Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214478.roa
File: AS214478.roa (raw, json)
Hash identifier: RDzZTbS9dgq6cTqXDEzJLz/VRFYAMeRgdK7bN8w/JeY=
Subject key identifier: 2F:06:E3:E9:25:DA:BF:9F:B3:46:38:F6:4A:1A:AE:AB:9B:80:47:0B
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 28E528822080262F5207F28EC5459AE7D3CB0500
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214478.roa
Signing time: Tue 18 Mar 2025 16:40:24 +0000
ROA not before: Tue 18 Mar 2025 16:35:24 +0000
ROA not after: Tue 17 Mar 2026 16:40:24 +0000
asID: 214478
IP address blocks: 95.135.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 03:24:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:e5:28:82:20:80:26:2f:52:07:f2:8e:c5:45:9a:e7:d3:cb:05:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 18 16:35:24 2025 GMT
Not After : Mar 17 16:40:24 2026 GMT
Subject: CN=2F06E3E925DABF9FB34638F64A1AAEAB9B80470B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e3:f6:89:26:fa:cc:02:fb:12:e2:53:e2:14:
fb:8b:9b:76:19:d4:37:4a:55:51:fa:c8:ee:7e:b5:
d9:ac:d3:5a:0d:14:cd:c6:fc:0d:45:d0:35:6c:e1:
1c:77:6e:2e:ec:0d:50:aa:70:9a:77:ef:8c:89:be:
df:78:36:e1:86:17:c2:27:9a:70:f1:f0:bc:0e:0e:
59:0d:82:db:74:90:7e:5b:be:27:3c:8c:ee:5b:38:
1a:6c:ba:47:cb:7d:e0:15:28:7f:c1:a3:1a:00:91:
92:0e:80:0c:11:98:ef:ef:4a:ea:b4:20:31:55:7c:
5a:c5:43:af:6f:2c:0e:af:16:e4:ce:6e:18:0c:94:
7b:f1:82:de:50:ce:14:08:e7:e2:85:ce:c5:a7:87:
96:29:d1:0e:12:8a:56:ee:7d:13:73:24:13:0f:29:
8f:02:62:96:3d:c8:86:04:f2:59:4e:e4:f0:d7:61:
79:ff:4c:8d:83:33:fe:cb:e2:fa:98:c4:2a:c3:fd:
63:1c:96:71:6f:74:ef:6b:f6:6b:8f:9e:de:8a:76:
71:0e:da:0b:c3:c0:bf:46:fb:cd:a3:e0:c9:68:b5:
79:86:59:2c:3b:32:7b:63:c0:aa:46:71:b9:c5:75:
78:e0:b2:57:9c:26:75:bb:da:c1:98:22:9e:f4:3a:
ce:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:06:E3:E9:25:DA:BF:9F:B3:46:38:F6:4A:1A:AE:AB:9B:80:47:0B
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214478.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.135.153.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:bf:1d:fd:47:77:41:4b:b7:41:88:12:3f:ea:38:7d:9a:b0:
8d:b3:4a:c0:7d:3e:50:2e:97:a9:bb:af:1b:3b:c5:b3:4d:2c:
c3:53:0b:75:40:93:93:ea:05:2c:08:a0:e7:62:a4:ac:1e:02:
f5:49:c3:fd:51:5c:d3:c7:6f:be:4b:cb:12:30:18:54:aa:2f:
d7:07:df:6a:6f:d8:4f:dd:73:f4:8c:72:7e:5a:2d:aa:e5:6a:
db:3c:73:0f:63:f6:f0:35:1d:30:9b:3c:34:52:4a:53:f8:b0:
0c:d9:ed:84:3d:b2:0b:26:40:6f:bd:47:34:83:f5:39:5a:dd:
df:6f:7e:56:04:dd:30:5e:3e:c6:d5:48:c6:b8:59:60:2f:b2:
92:ff:bd:82:69:df:6d:d4:e1:71:6a:04:d1:84:3c:ec:51:61:
0f:7e:ff:f6:69:a3:1d:d0:c3:1f:22:0d:b7:ee:ab:cb:c1:fb:
ac:7f:62:09:a0:eb:b5:76:1a:7c:6e:fa:9b:a5:a9:3e:c4:11:
69:e1:9b:16:37:8e:a6:de:a6:94:fb:78:c1:42:07:d8:64:a4:
89:09:87:20:97:81:b7:fe:ac:43:15:a0:b6:99:6b:99:48:a6:
26:cb:15:d0:03:74:8e:56:bc:14:5b:4a:07:83:f5:a8:90:9a:
0d:f2:b2:41
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUKOUogiCAJi9SB/KOxUWa59PLBQAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTAzMTgxNjM1MjRaFw0yNjAzMTcxNjQwMjRaMDMxMTAvBgNV
BAMTKDJGMDZFM0U5MjVEQUJGOUZCMzQ2MzhGNjRBMUFBRUFCOUI4MDQ3MEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCP4/aJJvrMAvsS4lPiFPuLm3YZ
1DdKVVH6yO5+tdms01oNFM3G/A1F0DVs4Rx3bi7sDVCqcJp374yJvt94NuGGF8In
mnDx8LwODlkNgtt0kH5bvic8jO5bOBpsukfLfeAVKH/BoxoAkZIOgAwRmO/vSuq0
IDFVfFrFQ69vLA6vFuTObhgMlHvxgt5QzhQI5+KFzsWnh5Yp0Q4SilbufRNzJBMP
KY8CYpY9yIYE8llO5PDXYXn/TI2DM/7L4vqYxCrD/WMclnFvdO9r9muPnt6KdnEO
2gvDwL9G+82j4MlotXmGWSw7MntjwKpGcbnFdXjgslecJnW72sGYIp70Os63AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQULwbj6SXav5+zRjj2Shquq5uARwswHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0NDc4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX4eZ
MA0GCSqGSIb3DQEBCwUAA4IBAQAPvx39R3dBS7dBiBI/6jh9mrCNs0rAfT5QLpep
u68bO8WzTSzDUwt1QJOT6gUsCKDnYqSsHgL1ScP9UVzTx2++S8sSMBhUqi/XB99q
b9hP3XP0jHJ+Wi2q5WrbPHMPY/bwNR0wmzw0UkpT+LAM2e2EPbILJkBvvUc0g/U5
Wt3fb35WBN0wXj7G1UjGuFlgL7KS/72Cad9t1OFxagTRhDzsUWEPfv/2aaMd0MMf
Ig237qvLwfusf2IJoOu1dhp8bvqbpak+xBFp4ZsWN46m3qaU+3jBQgfYZKSJCYcg
l4G3/qxDFaC2mWuZSKYmyxXQA3SOVrwUW0oHg/WokJoN8rJB
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:30:52 2025 by rpki-client