Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS15083.roa
File:                     AS15083.roa (raw, json)
Hash identifier:          7cuag+FfApfCyzQEmni5FxgTwJvsb6KaC+zbcg7xBwE=
Subject key identifier:   1D:C8:E2:9D:17:60:0B:BA:43:68:70:EE:FB:C5:AF:9A:42:2F:2D:F5
Certificate issuer:       /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial:       55B3940DF3E2A4C112D072255231765BE00B2D03
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS15083.roa
Signing time:             Mon 25 May 2026 20:47:17 +0000
ROA not before:           Mon 25 May 2026 20:42:17 +0000
ROA not after:            Mon 24 May 2027 20:47:17 +0000
asID:                     15083
IP address blocks:        141.11.188.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Jun 2026 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:b3:94:0d:f3:e2:a4:c1:12:d0:72:25:52:31:76:5b:e0:0b:2d:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
        Validity
            Not Before: May 25 20:42:17 2026 GMT
            Not After : May 24 20:47:17 2027 GMT
        Subject: CN=1DC8E29D17600BBA436870EEFBC5AF9A422F2DF5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:38:d3:90:29:eb:49:0b:05:6d:36:3c:2e:4a:
                    46:e8:ab:d4:3c:ae:31:7e:e6:1e:09:cc:81:fa:96:
                    cd:59:f7:1e:c5:89:95:72:70:89:72:e0:66:ac:af:
                    09:86:0f:1c:ac:aa:e2:be:10:f0:09:1d:61:d3:a2:
                    bb:8f:c7:c0:08:9f:91:43:bf:66:c8:a2:b3:dc:d6:
                    16:2b:83:89:04:7a:31:5e:02:cb:f0:7f:88:3a:c5:
                    00:e5:e3:83:10:56:13:24:e2:50:9a:e9:18:71:f6:
                    46:88:53:91:22:b1:ce:dd:d8:b5:75:ec:d8:66:fa:
                    f4:a9:71:13:ea:fd:d8:bf:2f:36:af:17:81:ad:35:
                    0a:eb:7f:a2:a6:16:a2:c2:b1:a8:e2:66:f6:a0:da:
                    a0:99:d5:13:c6:f1:e7:21:98:41:a7:77:10:e8:b5:
                    53:1d:f9:81:c1:59:27:15:18:0e:fe:74:a1:33:7b:
                    3c:c9:de:58:b1:8e:c8:ca:5d:f3:f7:36:5d:ed:cc:
                    fc:75:81:b7:f1:3c:24:1b:0f:0b:7e:bb:04:0e:40:
                    11:b2:b2:b2:e3:32:91:b3:fe:7e:f5:d1:f8:4d:ca:
                    d4:b2:fb:31:48:e6:78:90:07:65:f3:bf:da:3f:2c:
                    ec:72:98:f1:db:bb:24:e4:21:23:ef:d0:6f:8a:a8:
                    75:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:C8:E2:9D:17:60:0B:BA:43:68:70:EE:FB:C5:AF:9A:42:2F:2D:F5
            X509v3 Authority Key Identifier:
                keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS15083.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.11.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:b7:44:e5:8d:62:75:56:6c:84:67:19:ab:12:22:86:f8:8f:
         49:c3:69:9b:e2:91:01:34:05:45:02:d8:f1:df:77:c2:68:32:
         bd:ae:73:25:d5:de:e4:33:d9:66:08:0c:2b:97:63:c1:ac:af:
         0a:29:88:75:96:43:39:8b:c8:1f:47:54:26:66:be:8f:af:7c:
         de:b8:49:e9:4d:b5:be:ab:b9:b9:5c:da:9d:71:19:51:b3:cb:
         c6:2e:5a:a4:47:1b:3e:ff:33:6c:c1:ff:b5:90:71:30:f1:b5:
         18:21:7c:e6:99:b0:f0:e3:00:3e:d0:96:cf:c3:63:a8:b7:c3:
         9d:10:96:1d:ca:de:9c:77:14:c3:64:ae:e5:0c:6f:1e:2b:bb:
         c9:49:ed:49:18:31:02:4a:6c:4a:7c:dc:8e:d9:14:b2:48:32:
         a2:63:06:73:46:d8:aa:78:25:a1:c8:f7:26:45:32:28:43:13:
         e4:68:4a:da:bc:48:5f:30:6f:d1:cc:1b:aa:59:67:69:36:64:
         f3:c2:84:0c:eb:9b:d3:4a:a8:f5:d2:66:b9:23:31:d4:b5:c0:
         91:29:a3:bd:7a:8d:6f:ff:52:25:05:db:c9:66:73:5b:b2:30:
         d1:cb:45:ff:63:37:52:0e:0d:b4:01:2c:61:5b:4e:b0:fb:45:
         b4:4b:5d:f5
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUVbOUDfPipMES0HIlUjF2W+ALLQMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNjA1MjUyMDQyMTdaFw0yNzA1MjQyMDQ3MTdaMDMxMTAvBgNV
BAMTKDFEQzhFMjlEMTc2MDBCQkE0MzY4NzBFRUZCQzVBRjlBNDIyRjJERjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcONOQKetJCwVtNjwuSkboq9Q8
rjF+5h4JzIH6ls1Z9x7FiZVycIly4GasrwmGDxysquK+EPAJHWHToruPx8AIn5FD
v2bIorPc1hYrg4kEejFeAsvwf4g6xQDl44MQVhMk4lCa6Rhx9kaIU5Eisc7d2LV1
7Nhm+vSpcRPq/di/LzavF4GtNQrrf6KmFqLCsajiZvag2qCZ1RPG8echmEGndxDo
tVMd+YHBWScVGA7+dKEzezzJ3lixjsjKXfP3Nl3tzPx1gbfxPCQbDwt+uwQOQBGy
srLjMpGz/n710fhNytSy+zFI5niQB2Xzv9o/LOxymPHbuyTkISPv0G+KqHVfAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUHcjinRdgC7pDaHDu+8WvmkIvLfUwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMTUwODMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACNC7ww
DQYJKoZIhvcNAQELBQADggEBAF23ROWNYnVWbIRnGasSIob4j0nDaZvikQE0BUUC
2PHfd8JoMr2ucyXV3uQz2WYIDCuXY8GsrwopiHWWQzmLyB9HVCZmvo+vfN64SelN
tb6rublc2p1xGVGzy8YuWqRHGz7/M2zB/7WQcTDxtRghfOaZsPDjAD7Qls/DY6i3
w50Qlh3K3px3FMNkruUMbx4ru8lJ7UkYMQJKbEp83I7ZFLJIMqJjBnNG2Kp4JaHI
9yZFMihDE+RoStq8SF8wb9HMG6pZZ2k2ZPPChAzrm9NKqPXSZrkjMdS1wJEpo716
jW//UiUF28lmc1uyMNHLRf9jN1IODbQBLGFbTrD7RbRLXfU=
-----END CERTIFICATE-----