Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS215304.roa
File: AS215304.roa (raw, json)
Hash identifier: bqNzuyNnz3pQb67phAw3eixVzceSqWm+eYhGB1JIbfk=
Subject key identifier: AD:F5:1D:84:A2:0D:75:F0:CB:CB:D2:8E:71:EA:3E:E3:26:9C:12:BC
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 13008211F6DDA78FD75C4D562516C5A4EF21B357
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS215304.roa
Signing time: Tue 21 Oct 2025 16:20:23 +0000
ROA not before: Tue 21 Oct 2025 16:15:23 +0000
ROA not after: Tue 20 Oct 2026 16:20:23 +0000
asID: 215304
IP address blocks: 46.203.33.0/24 maxlen: 24
46.203.98.0/24 maxlen: 24
46.203.203.0/24 maxlen: 24
92.113.106.0/23 maxlen: 24
92.113.112.0/23 maxlen: 24
92.113.124.0/23 maxlen: 24
92.113.136.0/23 maxlen: 24
92.113.142.0/23 maxlen: 24
178.94.140.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:00:82:11:f6:dd:a7:8f:d7:5c:4d:56:25:16:c5:a4:ef:21:b3:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 21 16:15:23 2025 GMT
Not After : Oct 20 16:20:23 2026 GMT
Subject: CN=ADF51D84A20D75F0CBCBD28E71EA3EE3269C12BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7d:d2:78:80:77:55:fd:6d:51:0e:ec:05:b0:
08:d6:14:ba:65:de:40:3c:e1:f7:2b:23:d9:fa:f3:
dc:91:71:ba:72:b2:58:f3:a1:46:cc:70:56:f9:15:
7d:6d:03:8f:5f:5d:62:a4:6d:21:d7:ae:c0:c1:aa:
95:41:d4:8a:09:d2:fe:5f:23:a4:fe:19:ae:30:93:
2a:64:a0:6c:f3:9a:69:ba:30:31:10:49:1a:1b:21:
1d:82:f9:30:0b:65:4f:4f:52:3d:ba:78:48:bf:7a:
5d:75:12:f7:75:08:e0:a7:90:e4:a1:84:ea:89:a4:
8a:8b:8e:19:3f:59:af:ed:1e:0f:15:46:2f:32:bc:
cf:4c:9f:83:8c:a3:c9:99:fd:6c:e5:28:03:3d:ab:
c5:f8:c5:b9:43:f0:11:55:11:1c:c8:ab:49:dd:a3:
16:fb:9b:6e:8d:c0:60:4d:23:8e:c0:55:5f:9c:0b:
18:54:fa:a6:5e:9e:e9:a3:fe:8f:df:71:bc:1d:62:
15:39:da:65:90:57:97:30:7a:79:c4:03:f3:65:9a:
ce:ab:3b:34:e8:a9:b4:e2:70:c4:af:1f:c7:6e:e3:
44:15:bb:5b:69:d1:ce:c4:f3:8f:5e:0e:e8:09:44:
70:d2:fc:94:24:8d:35:09:12:5e:62:77:d7:9c:32:
51:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:F5:1D:84:A2:0D:75:F0:CB:CB:D2:8E:71:EA:3E:E3:26:9C:12:BC
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS215304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.33.0/24
46.203.98.0/24
46.203.203.0/24
92.113.106.0/23
92.113.112.0/23
92.113.124.0/23
92.113.136.0/23
92.113.142.0/23
178.94.140.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:dd:6d:18:65:9e:13:0c:ac:6c:ed:bf:3e:46:5e:76:0d:96:
ea:ea:10:a0:91:d0:45:c3:49:98:91:d8:d3:7a:a5:82:0c:23:
b4:4b:d1:31:67:d2:b1:eb:0e:c7:9e:dc:93:c0:55:1a:7d:e1:
16:e4:d0:af:fa:16:a5:61:61:71:db:d8:76:dd:ff:23:1a:f0:
c6:a6:22:a5:85:0c:0f:35:c4:6b:2b:5a:0b:db:94:d0:78:c3:
11:ce:f3:85:ce:f5:28:bd:f3:fe:ff:c6:a5:86:88:18:4a:e9:
9f:40:c2:d6:f6:9d:dd:b5:9d:77:5b:c0:33:7a:bb:e5:46:9c:
8b:74:eb:58:3c:a6:65:1b:6e:b8:3a:6d:8a:bd:8a:6f:d3:97:
d7:4b:0a:24:be:96:23:d4:9b:02:ec:a8:b5:e0:aa:8d:e7:6d:
3b:e5:0e:ab:12:e7:63:f9:0e:33:33:d5:5f:5a:95:33:06:fc:
c8:52:13:f9:bf:38:a3:4f:57:1d:97:2e:af:3f:78:c5:80:25:
2f:81:3e:b8:7c:0a:10:52:2e:31:8a:51:f7:66:89:a3:b5:37:
5f:41:8d:f8:23:4c:e8:9c:17:39:f2:31:50:67:df:2e:0e:6e:
74:43:31:ea:e5:f4:4e:4b:01:8a:6a:6e:46:e4:b0:97:d3:7e:
14:f0:d6:b4
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIUEwCCEfbdp4/XXE1WJRbFpO8hs1cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMjExNjE1MjNaFw0yNjEwMjAxNjIwMjNaMDMxMTAvBgNV
BAMTKEFERjUxRDg0QTIwRDc1RjBDQkNCRDI4RTcxRUEzRUUzMjY5QzEyQkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwfdJ4gHdV/W1RDuwFsAjWFLpl
3kA84fcrI9n689yRcbpysljzoUbMcFb5FX1tA49fXWKkbSHXrsDBqpVB1IoJ0v5f
I6T+Ga4wkypkoGzzmmm6MDEQSRobIR2C+TALZU9PUj26eEi/el11Evd1COCnkOSh
hOqJpIqLjhk/Wa/tHg8VRi8yvM9Mn4OMo8mZ/WzlKAM9q8X4xblD8BFVERzIq0nd
oxb7m26NwGBNI47AVV+cCxhU+qZenumj/o/fcbwdYhU52mWQV5cwennEA/Nlms6r
OzToqbTicMSvH8du40QVu1tp0c7E849eDugJRHDS/JQkjTUJEl5id9ecMlEHAgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQUrfUdhKINdfDLy9KOceo+4yacErwwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE1MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALssh
AwQALstiAwQALsvLAwQBXHFqAwQBXHFwAwQBXHF8AwQBXHGIAwQBXHGOAwQCsl6M
MA0GCSqGSIb3DQEBCwUAA4IBAQCN3W0YZZ4TDKxs7b8+Rl52DZbq6hCgkdBFw0mY
kdjTeqWCDCO0S9ExZ9Kx6w7HntyTwFUafeEW5NCv+halYWFx29h23f8jGvDGpiKl
hQwPNcRrK1oL25TQeMMRzvOFzvUovfP+/8alhogYSumfQMLW9p3dtZ13W8Azervl
RpyLdOtYPKZlG264Om2KvYpv05fXSwokvpYj1JsC7Ki14KqN52075Q6rEudj+Q4z
M9VfWpUzBvzIUhP5vzijT1cdly6vP3jFgCUvgT64fAoQUi4xilH3ZomjtTdfQY34
I0zonBc58jFQZ98uDm50QzHq5fROSwGKam5G5LCX034U8Na0
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:52:34 2025 by rpki-client