Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS215304.roa
File: AS215304.roa (raw, json)
Hash identifier: Gpv8jnytMKrAZ4JDd5ZdGwDnN9Rh45AZihpYkKnrzpk=
Subject key identifier: E4:11:BF:5D:21:BE:D4:B4:AB:1D:EB:8F:AA:D8:43:BD:EA:25:51:DD
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 705276762E15897062F46383AC6282557EF16945
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS215304.roa
Signing time: Tue 21 Oct 2025 16:20:16 +0000
ROA not before: Tue 21 Oct 2025 16:15:16 +0000
ROA not after: Tue 20 Oct 2026 16:20:16 +0000
asID: 215304
IP address blocks: 143.20.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 19:12:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:52:76:76:2e:15:89:70:62:f4:63:83:ac:62:82:55:7e:f1:69:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Oct 21 16:15:16 2025 GMT
Not After : Oct 20 16:20:16 2026 GMT
Subject: CN=E411BF5D21BED4B4AB1DEB8FAAD843BDEA2551DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:b8:97:7a:4d:5d:be:7d:d5:09:07:49:06:06:
37:22:52:ce:e9:d1:f9:d7:14:8a:99:9e:a8:a5:a5:
36:2f:31:b4:f7:93:7d:01:11:1f:6f:e1:f5:f5:24:
11:09:78:61:6c:4a:0f:d3:e2:b7:a7:d4:d8:74:05:
02:04:0e:b8:43:93:92:6b:4a:41:c7:89:b1:18:3c:
68:fc:24:b7:90:a4:85:8f:aa:d9:25:33:2f:6d:60:
8c:66:f9:75:41:fa:3f:44:34:4a:48:8c:c4:4e:83:
96:87:8d:b0:7b:d3:f7:d5:7d:fe:2f:90:f4:f8:be:
3d:92:75:05:90:e5:e7:56:70:3a:42:ef:de:c3:7a:
a8:e3:23:c9:e4:a4:b4:f6:59:da:ca:f7:78:c0:cb:
46:84:25:8f:02:e3:08:ba:60:27:a0:07:70:89:ec:
1b:7d:ad:7e:2b:f4:ac:38:06:31:71:d9:20:8d:99:
b4:aa:1c:a7:3d:e5:5e:e4:9b:77:c7:22:5e:c1:5d:
0f:4a:0d:6b:cf:d1:58:f9:6e:4c:91:9a:55:3b:d8:
4a:49:2a:81:64:f4:b6:c9:16:ae:3c:08:df:82:68:
d3:92:25:e7:bf:8b:22:33:12:a7:31:32:f6:4b:89:
40:30:36:b8:0e:82:aa:f0:fe:94:c6:77:12:98:66:
08:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:11:BF:5D:21:BE:D4:B4:AB:1D:EB:8F:AA:D8:43:BD:EA:25:51:DD
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS215304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.22.0/24
Signature Algorithm: sha256WithRSAEncryption
af:0f:f1:5f:cd:62:ac:f9:0f:fe:77:2d:bb:56:78:f8:ee:45:
16:49:6b:a7:7a:63:c2:e2:f6:b4:ab:b7:9b:31:39:0d:e9:8b:
6e:ba:4d:32:f6:52:55:3d:33:d8:12:b5:e8:e6:71:99:15:ed:
e0:0e:fa:1c:c7:95:d8:90:1d:f8:08:c0:4a:8d:0e:26:0c:25:
5b:2a:eb:89:14:3a:d8:0e:58:d4:e8:96:9a:5e:34:3d:28:5d:
74:23:8c:9b:6b:37:73:43:97:3e:4a:08:2a:62:37:8e:7f:a1:
2d:e3:8f:78:a8:8e:cc:c3:a3:72:ca:ba:78:29:33:e1:d4:2b:
f1:dd:44:b8:b3:08:aa:e7:74:3a:05:d9:38:66:86:b3:9d:2d:
a7:79:f0:68:9e:1b:b4:11:9a:9a:34:09:52:f9:6d:72:41:1c:
d4:7e:a2:d3:9e:20:48:c1:c1:57:96:a3:55:b5:9f:9e:89:3f:
c8:61:f9:1c:48:57:74:e3:ff:99:68:69:33:9f:73:1d:10:25:
ab:53:e8:cc:3a:99:b2:58:a0:b4:1f:15:be:26:61:74:21:37:
62:34:68:3b:ef:6f:c1:a4:70:74:a7:d1:3f:c5:19:84:f7:4d:
52:ca:f7:eb:40:b1:0f:f4:c9:f1:b3:6c:63:3d:69:c8:30:0a:
58:f5:01:ed
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUcFJ2di4ViXBi9GODrGKCVX7xaUUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTEwMjExNjE1MTZaFw0yNjEwMjAxNjIwMTZaMDMxMTAvBgNV
BAMTKEU0MTFCRjVEMjFCRUQ0QjRBQjFERUI4RkFBRDg0M0JERUEyNTUxREQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpuJd6TV2+fdUJB0kGBjciUs7p
0fnXFIqZnqilpTYvMbT3k30BER9v4fX1JBEJeGFsSg/T4ren1Nh0BQIEDrhDk5Jr
SkHHibEYPGj8JLeQpIWPqtklMy9tYIxm+XVB+j9ENEpIjMROg5aHjbB70/fVff4v
kPT4vj2SdQWQ5edWcDpC797DeqjjI8nkpLT2WdrK93jAy0aEJY8C4wi6YCegB3CJ
7Bt9rX4r9Kw4BjFx2SCNmbSqHKc95V7km3fHIl7BXQ9KDWvP0Vj5bkyRmlU72EpJ
KoFk9LbJFq48CN+CaNOSJee/iyIzEqcxMvZLiUAwNrgOgqrw/pTGdxKYZghZAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU5BG/XSG+1LSrHeuPqthDveolUd0wHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMjE1MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjxQW
MA0GCSqGSIb3DQEBCwUAA4IBAQCvD/FfzWKs+Q/+dy27Vnj47kUWSWunemPC4va0
q7ebMTkN6Ytuuk0y9lJVPTPYErXo5nGZFe3gDvocx5XYkB34CMBKjQ4mDCVbKuuJ
FDrYDljU6JaaXjQ9KF10I4ybazdzQ5c+SggqYjeOf6Et4494qI7Mw6Nyyrp4KTPh
1Cvx3US4swiq53Q6Bdk4ZoaznS2nefBonhu0EZqaNAlS+W1yQRzUfqLTniBIwcFX
lqNVtZ+eiT/IYfkcSFd04/+ZaGkzn3MdECWrU+jMOpmyWKC0HxW+JmF0ITdiNGg7
72/BpHB0p9E/xRmE901SyvfrQLEP9Mnxs2xjPWnIMApY9QHt
-----END CERTIFICATE-----
Generated at Wed Oct 22 03:04:39 2025 by rpki-client