
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215108.roa
File: AS215108.roa (raw, json)
Hash identifier: 1Z0SYGLZ/BaZ8nCulcgd2L8oKBIedDrOnOaue1badBY=
Subject key identifier: ED:72:23:36:29:FC:15:69:77:60:9F:1B:9B:7B:9E:69:F1:BB:60:C4
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 51092A0000D5C5B899F8C21D1122DE3EF10E8452
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215108.roa
Signing time: Fri 25 Jul 2025 08:07:44 +0000
ROA not before: Fri 25 Jul 2025 08:02:44 +0000
ROA not after: Fri 24 Jul 2026 08:07:44 +0000
asID: 215108
IP address blocks: 2a0f:85c1:3bf::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 16:13:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:09:2a:00:00:d5:c5:b8:99:f8:c2:1d:11:22:de:3e:f1:0e:84:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Jul 25 08:02:44 2025 GMT
Not After : Jul 24 08:07:44 2026 GMT
Subject: CN=ED72233629FC156977609F1B9B7B9E69F1BB60C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2a:cc:6a:81:ee:7b:2e:c3:2c:9c:df:bf:ea:
b9:c3:e1:a5:0e:71:a8:a3:f2:2b:63:5d:aa:a4:84:
51:d0:d4:5c:8c:a3:d8:22:23:f1:d4:cf:72:95:15:
a1:c0:46:01:74:3f:94:86:c9:98:b5:68:4a:a7:b7:
ce:b5:af:15:ec:b8:5c:25:1a:16:07:5a:06:06:50:
fb:33:73:77:08:4c:69:c9:36:1f:53:ed:04:50:a9:
21:3f:9a:a3:ce:0b:ab:31:fe:a9:ee:4b:2a:a8:3e:
06:7d:24:f0:bd:6c:b0:23:e1:10:e7:66:51:ca:77:
8f:8f:72:5e:bc:61:23:0e:0e:65:68:4b:de:85:ac:
ca:52:5a:18:5c:1d:87:25:25:67:e2:eb:4e:14:35:
e6:c0:6e:2d:08:d3:7f:c0:0d:8d:4e:0f:a8:62:fb:
5f:12:15:55:28:2a:12:ef:d4:85:e2:62:b0:aa:fb:
b0:06:e6:b4:e3:9b:5a:f3:6a:3f:04:8a:b0:f2:fd:
8e:7c:3e:60:26:f9:99:37:31:b7:d4:32:a2:9c:ba:
62:c7:7b:de:43:ef:33:92:a1:86:64:13:10:ed:74:
d7:8f:85:df:57:06:d0:dd:10:5a:c4:36:99:e2:b9:
55:63:e4:38:8c:45:24:01:6f:fb:ed:1c:97:39:de:
da:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:72:23:36:29:FC:15:69:77:60:9F:1B:9B:7B:9E:69:F1:BB:60:C4
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215108.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3bf::/48
Signature Algorithm: sha256WithRSAEncryption
ec:42:24:43:10:fb:7c:5a:9f:82:d5:87:07:90:eb:fb:24:9e:
90:29:c4:43:13:fb:65:55:f5:e1:e5:45:a5:7b:47:03:82:cd:
2e:dd:29:02:e4:d4:b9:44:4f:84:8d:00:e7:ff:bd:10:84:61:
cb:b5:0e:83:9a:b1:a8:d9:02:38:98:d4:4f:28:82:1b:65:bb:
11:e1:4b:2c:f4:ce:d5:8b:93:e6:c2:f1:b0:2a:fb:30:48:33:
c1:ce:f7:39:5a:06:ed:fd:12:95:28:fe:ac:e7:e7:8c:47:a1:
91:1a:3b:ee:c5:3b:c9:de:1d:84:8a:bd:af:cd:8b:4e:f7:b9:
8b:03:bb:09:d9:4a:5c:52:77:5b:39:51:7b:4f:d6:84:2f:bf:
f5:e8:27:81:09:17:9f:7f:62:ae:5b:fe:0c:97:c9:8b:8a:03:
29:bd:e0:e6:f5:f5:bc:fb:6d:ad:c9:c1:83:f4:3c:63:e2:c6:
dc:3d:b9:c1:44:3a:c1:70:cd:2e:ba:49:60:0d:dd:6a:17:bd:
82:a7:9e:98:77:2e:50:e3:0d:07:15:38:dd:7c:a7:69:22:d9:
d1:61:49:b9:08:43:40:f7:87:da:fc:ef:9b:7c:57:a0:06:91:
38:87:94:63:10:8f:36:01:80:1a:0b:8d:37:03:f6:ac:57:c5:
24:c6:7e:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUUQkqAADVxbiZ+MIdESLePvEOhFIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTA3MjUwODAyNDRaFw0yNjA3MjQwODA3NDRaMDMxMTAvBgNV
BAMTKEVENzIyMzM2MjlGQzE1Njk3NzYwOUYxQjlCN0I5RTY5RjFCQjYwQzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAKsxqge57LsMsnN+/6rnD4aUO
caij8itjXaqkhFHQ1FyMo9giI/HUz3KVFaHARgF0P5SGyZi1aEqnt861rxXsuFwl
GhYHWgYGUPszc3cITGnJNh9T7QRQqSE/mqPOC6sx/qnuSyqoPgZ9JPC9bLAj4RDn
ZlHKd4+Pcl68YSMODmVoS96FrMpSWhhcHYclJWfi604UNebAbi0I03/ADY1OD6hi
+18SFVUoKhLv1IXiYrCq+7AG5rTjm1rzaj8EirDy/Y58PmAm+Zk3MbfUMqKcumLH
e95D7zOSoYZkExDtdNePhd9XBtDdEFrENpniuVVj5DiMRSQBb/vtHJc53toBAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU7XIjNin8FWl3YJ8bm3ueafG7YMQwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE1MTA4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQO/MA0GCSqGSIb3DQEBCwUAA4IBAQDsQiRDEPt8Wp+C1YcHkOv7JJ6QKcRDE/tl
VfXh5UWle0cDgs0u3SkC5NS5RE+EjQDn/70QhGHLtQ6DmrGo2QI4mNRPKIIbZbsR
4Uss9M7Vi5PmwvGwKvswSDPBzvc5Wgbt/RKVKP6s5+eMR6GRGjvuxTvJ3h2Eir2v
zYtO97mLA7sJ2UpcUndbOVF7T9aEL7/16CeBCReff2KuW/4Ml8mLigMpveDm9fW8
+22tycGD9Dxj4sbcPbnBRDrBcM0uuklgDd1qF72Cp56Ydy5Q4w0HFTjdfKdpItnR
YUm5CENA94fa/O+bfFegBpE4h5RjEI82AYAaC403A/asV8Ukxn6j
-----END CERTIFICATE-----
Generated at Thu Aug 7 20:13:27 2025 by rpki-client