Autonomous System Provider Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/d9e87b-450a-4152-a242-d6910b21ab42/1/ofNUkXwRdU2CygbCJb-JHa2iVxk.asa
File:                     ofNUkXwRdU2CygbCJb-JHa2iVxk.asa (raw, json)
Hash identifier:          2CgpH6bf+b3jg+rggjhpByWihzKk9amkpphMJMuERmU=
Subject key identifier:   A1:F3:54:91:7C:11:75:4D:82:CA:06:C2:25:BF:89:1D:AD:A2:57:19
Certificate issuer:       /CN=a13471b5002a4eb6496125cf58737f0debadae7b
Certificate serial:       019C5D1A55DB1D17D084EB8E5EFA06765AC0
Authority key identifier: A1:34:71:B5:00:2A:4E:B6:49:61:25:CF:58:73:7F:0D:EB:AD:AE:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oTRxtQAqTrZJYSXPWHN_Deutrns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/d9e87b-450a-4152-a242-d6910b21ab42/1/ofNUkXwRdU2CygbCJb-JHa2iVxk.asa
Signing time:             Sat 14 Feb 2026 17:02:12 +0000
ASPA not before:          Sat 14 Feb 2026 17:02:12 +0000
ASPA not after:           Thu 01 Jul 2027 00:00:00 +0000
Customer ASID:            215509
Providers:                AS: 34872
                          AS: 34927
                          AS: 41051
                          AS: 212895
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/d9e87b-450a-4152-a242-d6910b21ab42/1/oTRxtQAqTrZJYSXPWHN_Deutrns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/d9e87b-450a-4152-a242-d6910b21ab42/1/oTRxtQAqTrZJYSXPWHN_Deutrns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oTRxtQAqTrZJYSXPWHN_Deutrns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 06:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:5d:1a:55:db:1d:17:d0:84:eb:8e:5e:fa:06:76:5a:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a13471b5002a4eb6496125cf58737f0debadae7b
        Validity
            Not Before: Feb 14 17:02:12 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=a1f354917c11754d82ca06c225bf891dada25719
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:87:67:75:0a:5f:78:0b:5c:4b:4d:c0:85:75:
                    ec:33:85:04:cd:43:dc:27:ba:0f:b1:2a:28:23:f8:
                    5b:1b:aa:11:bc:e3:ec:35:18:5c:91:03:08:e1:16:
                    50:8d:b5:0a:24:0a:92:69:3f:9c:69:72:fe:7d:ba:
                    46:34:01:cd:9c:58:7b:78:21:ab:e0:a3:6c:fc:ed:
                    fb:12:d5:25:ea:58:82:a3:b5:2c:88:bf:4b:b0:b9:
                    23:99:77:09:98:f7:e2:8a:c3:41:74:76:00:55:a0:
                    ff:25:db:ba:30:37:11:44:41:5d:e7:92:8f:38:26:
                    24:78:32:05:2f:0a:cd:01:c8:95:c0:44:8e:6d:d3:
                    d5:0b:90:6a:75:bc:64:d6:3e:15:eb:18:31:40:73:
                    17:13:34:d3:b6:f0:e1:59:4b:c4:43:a2:2b:30:3c:
                    35:7b:53:d9:e7:59:52:09:8d:f6:d1:1b:23:50:40:
                    c6:a3:08:4d:c7:a5:54:5d:e1:46:8b:f4:3f:08:4b:
                    be:f5:ee:5e:da:d7:64:42:c1:5d:91:26:99:9e:5b:
                    5d:73:f4:c6:ae:9a:fc:2b:17:f7:30:61:16:6e:0d:
                    c4:37:c7:ee:df:df:65:73:10:c4:25:12:ba:64:38:
                    d9:fc:0c:c1:02:b7:90:59:21:0e:68:fc:ab:27:e9:
                    05:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:F3:54:91:7C:11:75:4D:82:CA:06:C2:25:BF:89:1D:AD:A2:57:19
            X509v3 Authority Key Identifier:
                keyid:A1:34:71:B5:00:2A:4E:B6:49:61:25:CF:58:73:7F:0D:EB:AD:AE:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oTRxtQAqTrZJYSXPWHN_Deutrns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d9e87b-450a-4152-a242-d6910b21ab42/1/ofNUkXwRdU2CygbCJb-JHa2iVxk.asa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d9e87b-450a-4152-a242-d6910b21ab42/1/oTRxtQAqTrZJYSXPWHN_Deutrns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  215509

    Signature Algorithm: sha256WithRSAEncryption
         42:a6:7f:61:70:3e:ca:4f:d6:18:b1:a0:17:cd:73:a7:d5:64:
         d3:ed:c6:17:5c:ae:0d:f8:ab:97:a1:c6:fd:26:51:68:ae:49:
         9b:a7:5d:5e:48:8f:d1:1e:7a:21:bf:8b:02:26:c5:1b:f7:2f:
         4b:09:76:fb:92:75:19:77:62:c3:dc:b3:6e:c3:18:5a:15:dc:
         c4:49:36:68:cf:62:8a:8c:4b:8b:2e:b8:9d:1b:2c:af:57:ab:
         f7:71:87:86:e1:71:32:a2:b0:cb:12:99:c9:fe:71:e2:71:c3:
         8f:d6:0c:b6:d0:ba:60:d2:f8:e0:bc:94:5f:7f:7b:2f:ae:a9:
         08:13:fe:fa:75:9b:34:d7:87:ae:fd:f1:d9:53:82:8a:fd:c3:
         34:0c:3c:e4:4e:4a:61:10:cf:92:35:f4:b8:d5:1e:07:86:f0:
         8f:e7:1b:99:b9:01:da:51:6f:6e:cc:95:f3:e4:06:f2:39:bc:
         8d:9b:22:1c:60:76:5e:5c:cd:3c:67:e8:5f:43:1d:3e:4a:79:
         5d:f9:e2:25:d3:da:1f:b1:68:ae:5b:3b:01:08:6d:ab:a8:4b:
         5d:05:64:53:3a:61:93:d3:8b:7b:de:34:79:39:0c:31:5a:50:
         a8:39:02:94:ba:89:0f:09:ae:a5:c5:19:27:d5:46:b4:22:29:
         f6:f2:58:6b
-----BEGIN CERTIFICATE-----
MIIE+DCCA+CgAwIBAgISAZxdGlXbHRfQhOuOXvoGdlrAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMzQ3MWI1MDAyYTRlYjY0OTYxMjVjZjU4NzM3ZjBkZWJh
ZGFlN2IwHhcNMjYwMjE0MTcwMjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWYzNTQ5MTdjMTE3NTRkODJjYTA2YzIyNWJmODkxZGFkYTI1NzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvodndQpfeAtcS03AhXXsM4UEzUPc
J7oPsSooI/hbG6oRvOPsNRhckQMI4RZQjbUKJAqSaT+caXL+fbpGNAHNnFh7eCGr
4KNs/O37EtUl6liCo7UsiL9LsLkjmXcJmPfiisNBdHYAVaD/Jdu6MDcRREFd55KP
OCYkeDIFLwrNAciVwESObdPVC5Bqdbxk1j4V6xgxQHMXEzTTtvDhWUvEQ6IrMDw1
e1PZ51lSCY320RsjUEDGowhNx6VUXeFGi/Q/CEu+9e5e2tdkQsFdkSaZnltdc/TG
rpr8Kxf3MGEWbg3EN8fu399lcxDEJRK6ZDjZ/AzBAreQWSEOaPyrJ+kFXwIDAQAB
o4ICBDCCAgAwHQYDVR0OBBYEFKHzVJF8EXVNgsoGwiW/iR2tolcZMB8GA1UdIwQY
MBaAFKE0cbUAKk62SWElz1hzfw3rra57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1RSeHRRQXFUclpKWVNYUFdITl9EZXV0cm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9kOWU4N2ItNDUwYS00MTUyLWEyNDIt
ZDY5MTBiMjFhYjQyLzEvb2ZOVWtYd1JkVTJDeWdiQ0piLUpIYTJpVnhrLmFzYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9kOWU4N2ItNDUwYS00MTUyLWEyNDItZDY5MTBiMjFhYjQy
LzEvb1RSeHRRQXFUclpKWVNYUFdITl9EZXV0cm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwNJ1TANBgkqhkiG
9w0BAQsFAAOCAQEAQqZ/YXA+yk/WGLGgF81zp9Vk0+3GF1yuDfirl6HG/SZRaK5J
m6ddXkiP0R56Ib+LAibFG/cvSwl2+5J1GXdiw9yzbsMYWhXcxEk2aM9iioxLiy64
nRssr1er93GHhuFxMqKwyxKZyf5x4nHDj9YMttC6YNL44LyUX397L66pCBP++nWb
NNeHrv3x2VOCiv3DNAw85E5KYRDPkjX0uNUeB4bwj+cbmbkB2lFvbsyV8+QG8jm8
jZsiHGB2XlzNPGfoX0MdPkp5XfniJdPaH7Forls7AQhtq6hLXQVkUzphk9OLe940
eTkMMVpQqDkClLqJDwmupcUZJ9VGtCIp9vJYaw==
-----END CERTIFICATE-----