Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215087.roa
File: AS215087.roa (raw, json)
Hash identifier: RV+pBNJPxVM/33Z6jDWQTxPPJX9D4SkTs2GwrWQzVZI=
Subject key identifier: 23:06:73:4A:9E:52:51:7A:A9:FB:F3:55:04:45:EE:86:F0:7C:09:99
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 0C6D24FD0C09CB17126352233039E6559620101E
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215087.roa
Signing time: Fri 25 Jul 2025 08:07:39 +0000
ROA not before: Fri 25 Jul 2025 08:02:39 +0000
ROA not after: Fri 24 Jul 2026 08:07:39 +0000
asID: 215087
IP address blocks: 2a0f:85c1:3b6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 20:46:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:6d:24:fd:0c:09:cb:17:12:63:52:23:30:39:e6:55:96:20:10:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Jul 25 08:02:39 2025 GMT
Not After : Jul 24 08:07:39 2026 GMT
Subject: CN=2306734A9E52517AA9FBF3550445EE86F07C0999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:45:b2:ed:24:93:88:bb:86:42:32:4e:e0:5a:
7e:78:f6:9f:65:19:e7:19:05:9f:98:43:f7:72:c3:
f0:e8:c7:c9:b6:df:af:00:ff:7b:c0:d6:f4:94:44:
9d:8d:13:e8:f7:33:c7:ed:74:68:e4:d1:b7:7d:2c:
fd:f7:66:7f:76:e2:a9:e6:0c:7a:02:52:f1:8b:81:
40:b2:74:d7:5c:50:6c:0e:a1:75:d6:65:25:01:f6:
0c:54:8a:b2:6e:dd:04:ff:56:9c:51:be:4b:64:7c:
f3:29:a6:d6:c7:8b:05:ed:03:36:10:2d:7e:f4:1e:
d7:14:14:56:b9:64:c9:0a:9b:6f:0d:77:6d:5d:11:
30:75:da:51:a0:76:7b:6a:bf:47:0c:96:82:e1:6a:
28:16:71:4b:69:83:68:07:b1:3e:ca:71:0b:39:0a:
63:cc:ce:e4:fe:b5:fc:3d:3c:16:48:f2:f9:f7:8e:
de:d0:8c:83:90:d2:ac:6e:8f:3d:c2:9c:fa:85:12:
08:71:e7:9f:fb:11:84:d6:16:36:0c:55:ce:ac:1a:
c2:c2:39:95:e8:ee:5b:52:e5:4a:65:8c:97:c9:3f:
33:bd:98:c9:f0:0d:f8:b7:c6:09:66:85:64:2b:be:
40:05:4d:fc:b4:15:a7:6e:5e:46:23:e3:30:d9:c4:
b6:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:06:73:4A:9E:52:51:7A:A9:FB:F3:55:04:45:EE:86:F0:7C:09:99
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215087.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3b6::/48
Signature Algorithm: sha256WithRSAEncryption
43:c1:eb:56:ec:25:81:2b:7b:8e:05:16:cf:e0:35:b5:18:5a:
36:2d:f1:bb:16:63:d7:4b:b1:dc:69:d8:29:27:b4:09:2b:f4:
95:ad:76:96:1c:f1:ca:44:c8:ae:a1:92:94:f8:a4:0b:3f:4e:
76:30:52:96:c5:0f:5d:22:80:d0:90:c8:7e:f5:18:87:8c:9a:
b5:85:fa:68:67:a4:45:c4:fc:39:b8:12:37:a1:94:49:c5:77:
00:e9:fe:fa:31:1c:65:2e:c2:51:d4:1a:c4:9c:c8:fe:29:7f:
c0:ca:d1:ac:a6:52:7d:1d:e7:d6:e7:47:7f:a7:a6:49:3f:0f:
7e:5c:57:24:69:e3:53:47:95:e3:f2:d9:db:70:48:97:ba:51:
df:a2:29:1a:4f:9a:50:ad:aa:10:d8:ca:b9:f1:c4:15:40:a4:
df:52:cd:bb:a5:a6:a7:92:17:80:87:61:63:e5:8a:cf:f6:f7:
f9:6f:33:37:29:3f:a3:b8:11:f8:d0:d8:08:2c:8d:f7:2d:e4:
fd:50:5b:c3:09:3b:4f:78:fe:13:d7:6f:aa:55:1b:7a:7e:c6:
60:7a:7c:e2:12:1b:d1:b9:ba:0f:e1:72:6f:09:ae:7b:5f:74:
55:61:a6:87:06:08:72:8c:46:eb:77:95:5b:03:b2:72:9e:aa:
9c:6c:a1:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUDG0k/QwJyxcSY1IjMDnmVZYgEB4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTA3MjUwODAyMzlaFw0yNjA3MjQwODA3MzlaMDMxMTAvBgNV
BAMTKDIzMDY3MzRBOUU1MjUxN0FBOUZCRjM1NTA0NDVFRTg2RjA3QzA5OTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2RbLtJJOIu4ZCMk7gWn549p9l
GecZBZ+YQ/dyw/Dox8m2368A/3vA1vSURJ2NE+j3M8ftdGjk0bd9LP33Zn924qnm
DHoCUvGLgUCydNdcUGwOoXXWZSUB9gxUirJu3QT/VpxRvktkfPMpptbHiwXtAzYQ
LX70HtcUFFa5ZMkKm28Nd21dETB12lGgdntqv0cMloLhaigWcUtpg2gHsT7KcQs5
CmPMzuT+tfw9PBZI8vn3jt7QjIOQ0qxujz3CnPqFEghx55/7EYTWFjYMVc6sGsLC
OZXo7ltS5UpljJfJPzO9mMnwDfi3xglmhWQrvkAFTfy0FaduXkYj4zDZxLYnAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUIwZzSp5SUXqp+/NVBEXuhvB8CZkwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE1MDg3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQO2MA0GCSqGSIb3DQEBCwUAA4IBAQBDwetW7CWBK3uOBRbP4DW1GFo2LfG7FmPX
S7HcadgpJ7QJK/SVrXaWHPHKRMiuoZKU+KQLP052MFKWxQ9dIoDQkMh+9RiHjJq1
hfpoZ6RFxPw5uBI3oZRJxXcA6f76MRxlLsJR1BrEnMj+KX/AytGsplJ9HefW50d/
p6ZJPw9+XFckaeNTR5Xj8tnbcEiXulHfoikaT5pQraoQ2Mq58cQVQKTfUs27paan
kheAh2Fj5YrP9vf5bzM3KT+juBH40NgILI33LeT9UFvDCTtPeP4T12+qVRt6fsZg
enziEhvRuboP4XJvCa57X3RVYaaHBghyjEbrd5VbA7JynqqcbKFZ
-----END CERTIFICATE-----
Generated at Thu Aug 7 03:30:33 2025 by rpki-client