Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS215645.roa
File: AS215645.roa (raw, json)
Hash identifier: oy1ziELbL8oIDPVnvpChn8wCjPgg3imUcwmQzJ13lT8=
Subject key identifier: 4A:44:E9:F6:EC:4D:CF:15:89:43:97:63:39:2A:0C:D7:FC:2D:18:47
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 5AAB6A0AE59FC2849C7288D53BB45135C89FB260
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS215645.roa
Signing time: Wed 11 Jun 2025 07:48:38 +0000
ROA not before: Wed 11 Jun 2025 07:43:38 +0000
ROA not after: Wed 10 Jun 2026 07:48:38 +0000
asID: 215645
IP address blocks: 31.40.196.0/24 maxlen: 24
31.40.197.0/24 maxlen: 24
31.40.204.0/24 maxlen: 24
37.221.77.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
92.249.63.0/24 maxlen: 24
93.190.8.0/24 maxlen: 24
176.96.129.0/24 maxlen: 24
176.96.130.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:ab:6a:0a:e5:9f:c2:84:9c:72:88:d5:3b:b4:51:35:c8:9f:b2:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jun 11 07:43:38 2025 GMT
Not After : Jun 10 07:48:38 2026 GMT
Subject: CN=4A44E9F6EC4DCF1589439763392A0CD7FC2D1847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c9:9c:50:1b:3e:46:dd:62:02:f1:b4:42:9b:
90:20:59:80:37:6a:6d:99:eb:fa:4b:f7:45:1d:7c:
6d:99:29:d5:0c:fa:e2:dd:a5:14:76:77:9d:b9:e9:
eb:47:4e:ac:8f:f0:76:c3:fc:43:00:01:0a:14:52:
3b:95:08:ae:61:73:71:6d:97:f1:c1:22:81:a5:b0:
bb:ba:46:44:2f:bb:ac:4b:27:8c:17:cc:94:49:43:
64:1c:36:fd:56:90:06:03:5a:d3:cd:4b:07:70:66:
3e:70:b2:c2:3f:3c:8f:b0:17:8a:9d:d9:ab:c6:aa:
31:84:1b:00:5f:13:dd:3c:79:8c:2a:54:18:7b:03:
71:62:3c:ae:05:2b:ca:92:84:7d:ff:f3:17:a6:a4:
c9:de:1a:d3:7b:99:e9:04:b4:2e:13:ff:1b:c9:b0:
f1:ad:05:0d:1e:ed:5e:e8:5c:8a:5f:9e:8d:09:39:
c2:cf:08:46:85:7d:0e:c3:96:f5:09:4f:3f:72:e5:
41:2b:e4:49:1f:35:19:95:d9:d6:51:09:e9:89:a3:
6a:64:5e:a6:93:c7:a2:b3:68:ed:77:45:d7:f2:b7:
25:d6:0d:a1:59:76:6b:75:17:90:7b:f5:b5:2c:ce:
2a:26:12:28:92:2f:ef:d2:dc:60:ca:9a:47:8a:ed:
76:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:44:E9:F6:EC:4D:CF:15:89:43:97:63:39:2A:0C:D7:FC:2D:18:47
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS215645.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.196.0/23
31.40.204.0/24
37.221.77.0/24
85.235.73.0-85.235.74.255
92.249.63.0/24
93.190.8.0/24
176.96.129.0-176.96.130.255
217.18.208.0/24
Signature Algorithm: sha256WithRSAEncryption
02:d9:3f:4c:96:00:51:6d:16:4a:ab:81:cb:d6:e7:4f:67:d8:
46:e5:89:45:f6:42:8e:a4:9a:70:f1:17:49:4e:fb:90:11:b2:
bd:74:03:98:e4:03:b8:c6:cd:17:6e:25:5d:83:33:4e:b3:ae:
44:cb:ac:0a:92:db:92:43:30:b0:50:82:f9:23:dd:7a:6c:56:
3a:06:dd:8e:b7:8f:77:93:5e:32:ee:d4:51:6f:b9:8a:f3:7a:
30:2b:cd:30:dc:1a:7d:2c:9d:04:28:d1:86:a5:00:56:63:48:
7e:1c:c2:e8:dc:a9:0d:6f:4b:7c:23:2d:38:74:c6:ed:af:f4:
91:9b:46:18:80:d6:d2:0a:7f:72:ed:0e:eb:22:52:ad:87:e1:
c1:d2:70:25:8a:46:63:35:e4:6c:d6:a9:fb:d0:15:c4:e4:bb:
50:f9:44:bd:5e:ed:19:5a:49:64:18:64:eb:ef:21:1b:cb:2b:
d1:8c:34:ec:db:95:a6:10:76:18:69:07:23:e0:4a:49:1a:13:
94:c9:1f:61:1e:a3:e9:e4:0c:53:7f:4f:4f:3b:ea:e6:6a:1d:
de:43:c0:9e:fa:ce:bd:46:f2:a2:3e:f8:c0:28:b8:27:6c:53:
95:18:dc:5a:21:79:23:ec:be:85:51:c1:06:ea:af:5c:4a:7d:
d0:27:28:36
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUWqtqCuWfwoSccojVO7RRNcifsmAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA2MTEwNzQzMzhaFw0yNjA2MTAwNzQ4MzhaMDMxMTAvBgNV
BAMTKDRBNDRFOUY2RUM0RENGMTU4OTQzOTc2MzM5MkEwQ0Q3RkMyRDE4NDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyyZxQGz5G3WIC8bRCm5AgWYA3
am2Z6/pL90UdfG2ZKdUM+uLdpRR2d5256etHTqyP8HbD/EMAAQoUUjuVCK5hc3Ft
l/HBIoGlsLu6RkQvu6xLJ4wXzJRJQ2QcNv1WkAYDWtPNSwdwZj5wssI/PI+wF4qd
2avGqjGEGwBfE908eYwqVBh7A3FiPK4FK8qShH3/8xempMneGtN7mekEtC4T/xvJ
sPGtBQ0e7V7oXIpfno0JOcLPCEaFfQ7DlvUJTz9y5UEr5EkfNRmV2dZRCemJo2pk
XqaTx6KzaO13RdfytyXWDaFZdmt1F5B79bUsziomEiiSL+/S3GDKmkeK7XaHAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUSkTp9uxNzxWJQ5djOSoM1/wtGEcwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjE1NjQ1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQBHyjE
AwQAHyjMAwQAJd1NMAwDBABV60kDBABV60oDBABc+T8DBABdvggwDAMEALBggQME
ALBgggMEANkS0DANBgkqhkiG9w0BAQsFAAOCAQEAAtk/TJYAUW0WSquBy9bnT2fY
RuWJRfZCjqSacPEXSU77kBGyvXQDmOQDuMbNF24lXYMzTrOuRMusCpLbkkMwsFCC
+SPdemxWOgbdjrePd5NeMu7UUW+5ivN6MCvNMNwafSydBCjRhqUAVmNIfhzC6Nyp
DW9LfCMtOHTG7a/0kZtGGIDW0gp/cu0O6yJSrYfhwdJwJYpGYzXkbNap+9AVxOS7
UPlEvV7tGVpJZBhk6+8hG8sr0Yw07NuVphB2GGkHI+BKSRoTlMkfYR6j6eQMU39P
Tzvq5mod3kPAnvrOvUbyoj74wCi4J2xTlRjcWiF5I+y+hVHBBuqvXEp90CcoNg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 21:41:12 2025 by rpki-client