Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS215304.roa
File: AS215304.roa (raw, json)
Hash identifier: c34C+DHWUJrQoxeWK9P6Zv5HYMaCPb9MBPERlKWxUFQ=
Subject key identifier: C3:72:9C:18:58:29:3B:43:94:24:CE:D0:82:49:73:E0:AE:A6:3F:9D
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 1C34B4BF7CE57C2AC3BBEEA6D75A232E06D53E87
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS215304.roa
Signing time: Wed 04 Dec 2024 03:42:23 +0000
ROA not before: Wed 04 Dec 2024 03:37:23 +0000
ROA not after: Wed 03 Dec 2025 03:42:23 +0000
asID: 215304
IP address blocks: 46.203.98.0/24 maxlen: 24
46.203.99.0/24 maxlen: 24
46.203.188.0/24 maxlen: 24
46.203.189.0/24 maxlen: 24
46.203.203.0/24 maxlen: 24
46.203.204.0/24 maxlen: 24
46.203.250.0/24 maxlen: 24
46.203.251.0/24 maxlen: 24
91.124.8.0/24 maxlen: 24
91.124.9.0/24 maxlen: 24
91.124.10.0/24 maxlen: 24
91.124.11.0/24 maxlen: 24
91.124.12.0/24 maxlen: 24
91.124.13.0/24 maxlen: 24
92.113.106.0/23 maxlen: 24
92.113.112.0/23 maxlen: 24
92.113.124.0/23 maxlen: 24
92.113.136.0/23 maxlen: 24
92.113.142.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 14:35:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:34:b4:bf:7c:e5:7c:2a:c3:bb:ee:a6:d7:5a:23:2e:06:d5:3e:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Dec 4 03:37:23 2024 GMT
Not After : Dec 3 03:42:23 2025 GMT
Subject: CN=C3729C1858293B439424CED0824973E0AEA63F9D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:59:ec:54:e8:a3:26:02:47:f7:f4:86:cc:38:
13:5d:4d:99:cc:9f:bd:9d:02:50:69:e1:26:9c:dd:
ff:1c:dd:98:bb:f7:3f:89:8e:de:3d:e3:ed:6b:67:
e3:f4:e6:2e:9d:89:23:1e:8d:c2:4b:03:7a:e0:e9:
35:66:43:de:d9:e4:51:7a:8e:06:30:1f:b7:67:c5:
d9:d3:35:95:07:45:98:f9:fd:d8:a2:e0:78:96:21:
1d:f7:04:ac:2e:ee:9b:5f:bf:20:35:0a:51:d1:ba:
30:ce:95:d4:ba:ba:2f:11:d2:44:1b:e7:65:4e:16:
e4:64:36:b6:c7:b4:7d:ab:4a:12:78:9e:9b:f9:01:
4a:8c:2a:96:13:95:74:42:81:18:43:ca:c2:d3:3c:
87:e0:ae:bd:74:ac:a4:fe:a0:eb:27:60:d1:a3:ce:
95:9e:d1:d7:ba:1d:6d:60:5c:1f:fa:b2:cd:a3:e3:
20:55:19:b4:6a:6c:55:b5:dc:79:aa:b6:2f:2b:b7:
ed:62:cc:b4:a6:58:39:86:52:09:09:06:94:a3:18:
26:ac:a2:7e:e9:f8:de:2c:65:53:30:e0:d8:01:ac:
13:c6:10:07:40:16:cc:95:b4:cc:61:3b:ae:8f:76:
12:1d:43:5b:12:3f:ac:3d:b9:26:47:ba:0c:13:be:
d1:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:72:9C:18:58:29:3B:43:94:24:CE:D0:82:49:73:E0:AE:A6:3F:9D
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS215304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.98.0/23
46.203.188.0/23
46.203.203.0-46.203.204.255
46.203.250.0/23
91.124.8.0-91.124.13.255
92.113.106.0/23
92.113.112.0/23
92.113.124.0/23
92.113.136.0/23
92.113.142.0/23
Signature Algorithm: sha256WithRSAEncryption
06:9a:6c:6a:ca:6a:85:4b:43:1e:12:f6:8c:18:2e:39:58:ce:
a0:31:4e:ae:8c:00:14:74:cd:7e:40:c6:90:14:da:16:c6:9a:
03:6f:2b:1f:b1:21:e5:7d:94:46:e2:c4:83:d5:84:ed:84:19:
b1:cb:02:25:c7:a6:ce:38:68:e5:ef:1d:93:f0:cc:d4:30:28:
4b:75:af:c2:5e:44:93:64:6b:c9:0c:c9:de:f5:a1:e5:a8:c9:
04:74:74:71:a9:f8:1e:28:af:89:ed:d9:aa:7b:bd:97:e4:a0:
1f:2d:54:15:df:81:90:aa:d7:38:2c:87:35:09:7a:c5:3d:ed:
11:3c:27:86:a4:ef:6a:45:cb:a1:91:ba:5c:8f:98:ca:49:76:
ae:05:f1:f6:04:ce:25:d3:de:33:e9:11:5d:c7:c8:e4:c9:9f:
10:18:24:a9:26:98:d7:a2:7a:75:aa:df:23:7b:a4:84:49:73:
73:95:3e:b4:2d:24:b5:44:a5:31:e3:fc:d5:f3:fa:6a:06:63:
a0:04:c8:cf:25:57:cb:4d:7e:2f:dd:79:fd:5a:d7:ff:a1:59:
ef:ce:61:4e:97:c8:ed:f2:bd:e5:cb:45:a1:af:9b:3f:f9:59:
ce:cd:5f:8f:5c:d6:7c:62:1f:70:03:76:bd:6a:a1:79:28:23:
11:9c:e1:a4
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUHDS0v3zlfCrDu+6m11ojLgbVPocwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDEyMDQwMzM3MjNaFw0yNTEyMDMwMzQyMjNaMDMxMTAvBgNV
BAMTKEMzNzI5QzE4NTgyOTNCNDM5NDI0Q0VEMDgyNDk3M0UwQUVBNjNGOUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAWexU6KMmAkf39IbMOBNdTZnM
n72dAlBp4Sac3f8c3Zi79z+Jjt494+1rZ+P05i6diSMejcJLA3rg6TVmQ97Z5FF6
jgYwH7dnxdnTNZUHRZj5/dii4HiWIR33BKwu7ptfvyA1ClHRujDOldS6ui8R0kQb
52VOFuRkNrbHtH2rShJ4npv5AUqMKpYTlXRCgRhDysLTPIfgrr10rKT+oOsnYNGj
zpWe0de6HW1gXB/6ss2j4yBVGbRqbFW13Hmqti8rt+1izLSmWDmGUgkJBpSjGCas
on7p+N4sZVMw4NgBrBPGEAdAFsyVtMxhO66PdhIdQ1sSP6w9uSZHugwTvtGZAgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUw3KcGFgpO0OUJM7Qgklz4K6mP50wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE1MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQBLsti
AwQBLsu8MAwDBAAuy8sDBAAuy8wDBAEuy/owDAMEA1t8CAMEAVt8DAMEAVxxagME
AVxxcAMEAVxxfAMEAVxxiAMEAVxxjjANBgkqhkiG9w0BAQsFAAOCAQEABppsaspq
hUtDHhL2jBguOVjOoDFOrowAFHTNfkDGkBTaFsaaA28rH7Eh5X2URuLEg9WE7YQZ
scsCJcemzjho5e8dk/DM1DAoS3Wvwl5Ek2RryQzJ3vWh5ajJBHR0can4Hiivie3Z
qnu9l+SgHy1UFd+BkKrXOCyHNQl6xT3tETwnhqTvakXLoZG6XI+Yykl2rgXx9gTO
JdPeM+kRXcfI5MmfEBgkqSaY16J6darfI3ukhElzc5U+tC0ktUSlMeP81fP6agZj
oATIzyVXy01+L915/VrX/6FZ785hTpfI7fK95ctFoa+bP/lZzs1fj1zWfGIfcAN2
vWqheSgjEZzhpA==
-----END CERTIFICATE-----
Generated at Wed Feb 5 17:02:12 2025 by rpki-client