRjAwMDNDNjQzQkMyNDNEN0U3NDk1QjJFREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYdw9ri8xafcoQf0G+8Q6MUwei
1mVw/fWibH/tnVKGsBBhI43ENhWYEDabZwwqt3XswQfVU9X1xbOy/XtgG+9qhe/r
C6ALZRZE+eDtuD7z1Z7WibJIHbkLehHCeEb9V/whXK61+MGwMEtnx6m19AsnW0b/
1Vf2FoJeWgmRmS4JfLjZRrT6zXPIlLs4CvjPfXJouIMNTJpayGn0Tj+N/w/+kWRv
P+f/HSbV44hW/VFQVd6ClPDb3MQOCrn1IM+d3UCZ1WvDBg6TvWCmE4oP8Is5o3e0
7gHnRKA9EzYFLzfk9tlMD8Dk7bRfSPdh0QCnnHbvKfGrXHfPnvkYTVbwZgoVAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUqkkx3TrKyvAAPGQ7wkPX50lbLt4wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjE1MDgzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1
gQ/yMA0GCSqGSIb3DQEBCwUAA4IBAQAIVTvVyl5v5CMj6RTEOHBH9488lVqRGiUo
dGo0g3MOCzTggEYxVqBLl1tzhEQNRX4odiMEy1cd5X+b+WM7MwC87oDG7mM7WPci
I481pwY5ns/MrKIF+NS726x0gd6mST+ipbVQqGb5Wzw9Xm2WqIS8bUC1Dl9To5WE
5VPIfW8qlHSEdWaEn+RNZJosU2BfByLyVY+hGgVdjejsmCTlDtmIUw3Snd21eRIG
UrwWvXKGkkaH2s2Y6Q853is4cUVnKTYQUoFy/pW+bXXCOT4lQrRve/0BwZ6+tCmK
k8DnPNrGZYbW2QrUYORN2H7hhRObQxCI+Y6brYzhaZQUjGtVU/TC
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:41:38 2025 by rpki-client