Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS215304.roa
File: AS215304.roa (raw, json)
Hash identifier: eZ4dJnOxLV4nz7elvxK5De1EcdcLyVg3q5GrI4fD+GU=
Subject key identifier: BA:95:C9:D6:2B:CB:CE:E1:E5:24:A6:58:12:65:37:73:D4:84:8F:B6
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 2CCF8B709289A4CFD9BAB424481D38764C554DA8
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS215304.roa
Signing time: Wed 23 Jul 2025 00:01:59 +0000
ROA not before: Tue 22 Jul 2025 23:56:59 +0000
ROA not after: Wed 22 Jul 2026 00:01:59 +0000
asID: 215304
IP address blocks: 46.203.98.0/24 maxlen: 24
46.203.203.0/24 maxlen: 24
92.113.106.0/23 maxlen: 24
92.113.112.0/23 maxlen: 24
92.113.124.0/23 maxlen: 24
92.113.136.0/23 maxlen: 24
92.113.142.0/23 maxlen: 24
178.94.140.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:cf:8b:70:92:89:a4:cf:d9:ba:b4:24:48:1d:38:76:4c:55:4d:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jul 22 23:56:59 2025 GMT
Not After : Jul 22 00:01:59 2026 GMT
Subject: CN=BA95C9D62BCBCEE1E524A65812653773D4848FB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:94:a3:f7:77:d3:e2:30:66:c8:ab:c7:45:7b:
1b:42:c8:f2:b5:7a:33:9e:83:03:b2:1f:43:45:8c:
53:4a:2a:2c:f5:54:5c:6a:23:a6:45:d4:85:69:9b:
30:ec:e2:cd:38:33:e4:d0:6d:13:80:f7:ea:ae:d9:
6e:ad:87:7a:de:1e:e6:e7:ce:c6:03:48:17:a7:20:
fa:1c:6d:c0:0c:f2:3c:78:6b:8e:f1:5c:42:db:51:
dc:88:1a:ea:c3:2f:0c:a2:26:26:08:84:20:1f:70:
a7:aa:6c:3e:86:3e:4d:03:74:8f:8f:c0:bc:bc:38:
e7:30:9a:b3:02:3f:53:e4:0b:59:bb:03:b6:a0:85:
57:42:6a:b4:5f:e2:30:0a:8e:6e:5f:51:1f:69:20:
b5:d2:1f:57:36:58:ab:63:46:35:f8:44:4e:49:b7:
4f:2a:8c:d8:00:0a:68:1f:69:8a:1c:fe:df:36:ed:
d1:da:aa:bd:e9:e4:4c:cf:2a:d5:b2:d6:be:d2:a9:
00:fb:73:70:15:6a:e0:41:77:39:71:d5:c8:62:10:
a2:6d:24:0e:61:02:26:63:11:a4:35:f4:55:ef:a2:
0f:9e:35:8b:13:cb:9e:0d:1d:03:e7:3e:59:db:11:
50:a1:f4:78:7a:59:22:4d:90:cd:7c:7d:c2:21:0a:
3a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:95:C9:D6:2B:CB:CE:E1:E5:24:A6:58:12:65:37:73:D4:84:8F:B6
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS215304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.98.0/24
46.203.203.0/24
92.113.106.0/23
92.113.112.0/23
92.113.124.0/23
92.113.136.0/23
92.113.142.0/23
178.94.140.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:2f:73:4a:bc:8c:03:eb:94:d9:05:9f:df:9f:2d:73:e1:22:
3d:a7:fe:db:41:c9:e0:91:93:a1:a3:65:d2:07:8a:54:e5:04:
6c:20:75:8e:20:a3:67:45:ad:48:7d:44:c7:af:0f:ba:7a:31:
f7:c2:35:28:c9:86:59:31:42:06:bc:42:9c:0c:d8:80:4d:96:
d9:56:6f:06:70:84:30:6e:c2:dd:3d:7a:23:c7:66:b8:82:d7:
6c:7b:75:6a:86:b9:05:84:6d:37:01:5a:85:b7:f3:4d:e1:7c:
7c:78:f7:b6:fa:7b:79:3d:49:2b:e9:fb:ab:b6:69:d0:8a:2f:
ca:a8:09:a7:88:53:47:c0:34:7b:11:b0:c0:8b:fe:7b:c9:59:
f4:a3:19:f5:a8:dc:f2:3a:33:4f:2f:1d:b6:0b:48:92:00:a9:
6b:70:16:b8:6b:bf:5d:a4:e6:01:3a:40:82:9a:12:50:0b:93:
f9:16:04:84:b4:ce:30:76:c5:cb:00:c5:17:ca:d4:32:8d:f1:
c3:8b:75:88:03:9f:1f:9f:9b:ee:cf:20:ec:af:e3:f9:67:a2:
cb:6a:f9:8e:69:c7:2f:58:a0:c1:fd:83:fa:82:9f:d4:ac:e5:
e9:01:d0:75:46:66:03:d7:9f:31:8a:27:66:f4:00:63:74:53:
bc:54:96:82
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIULM+LcJKJpM/ZurQkSB04dkxVTagwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA3MjIyMzU2NTlaFw0yNjA3MjIwMDAxNTlaMDMxMTAvBgNV
BAMTKEJBOTVDOUQ2MkJDQkNFRTFFNTI0QTY1ODEyNjUzNzczRDQ4NDhGQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWlKP3d9PiMGbIq8dFextCyPK1
ejOegwOyH0NFjFNKKiz1VFxqI6ZF1IVpmzDs4s04M+TQbROA9+qu2W6th3reHubn
zsYDSBenIPocbcAM8jx4a47xXELbUdyIGurDLwyiJiYIhCAfcKeqbD6GPk0DdI+P
wLy8OOcwmrMCP1PkC1m7A7aghVdCarRf4jAKjm5fUR9pILXSH1c2WKtjRjX4RE5J
t08qjNgACmgfaYoc/t827dHaqr3p5EzPKtWy1r7SqQD7c3AVauBBdzlx1chiEKJt
JA5hAiZjEaQ19FXvog+eNYsTy54NHQPnPlnbEVCh9Hh6WSJNkM18fcIhCjolAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUupXJ1ivLzuHlJKZYEmU3c9SEj7YwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE1MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALsti
AwQALsvLAwQBXHFqAwQBXHFwAwQBXHF8AwQBXHGIAwQBXHGOAwQCsl6MMA0GCSqG
SIb3DQEBCwUAA4IBAQAsL3NKvIwD65TZBZ/fny1z4SI9p/7bQcngkZOho2XSB4pU
5QRsIHWOIKNnRa1IfUTHrw+6ejH3wjUoyYZZMUIGvEKcDNiATZbZVm8GcIQwbsLd
PXojx2a4gtdse3VqhrkFhG03AVqFt/NN4Xx8ePe2+nt5PUkr6furtmnQii/KqAmn
iFNHwDR7EbDAi/57yVn0oxn1qNzyOjNPLx22C0iSAKlrcBa4a79dpOYBOkCCmhJQ
C5P5FgSEtM4wdsXLAMUXytQyjfHDi3WIA58fn5vuzyDsr+P5Z6LLavmOaccvWKDB
/YP6gp/UrOXpAdB1RmYD158xiidm9ABjdFO8VJaC
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:58:57 2025 by rpki-client