
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215223.roa
File: AS215223.roa (raw, json)
Hash identifier: /ZilzDkb3SXhqIRdGNBZRfpIfk8/moZhxk2OCGGTzW8=
Subject key identifier: E7:E3:0B:69:48:37:3A:B5:27:EF:25:03:FD:9D:5D:24:D3:CB:B6:18
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 7698CE3F54E4EF04682247BF665CC889BF011A15
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215223.roa
Signing time: Fri 25 Jul 2025 08:07:42 +0000
ROA not before: Fri 25 Jul 2025 08:02:42 +0000
ROA not after: Fri 24 Jul 2026 08:07:42 +0000
asID: 215223
IP address blocks: 2a0f:85c1:3a6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 16:13:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:98:ce:3f:54:e4:ef:04:68:22:47:bf:66:5c:c8:89:bf:01:1a:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Jul 25 08:02:42 2025 GMT
Not After : Jul 24 08:07:42 2026 GMT
Subject: CN=E7E30B6948373AB527EF2503FD9D5D24D3CBB618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4e:10:54:fb:0b:03:dc:39:28:5d:a3:0b:af:
b6:42:31:7b:1f:91:87:56:a3:cd:fd:ab:b0:6b:d3:
20:fb:7a:f7:dd:ca:43:fb:92:32:66:8a:57:55:ba:
20:2a:08:d7:c3:69:00:3c:79:23:ac:c2:8b:42:62:
c9:a5:af:9e:3a:2b:dd:5e:49:6f:41:c9:de:7a:e5:
a8:4d:d0:4c:dd:75:08:91:f7:70:cf:c3:b4:d4:b8:
4f:c6:32:04:4f:84:43:9f:fc:4e:85:18:05:90:c0:
fe:11:05:72:03:b8:0b:12:03:c4:5b:c9:4b:ee:f1:
0a:45:ca:a6:15:89:d2:ed:c9:1e:5f:0e:36:67:64:
b9:0b:2c:ba:2b:76:fa:a4:2c:3d:db:c1:e0:07:b6:
41:a0:d9:86:29:a0:8a:7f:11:f6:44:18:01:22:d8:
0e:30:9c:2f:b6:a4:02:a7:87:ab:b6:38:cb:ca:37:
f0:22:5a:48:50:b2:53:f3:83:dc:30:4a:55:93:94:
2b:82:08:40:77:9a:16:c1:2b:e2:f6:48:b5:2c:bf:
67:38:e4:61:7c:0a:e9:f7:ca:68:ab:86:48:41:f9:
79:83:41:27:9d:86:be:13:f3:44:87:1b:99:62:4b:
f8:19:ca:b6:cd:2f:60:00:3d:73:38:c7:97:19:8c:
54:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:E3:0B:69:48:37:3A:B5:27:EF:25:03:FD:9D:5D:24:D3:CB:B6:18
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215223.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3a6::/48
Signature Algorithm: sha256WithRSAEncryption
37:22:81:a9:83:46:1d:0d:6e:2a:97:bb:56:a4:cf:e4:f5:e6:
0e:5c:66:e9:67:5c:4d:8c:e4:bc:81:09:a6:11:a7:7d:d5:ca:
51:ba:dc:ed:d7:05:6d:31:94:fd:68:cb:7e:15:b4:a9:05:69:
b1:94:ab:c1:81:45:54:c1:61:58:00:19:45:9e:db:d3:3c:b8:
bd:55:dd:d1:cb:df:c1:ea:a1:29:a5:a7:51:fe:2c:a1:4c:2c:
a7:d4:e1:bc:54:ce:01:17:e3:73:a4:27:89:db:2a:91:40:11:
df:b9:c9:20:73:6b:0c:ce:66:6e:e5:a4:d6:09:36:77:4a:9a:
20:14:47:81:b5:41:7f:d5:9f:2c:d0:8c:5b:86:1f:48:e7:d6:
c9:6b:6c:cf:d9:86:f8:f8:f0:86:87:7a:9c:0d:71:28:e3:93:
d0:34:36:c9:cc:f3:7b:07:9b:5c:e4:8d:6e:b9:58:f8:c3:aa:
17:5b:13:ee:b0:7b:ab:d7:8f:88:5b:87:a3:b8:cf:f6:97:c0:
53:0b:f4:3f:58:3f:02:88:e7:c5:39:94:55:02:d2:a7:10:2a:
67:db:da:bd:09:c1:d7:a2:53:74:10:39:15:80:a3:87:65:7d:
21:11:e3:42:e2:26:7e:69:bd:51:96:71:0a:d2:78:37:23:8f:
d4:ab:df:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUdpjOP1Tk7wRoIke/ZlzIib8BGhUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTA3MjUwODAyNDJaFw0yNjA3MjQwODA3NDJaMDMxMTAvBgNV
BAMTKEU3RTMwQjY5NDgzNzNBQjUyN0VGMjUwM0ZEOUQ1RDI0RDNDQkI2MTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8ThBU+wsD3DkoXaMLr7ZCMXsf
kYdWo839q7Br0yD7evfdykP7kjJmildVuiAqCNfDaQA8eSOswotCYsmlr546K91e
SW9Byd565ahN0EzddQiR93DPw7TUuE/GMgRPhEOf/E6FGAWQwP4RBXIDuAsSA8Rb
yUvu8QpFyqYVidLtyR5fDjZnZLkLLLordvqkLD3bweAHtkGg2YYpoIp/EfZEGAEi
2A4wnC+2pAKnh6u2OMvKN/AiWkhQslPzg9wwSlWTlCuCCEB3mhbBK+L2SLUsv2c4
5GF8Cun3ymirhkhB+XmDQSedhr4T80SHG5liS/gZyrbNL2AAPXM4x5cZjFR7AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU5+MLaUg3OrUn7yUD/Z1dJNPLthgwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE1MjIzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQOmMA0GCSqGSIb3DQEBCwUAA4IBAQA3IoGpg0YdDW4ql7tWpM/k9eYOXGbpZ1xN
jOS8gQmmEad91cpRutzt1wVtMZT9aMt+FbSpBWmxlKvBgUVUwWFYABlFntvTPLi9
Vd3Ry9/B6qEppadR/iyhTCyn1OG8VM4BF+NzpCeJ2yqRQBHfuckgc2sMzmZu5aTW
CTZ3SpogFEeBtUF/1Z8s0Ixbhh9I59bJa2zP2Yb4+PCGh3qcDXEo45PQNDbJzPN7
B5tc5I1uuVj4w6oXWxPusHur14+IW4ejuM/2l8BTC/Q/WD8CiOfFOZRVAtKnECpn
29q9CcHXolN0EDkVgKOHZX0hEeNC4iZ+ab1RlnEK0ng3I4/Uq9/P
-----END CERTIFICATE-----
Generated at Thu Aug 7 20:16:28 2025 by rpki-client