Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS215304.roa
File: AS215304.roa (raw, json)
Hash identifier: jd3zHi+LxR1NjJzxWgWimDwzHaF+/TU4EPGhW33smO4=
Subject key identifier: C9:FF:37:2E:44:3E:82:4C:E4:CF:C7:65:E1:C9:A5:11:BE:00:53:ED
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 6D147B6141D626DF71066D0CC82FC11984890197
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS215304.roa
Signing time: Tue 15 Apr 2025 23:19:09 +0000
ROA not before: Tue 15 Apr 2025 23:14:09 +0000
ROA not after: Tue 14 Apr 2026 23:19:09 +0000
asID: 215304
IP address blocks: 46.203.98.0/24 maxlen: 24
46.203.203.0/24 maxlen: 24
92.113.106.0/23 maxlen: 24
92.113.112.0/23 maxlen: 24
92.113.124.0/23 maxlen: 24
92.113.136.0/23 maxlen: 24
92.113.142.0/23 maxlen: 24
95.135.83.0/24 maxlen: 24
95.135.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:14:7b:61:41:d6:26:df:71:06:6d:0c:c8:2f:c1:19:84:89:01:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 15 23:14:09 2025 GMT
Not After : Apr 14 23:19:09 2026 GMT
Subject: CN=C9FF372E443E824CE4CFC765E1C9A511BE0053ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:44:3f:eb:25:42:aa:d7:47:63:b9:2e:f1:b5:
6b:24:e1:77:10:f6:44:95:b9:f5:ea:87:7a:93:1c:
85:da:50:b0:7d:d4:a6:ed:5e:cb:88:a4:43:9a:66:
49:c3:7d:15:2c:54:73:41:ce:6b:ad:b2:5c:6b:93:
44:ed:10:bc:56:7b:70:05:e8:03:54:a3:8a:b8:93:
1d:b7:e1:ab:ff:00:44:1a:31:a1:be:e2:69:36:b5:
0e:13:7c:e8:cc:fc:f7:fa:0b:1b:bf:77:7a:2d:4b:
c8:c9:f7:f1:52:79:e4:39:ae:68:75:6f:90:99:19:
2e:f8:ef:f1:e5:0a:de:26:b0:00:7f:ca:8e:f8:9b:
7f:5c:4d:f9:99:95:31:71:cb:a1:a7:cb:74:48:67:
31:ce:e9:6f:a4:ff:55:23:b7:38:79:3c:50:2a:7d:
96:ab:b2:5a:a0:da:21:fd:d7:f1:0e:e3:e9:e4:96:
88:4a:59:88:fa:a2:ff:be:df:57:fd:94:6c:de:f3:
9f:e3:80:cf:17:b0:93:34:93:2f:e1:16:53:17:1d:
c1:c9:81:59:87:9d:81:4e:54:3f:3a:dc:e2:0f:e7:
c7:d0:75:5c:06:28:bf:22:de:91:0c:e6:ca:c3:65:
c5:36:12:c7:bf:16:57:6e:a8:12:f1:ba:95:ea:68:
4f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:FF:37:2E:44:3E:82:4C:E4:CF:C7:65:E1:C9:A5:11:BE:00:53:ED
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS215304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.98.0/24
46.203.203.0/24
92.113.106.0/23
92.113.112.0/23
92.113.124.0/23
92.113.136.0/23
92.113.142.0/23
95.135.83.0/24
95.135.109.0/24
Signature Algorithm: sha256WithRSAEncryption
69:65:36:88:c1:59:a8:21:08:87:53:d0:91:70:23:80:8a:ee:
fd:56:d8:92:07:a5:8c:32:0e:8f:25:e3:31:d5:b4:d6:82:4b:
6e:1c:e7:44:e4:dd:95:24:e0:a9:24:30:05:3f:9c:f9:27:e6:
15:53:8f:a3:90:59:24:da:d1:6e:a0:36:00:f5:68:79:b9:0a:
8b:33:1d:0e:a6:db:05:ea:d5:c9:de:e0:52:9d:a4:a0:f0:ee:
e8:90:40:96:e4:58:48:57:13:e7:1a:24:b7:f7:de:e1:d7:68:
5f:90:b2:ed:d0:62:bd:21:eb:9b:78:43:ce:1c:16:d4:e3:1d:
cf:6b:67:14:6c:b2:71:88:69:05:31:1f:e4:a1:7e:cd:5e:26:
2d:15:0e:89:a7:17:19:0b:20:c0:86:11:a2:f3:1c:44:1d:ec:
76:6d:92:a0:5e:9b:cf:04:0f:ab:28:a1:cc:63:8a:c0:0e:3d:
da:e4:ca:a1:88:a1:5b:04:9b:36:b5:57:07:f9:1d:03:1f:40:
a2:b7:71:29:aa:95:28:16:93:9e:8c:ab:e2:ca:e8:de:38:ec:
38:31:78:fa:d6:cd:d7:83:dd:e1:0e:8d:90:5f:69:10:7b:97:
d9:6e:6a:b8:c4:c3:d5:36:29:04:50:b7:91:24:28:98:65:d2:
66:84:0d:65
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIUbRR7YUHWJt9xBm0MyC/BGYSJAZcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MTUyMzE0MDlaFw0yNjA0MTQyMzE5MDlaMDMxMTAvBgNV
BAMTKEM5RkYzNzJFNDQzRTgyNENFNENGQzc2NUUxQzlBNTExQkUwMDUzRUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkRD/rJUKq10djuS7xtWsk4XcQ
9kSVufXqh3qTHIXaULB91KbtXsuIpEOaZknDfRUsVHNBzmutslxrk0TtELxWe3AF
6ANUo4q4kx234av/AEQaMaG+4mk2tQ4TfOjM/Pf6Cxu/d3otS8jJ9/FSeeQ5rmh1
b5CZGS747/HlCt4msAB/yo74m39cTfmZlTFxy6Gny3RIZzHO6W+k/1Ujtzh5PFAq
fZarslqg2iH91/EO4+nklohKWYj6ov++31f9lGze85/jgM8XsJM0ky/hFlMXHcHJ
gVmHnYFOVD863OIP58fQdVwGKL8i3pEM5srDZcU2Ese/FlduqBLxupXqaE9zAgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQUyf83LkQ+gkzkz8dl4cmlEb4AU+0wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE1MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALsti
AwQALsvLAwQBXHFqAwQBXHFwAwQBXHF8AwQBXHGIAwQBXHGOAwQAX4dTAwQAX4dt
MA0GCSqGSIb3DQEBCwUAA4IBAQBpZTaIwVmoIQiHU9CRcCOAiu79VtiSB6WMMg6P
JeMx1bTWgktuHOdE5N2VJOCpJDAFP5z5J+YVU4+jkFkk2tFuoDYA9Wh5uQqLMx0O
ptsF6tXJ3uBSnaSg8O7okECW5FhIVxPnGiS3997h12hfkLLt0GK9IeubeEPOHBbU
4x3Pa2cUbLJxiGkFMR/koX7NXiYtFQ6JpxcZCyDAhhGi8xxEHex2bZKgXpvPBA+r
KKHMY4rADj3a5MqhiKFbBJs2tVcH+R0DH0Cit3EpqpUoFpOejKviyujeOOw4MXj6
1s3Xg93hDo2QX2kQe5fZbmq4xMPVNikEULeRJCiYZdJmhA1l
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:30 2025 by rpki-client