Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS215304.roa
File: AS215304.roa (raw, json)
Hash identifier: ZuXJ6PhJKzEHrHuY0fbkC9SdLbjE+exdniyQurPU3pI=
Subject key identifier: 7C:51:71:7C:E2:7C:FB:AC:82:6E:AD:1D:FC:47:27:8B:75:8D:8A:12
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 0250F225CC774A97B852E06BB016496B522CA18B
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS215304.roa
Signing time: Fri 23 May 2025 17:32:04 +0000
ROA not before: Fri 23 May 2025 17:27:04 +0000
ROA not after: Fri 22 May 2026 17:32:04 +0000
asID: 215304
IP address blocks: 46.202.0.0/24 maxlen: 24
46.202.39.0/24 maxlen: 24
46.203.98.0/24 maxlen: 24
46.203.203.0/24 maxlen: 24
92.113.106.0/23 maxlen: 24
92.113.112.0/23 maxlen: 24
92.113.124.0/23 maxlen: 24
92.113.136.0/23 maxlen: 24
92.113.142.0/23 maxlen: 24
95.134.140.0/24 maxlen: 24
95.134.141.0/24 maxlen: 24
95.134.142.0/24 maxlen: 24
95.135.83.0/24 maxlen: 24
95.135.109.0/24 maxlen: 24
95.135.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:50:f2:25:cc:77:4a:97:b8:52:e0:6b:b0:16:49:6b:52:2c:a1:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 23 17:27:04 2025 GMT
Not After : May 22 17:32:04 2026 GMT
Subject: CN=7C51717CE27CFBAC826EAD1DFC47278B758D8A12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:eb:81:49:4a:10:3e:e4:ab:09:bd:37:9b:2b:
99:4b:f6:f3:46:e4:b4:be:8a:b4:8f:1b:c7:8d:94:
75:b0:06:5a:92:ad:2f:b7:ae:96:20:8a:b5:38:a3:
43:c0:bc:54:98:e8:4f:56:a3:60:12:b3:6a:a7:e8:
a7:df:a4:a9:26:a6:27:5e:55:43:54:f6:07:99:4c:
71:5e:14:cd:d7:05:d2:2f:54:81:c8:27:62:b5:45:
d5:95:c8:3b:55:75:23:59:e6:4c:9a:69:85:9c:8d:
a1:2f:41:93:b6:fc:42:16:9f:50:28:88:37:31:44:
85:2e:90:d2:d6:31:8c:65:58:7a:d3:10:e9:96:fe:
59:2d:b9:0a:87:2b:91:cb:de:32:76:6b:98:c1:ee:
0a:53:ec:0c:2d:4c:f6:4c:40:39:7b:24:a7:4f:45:
2f:9b:05:9c:d6:06:74:3c:cc:04:50:01:25:72:7c:
3b:83:3b:f8:cb:b5:62:b5:a1:62:14:9e:fc:1d:ba:
1b:36:fb:14:1b:a7:80:aa:c7:86:1f:33:2f:0f:f9:
51:fc:c6:c7:b3:d3:13:38:3d:1a:d6:da:b4:12:6a:
18:1a:2b:6b:37:19:50:a0:8b:d7:0b:9a:07:2a:7d:
6c:64:46:b3:40:80:0a:47:7a:56:02:f4:1e:3f:db:
42:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:51:71:7C:E2:7C:FB:AC:82:6E:AD:1D:FC:47:27:8B:75:8D:8A:12
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS215304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.0.0/24
46.202.39.0/24
46.203.98.0/24
46.203.203.0/24
92.113.106.0/23
92.113.112.0/23
92.113.124.0/23
92.113.136.0/23
92.113.142.0/23
95.134.140.0-95.134.142.255
95.135.83.0/24
95.135.109.0/24
95.135.250.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:58:4f:eb:07:93:35:5f:97:68:d1:e6:53:aa:f9:b9:33:c2:
da:b3:9b:d4:9e:2d:da:3e:1a:3e:4b:3a:7d:02:93:55:bc:11:
55:9c:35:08:47:8f:b3:9d:a2:77:c6:b4:08:c6:c2:8c:ba:89:
52:a1:59:fc:c6:85:fb:bd:b7:0b:ef:a8:0d:3a:16:9f:a5:ea:
2c:56:a5:79:3c:fb:c8:69:3a:58:6a:25:d1:f4:ea:35:d0:24:
45:d1:f0:f2:d2:62:65:bb:a0:94:8f:25:fd:76:80:22:3e:a9:
36:d9:da:5a:c3:d1:1d:44:31:cd:60:0e:12:9b:6f:a9:a8:e6:
e2:14:28:4f:f7:21:b6:78:cf:ce:11:bf:3b:f1:53:59:9b:f3:
d7:bf:ed:41:1d:87:02:19:6e:0d:7c:05:98:17:02:74:dd:27:
20:3e:a9:cf:17:a1:41:0c:ab:df:0e:a1:18:fa:8e:27:58:ba:
cc:6d:ae:4c:bd:b3:e7:31:af:89:7d:17:80:93:78:e6:54:6d:
5e:14:83:75:f9:e6:c7:12:88:8a:1f:2b:58:7d:cd:bd:6c:40:
c5:ea:93:0c:ae:61:9e:cc:b3:c5:b3:d4:ef:51:1b:b5:fc:0a:
29:42:b1:ec:72:bc:3d:37:de:f0:f8:9d:53:3e:6a:57:50:6b:
72:ee:25:00
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgIUAlDyJcx3Spe4UuBrsBZJa1IsoYswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA1MjMxNzI3MDRaFw0yNjA1MjIxNzMyMDRaMDMxMTAvBgNV
BAMTKDdDNTE3MTdDRTI3Q0ZCQUM4MjZFQUQxREZDNDcyNzhCNzU4RDhBMTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDf64FJShA+5KsJvTebK5lL9vNG
5LS+irSPG8eNlHWwBlqSrS+3rpYgirU4o0PAvFSY6E9Wo2ASs2qn6KffpKkmpide
VUNU9geZTHFeFM3XBdIvVIHIJ2K1RdWVyDtVdSNZ5kyaaYWcjaEvQZO2/EIWn1Ao
iDcxRIUukNLWMYxlWHrTEOmW/lktuQqHK5HL3jJ2a5jB7gpT7AwtTPZMQDl7JKdP
RS+bBZzWBnQ8zARQASVyfDuDO/jLtWK1oWIUnvwduhs2+xQbp4Cqx4YfMy8P+VH8
xsez0xM4PRrW2rQSahgaK2s3GVCgi9cLmgcqfWxkRrNAgApHelYC9B4/20J3AgMB
AAGjggJaMIICVjAdBgNVHQ4EFgQUfFFxfOJ8+6yCbq0d/Ecni3WNihIwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE1MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQALsoA
AwQALsonAwQALstiAwQALsvLAwQBXHFqAwQBXHFwAwQBXHF8AwQBXHGIAwQBXHGO
MAwDBAJfhowDBABfho4DBABfh1MDBABfh20DBABfh/owDQYJKoZIhvcNAQELBQAD
ggEBAKpYT+sHkzVfl2jR5lOq+bkzwtqzm9SeLdo+Gj5LOn0Ck1W8EVWcNQhHj7Od
onfGtAjGwoy6iVKhWfzGhfu9twvvqA06Fp+l6ixWpXk8+8hpOlhqJdH06jXQJEXR
8PLSYmW7oJSPJf12gCI+qTbZ2lrD0R1EMc1gDhKbb6mo5uIUKE/3IbZ4z84Rvzvx
U1mb89e/7UEdhwIZbg18BZgXAnTdJyA+qc8XoUEMq98OoRj6jidYusxtrky9s+cx
r4l9F4CTeOZUbV4Ug3X55scSiIofK1h9zb1sQMXqkwyuYZ7Ms8Wz1O9RG7X8CilC
sexyvD033vD4nVM+aldQa3LuJQA=
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:00:16 2025 by rpki-client