Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS215703.roa
File: AS215703.roa (raw, json)
Hash identifier: bVfJp/XgM16sm2OMOi8+ZrVapmsCB8bc+sTzXfkyBog=
Subject key identifier: D3:7E:6B:AE:62:E2:12:11:4A:2E:16:A4:65:78:EB:09:92:FF:A3:E6
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 2640B3A36A44CF2AD79AF88BBBD325EC730CF4B3
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS215703.roa
Signing time: Thu 25 Sep 2025 08:11:07 +0000
ROA not before: Thu 25 Sep 2025 08:06:07 +0000
ROA not after: Thu 24 Sep 2026 08:11:07 +0000
asID: 215703
IP address blocks: 85.235.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 13:54:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:40:b3:a3:6a:44:cf:2a:d7:9a:f8:8b:bb:d3:25:ec:73:0c:f4:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Sep 25 08:06:07 2025 GMT
Not After : Sep 24 08:11:07 2026 GMT
Subject: CN=D37E6BAE62E212114A2E16A46578EB0992FFA3E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:90:97:0a:1a:30:3e:77:1a:d5:70:25:69:05:
18:c9:a7:09:c4:85:57:b7:da:2e:bc:86:4f:0a:ea:
bd:17:4a:4b:71:78:2b:c1:8f:96:98:9a:a1:87:2e:
fc:eb:9a:7e:54:05:22:ef:66:fa:79:a3:89:a1:f5:
50:c7:cf:03:77:16:4d:8c:81:43:f0:ca:27:dd:6f:
5c:f3:6d:8f:7c:16:b8:6e:01:cf:62:aa:73:74:4a:
3c:96:45:7d:52:f6:1d:53:0c:9d:23:31:51:eb:be:
bd:7f:01:47:04:1d:33:98:d3:c8:dd:27:5a:89:0a:
7f:6e:21:2d:89:b7:d3:06:18:f0:f9:67:4d:36:f1:
ea:41:4f:94:b3:91:18:3f:4f:e1:8b:35:3c:ec:2f:
a3:0c:99:23:d6:f2:c1:c8:30:31:21:d9:e5:81:7d:
5a:72:cf:40:66:98:24:8d:da:19:46:28:57:23:99:
a6:fb:02:ce:c2:4a:ae:c0:ba:07:49:22:84:ea:b1:
0b:83:2b:30:43:d7:16:85:10:5a:4d:47:2d:bc:f7:
22:c4:58:3c:50:94:92:6a:73:f1:a2:6b:e7:c6:28:
3b:8b:05:dd:f7:2b:f7:59:27:37:be:eb:b2:d8:ec:
71:19:8f:b6:8a:af:73:93:41:fb:1e:4f:26:ff:58:
a3:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:7E:6B:AE:62:E2:12:11:4A:2E:16:A4:65:78:EB:09:92:FF:A3:E6
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS215703.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.235.73.0/24
Signature Algorithm: sha256WithRSAEncryption
71:bb:94:69:28:d0:d0:5e:55:67:06:62:11:c3:d3:d4:18:ed:
c4:93:a5:77:7b:31:a0:73:c7:3c:97:30:78:82:35:ff:62:11:
22:9a:28:61:6a:b5:22:a8:cb:3b:b7:17:44:2e:b9:c4:14:d3:
58:e0:31:59:f4:a6:40:a3:fb:4c:9c:37:c5:68:20:70:8f:f8:
42:f0:3c:15:60:95:f8:98:7c:e4:fd:0b:2f:b5:22:c4:b2:82:
91:5a:1a:a3:d6:6e:c5:e0:ea:3a:50:2e:86:55:ee:31:43:e8:
2d:41:3d:86:4a:3e:e8:9d:c5:2e:1d:f1:e8:7c:9c:bd:38:fb:
2f:09:37:d3:db:19:88:e6:5c:d5:d0:e8:95:ab:83:65:21:2a:
82:ac:d9:3b:63:fc:51:4d:b8:25:5a:e5:92:7d:db:b0:b7:6b:
d1:d2:6c:fe:ea:58:7c:c3:c8:b3:51:b8:c2:c0:20:e5:d1:29:
2f:c5:06:f6:3f:ad:75:e4:39:b8:b5:59:d0:f2:a7:93:cc:42:
0f:3b:7a:6c:9e:e4:8f:d7:e7:fb:65:ad:77:0a:45:56:17:50:
6b:e2:e5:bc:8f:b7:43:ea:12:99:73:a6:0f:c7:db:dd:e6:83:
95:1d:3b:e0:3a:bb:07:ac:bc:bc:f6:75:14:f0:37:5c:11:cd:
6f:6d:d2:89
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUJkCzo2pEzyrXmviLu9Ml7HMM9LMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA5MjUwODA2MDdaFw0yNjA5MjQwODExMDdaMDMxMTAvBgNV
BAMTKEQzN0U2QkFFNjJFMjEyMTE0QTJFMTZBNDY1NzhFQjA5OTJGRkEzRTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCakJcKGjA+dxrVcCVpBRjJpwnE
hVe32i68hk8K6r0XSktxeCvBj5aYmqGHLvzrmn5UBSLvZvp5o4mh9VDHzwN3Fk2M
gUPwyifdb1zzbY98FrhuAc9iqnN0SjyWRX1S9h1TDJ0jMVHrvr1/AUcEHTOY08jd
J1qJCn9uIS2Jt9MGGPD5Z0028epBT5SzkRg/T+GLNTzsL6MMmSPW8sHIMDEh2eWB
fVpyz0BmmCSN2hlGKFcjmab7As7CSq7AugdJIoTqsQuDKzBD1xaFEFpNRy289yLE
WDxQlJJqc/Gia+fGKDuLBd33K/dZJze+67LY7HEZj7aKr3OTQfseTyb/WKPlAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU035rrmLiEhFKLhakZXjrCZL/o+YwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjE1NzAzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVetJ
MA0GCSqGSIb3DQEBCwUAA4IBAQBxu5RpKNDQXlVnBmIRw9PUGO3Ek6V3ezGgc8c8
lzB4gjX/YhEimihharUiqMs7txdELrnEFNNY4DFZ9KZAo/tMnDfFaCBwj/hC8DwV
YJX4mHzk/QsvtSLEsoKRWhqj1m7F4Oo6UC6GVe4xQ+gtQT2GSj7oncUuHfHofJy9
OPsvCTfT2xmI5lzV0OiVq4NlISqCrNk7Y/xRTbglWuWSfduwt2vR0mz+6lh8w8iz
UbjCwCDl0SkvxQb2P6115Dm4tVnQ8qeTzEIPO3psnuSP1+f7Za13CkVWF1Br4uW8
j7dD6hKZc6YPx9vd5oOVHTvgOrsHrLy89nUU8DdcEc1vbdKJ
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:26:52 2025 by rpki-client