Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS215073.roa
File: AS215073.roa (raw, json)
Hash identifier: 9qyhwFrULV4D+B30Hh+hOl8HFjEgidWRa+rZrtXUqEw=
Subject key identifier: F5:F3:9C:DC:F2:5A:62:0D:3C:58:FD:35:01:68:E7:62:1F:0A:C9:89
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 2ECD7B5D2CC367FA34D48A96646B887C6E44CFCC
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS215073.roa
Signing time: Mon 10 Feb 2025 20:26:03 +0000
ROA not before: Mon 10 Feb 2025 20:21:03 +0000
ROA not after: Mon 09 Feb 2026 20:26:03 +0000
asID: 215073
IP address blocks: 85.235.73.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 01:19:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:cd:7b:5d:2c:c3:67:fa:34:d4:8a:96:64:6b:88:7c:6e:44:cf:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Feb 10 20:21:03 2025 GMT
Not After : Feb 9 20:26:03 2026 GMT
Subject: CN=F5F39CDCF25A620D3C58FD350168E7621F0AC989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:13:b6:fb:29:ed:0a:05:7d:b7:9c:4f:ed:c5:
4e:22:58:a1:bd:41:54:61:43:3a:81:7a:ec:8d:48:
76:5d:bf:32:a4:c0:a8:dd:29:37:ac:46:ca:d3:a5:
7b:4e:b5:38:a1:37:d6:f7:54:79:5f:49:cb:44:e8:
c8:28:70:40:8e:c9:4f:46:74:25:81:e2:f0:89:5c:
b4:67:2b:cf:a5:a4:b6:ee:0d:88:dd:a2:69:17:a4:
0c:1d:b5:ed:dc:dd:61:ab:89:ae:96:63:5d:5c:c9:
97:48:1c:cc:f8:01:23:8b:4f:f6:69:56:a4:1c:fc:
e0:fc:6f:b0:cc:29:47:4d:81:c1:30:2f:7c:df:76:
09:78:7c:a2:aa:4f:f7:e4:78:e6:7d:5f:b3:4b:90:
8c:10:49:2d:af:7f:3f:3c:93:2c:2d:35:63:a5:6f:
6b:f5:0a:19:c4:25:89:d5:a4:86:32:9f:20:54:cf:
38:4d:51:a8:9e:dc:16:37:50:af:93:06:5d:c2:0f:
9f:19:bd:dd:e9:02:37:25:be:79:6e:fb:56:87:d5:
42:84:d8:8a:cb:7d:31:89:9e:6e:00:d4:55:e4:44:
62:63:ca:ba:32:e2:83:ce:25:76:ee:f0:4e:4a:84:
f4:c1:ad:90:00:32:67:54:74:db:ed:ec:4c:f5:5f:
5f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:F3:9C:DC:F2:5A:62:0D:3C:58:FD:35:01:68:E7:62:1F:0A:C9:89
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS215073.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.235.73.0/24
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
08:f0:27:15:62:a8:cc:21:dd:0f:39:42:50:85:07:97:74:17:
6c:a6:00:9a:a0:d5:97:f5:a4:c2:6a:36:9b:c4:26:b4:f1:36:
ae:73:7a:16:92:9a:d0:70:4f:3e:4d:76:db:9e:02:b4:53:59:
1d:a8:ef:a6:9e:1c:c5:f2:2a:b7:8a:29:a9:b2:b5:d6:6e:c8:
a5:9d:58:20:6d:48:81:f3:2f:98:d7:87:28:dc:e7:35:4a:86:
f1:c3:f9:91:e8:90:99:a8:da:27:1f:a3:d2:b1:09:38:00:91:
79:69:1b:c7:e9:f6:93:d9:68:23:79:9e:47:58:37:47:61:3f:
a0:f2:7f:be:e5:0d:c8:b8:ac:f9:f0:a9:5d:32:09:c1:79:e5:
95:4e:2a:a8:73:0d:f1:af:90:4b:9d:c8:b6:f7:02:94:4b:6e:
93:6d:5e:45:96:b7:35:00:18:b2:b4:36:cd:ef:05:e9:df:9f:
1a:07:74:8c:bf:da:f2:44:63:0e:07:68:96:45:96:bc:ff:32:
a3:2e:f0:65:a2:17:74:a0:8c:c7:2a:8d:2b:c9:77:5f:c1:2c:
5e:ce:d2:9a:c6:b4:2e:f1:10:34:33:42:b2:6a:89:38:48:9b:
53:d6:8a:bf:cf:e8:0a:68:73:91:cc:75:de:90:00:17:2e:90:
6a:ae:f2:70
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIULs17XSzDZ/o01IqWZGuIfG5Ez8wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTAyMTAyMDIxMDNaFw0yNjAyMDkyMDI2MDNaMDMxMTAvBgNV
BAMTKEY1RjM5Q0RDRjI1QTYyMEQzQzU4RkQzNTAxNjhFNzYyMUYwQUM5ODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClE7b7Ke0KBX23nE/txU4iWKG9
QVRhQzqBeuyNSHZdvzKkwKjdKTesRsrTpXtOtTihN9b3VHlfSctE6MgocECOyU9G
dCWB4vCJXLRnK8+lpLbuDYjdomkXpAwdte3c3WGria6WY11cyZdIHMz4ASOLT/Zp
VqQc/OD8b7DMKUdNgcEwL3zfdgl4fKKqT/fkeOZ9X7NLkIwQSS2vfz88kywtNWOl
b2v1ChnEJYnVpIYynyBUzzhNUaie3BY3UK+TBl3CD58Zvd3pAjclvnlu+1aH1UKE
2IrLfTGJnm4A1FXkRGJjyroy4oPOJXbu8E5KhPTBrZAAMmdUdNvt7Ez1X18PAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQU9fOc3PJaYg08WP01AWjnYh8KyYkwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjE1MDczLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVetJ
AwQA2RLTMA0GCSqGSIb3DQEBCwUAA4IBAQAI8CcVYqjMId0POUJQhQeXdBdspgCa
oNWX9aTCajabxCa08Tauc3oWkprQcE8+TXbbngK0U1kdqO+mnhzF8iq3iimpsrXW
bsilnVggbUiB8y+Y14co3Oc1Sobxw/mR6JCZqNonH6PSsQk4AJF5aRvH6faT2Wgj
eZ5HWDdHYT+g8n++5Q3IuKz58KldMgnBeeWVTiqocw3xr5BLnci29wKUS26TbV5F
lrc1ABiytDbN7wXp358aB3SMv9ryRGMOB2iWRZa8/zKjLvBlohd0oIzHKo0ryXdf
wSxeztKaxrQu8RA0M0Kyaok4SJtT1oq/z+gKaHORzHXekAAXLpBqrvJw
-----END CERTIFICATE-----
Generated at Tue Apr 15 09:38:50 2025 by rpki-client