Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215304.roa
File: AS215304.roa (raw, json)
Hash identifier: dB8/wp1XSQDB0UQTiyGk0PE1Oa0Zj3mQ0dKGFpSHrFU=
Subject key identifier: B3:F3:EB:E6:DF:3C:68:3D:86:B2:B2:BD:E1:15:94:1B:54:13:F1:4B
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 40AC0F39D0406723EA09844A38B08A415834703B
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215304.roa
Signing time: Tue 30 Sep 2025 00:05:44 +0000
ROA not before: Tue 30 Sep 2025 00:00:44 +0000
ROA not after: Tue 29 Sep 2026 00:05:44 +0000
asID: 215304
IP address blocks: 96.62.115.0/24 maxlen: 24
96.62.152.0/24 maxlen: 24
143.14.1.0/24 maxlen: 24
143.14.226.0/24 maxlen: 24
148.135.181.0/24 maxlen: 24
155.117.6.0/24 maxlen: 24
155.117.127.0/24 maxlen: 24
155.117.136.0/24 maxlen: 24
155.117.137.0/24 maxlen: 24
155.117.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:ac:0f:39:d0:40:67:23:ea:09:84:4a:38:b0:8a:41:58:34:70:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Sep 30 00:00:44 2025 GMT
Not After : Sep 29 00:05:44 2026 GMT
Subject: CN=B3F3EBE6DF3C683D86B2B2BDE115941B5413F14B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d5:97:b3:ec:af:51:11:1b:8a:e3:4b:4f:ca:
55:46:f3:e0:53:9d:12:96:44:7a:07:48:7e:67:5f:
a2:ec:9a:be:8d:7d:3a:31:f1:e9:61:78:3b:67:d6:
b3:ab:51:91:5f:5b:7f:b5:b9:f4:3c:7d:98:9b:f8:
33:be:d6:5c:32:93:cb:57:71:11:c9:d3:af:b0:6a:
0b:be:c1:17:8b:29:72:4d:73:ec:6d:fa:31:5f:32:
a2:a4:ee:bb:60:2f:ad:85:71:ad:10:51:77:14:74:
e6:c1:e2:56:e0:61:e1:0a:50:ca:99:4e:b6:68:c6:
62:37:e0:33:f7:90:1d:22:db:70:20:23:ce:20:a9:
6c:f1:a1:82:5f:7d:a9:b9:3d:10:7d:95:eb:43:41:
a8:31:78:ac:d2:c5:c6:b2:d1:1c:34:80:3b:86:98:
44:0b:48:c6:59:a3:54:1d:cd:c5:2f:95:41:95:df:
45:42:84:75:36:6c:e8:bd:a5:be:e7:30:dd:bb:3e:
29:26:07:db:b2:18:c7:00:2f:b2:ce:82:8b:fb:78:
65:1f:d3:b9:98:7c:36:79:fc:62:2b:aa:28:85:55:
d4:3e:62:f7:30:4b:59:de:32:99:c5:18:11:65:d3:
4f:46:3b:d2:99:52:da:18:b6:dc:41:0b:2b:41:dc:
9e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:F3:EB:E6:DF:3C:68:3D:86:B2:B2:BD:E1:15:94:1B:54:13:F1:4B
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.115.0/24
96.62.152.0/24
143.14.1.0/24
143.14.226.0/24
148.135.181.0/24
155.117.6.0/24
155.117.127.0/24
155.117.136.0/23
155.117.197.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:15:9d:42:1f:92:c6:b1:1c:70:b9:df:79:ae:9c:72:40:57:
32:fc:78:79:49:d3:5f:e4:2e:37:cf:6d:c9:42:fb:52:fa:78:
51:0a:e4:13:b7:4f:3e:49:d6:7e:00:a1:ba:25:1f:72:5f:c6:
4a:60:0f:01:f9:bb:cf:9a:47:32:77:4e:b5:6c:cc:ac:87:55:
14:93:ca:8f:09:dd:92:b0:ad:1e:21:74:af:ff:7e:bd:14:eb:
54:0f:bb:52:78:2e:e7:c1:f6:10:5d:16:69:a1:bc:91:90:e0:
0d:11:c1:49:80:68:df:11:43:13:fd:a2:bc:89:fb:6b:cd:97:
85:45:ad:9f:56:74:c2:1d:db:f8:24:23:0e:5b:b5:00:5d:f2:
0f:53:2f:05:fa:a8:92:11:ae:13:14:56:d4:e1:ab:07:fd:0e:
ef:8f:63:b7:71:e8:5e:c3:0d:be:47:d5:2a:8e:c4:39:bd:b2:
45:d8:f4:a1:c1:c9:e3:bf:fc:18:c6:ae:7f:04:74:f4:79:13:
42:ec:10:cf:92:cd:f4:7a:b0:58:a6:24:4a:12:97:9c:22:5b:
17:2d:34:1e:9b:03:c1:ef:93:d4:5f:d5:d1:ac:a9:0d:a8:63:
8d:63:02:b6:fe:57:19:c3:bc:d0:e5:1f:8f:27:12:8f:e9:94:
a4:7a:81:77
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIUQKwPOdBAZyPqCYRKOLCKQVg0cDswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA5MzAwMDAwNDRaFw0yNjA5MjkwMDA1NDRaMDMxMTAvBgNV
BAMTKEIzRjNFQkU2REYzQzY4M0Q4NkIyQjJCREUxMTU5NDFCNTQxM0YxNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN1Zez7K9RERuK40tPylVG8+BT
nRKWRHoHSH5nX6Lsmr6NfTox8elheDtn1rOrUZFfW3+1ufQ8fZib+DO+1lwyk8tX
cRHJ06+wagu+wReLKXJNc+xt+jFfMqKk7rtgL62Fca0QUXcUdObB4lbgYeEKUMqZ
TrZoxmI34DP3kB0i23AgI84gqWzxoYJffam5PRB9letDQagxeKzSxcay0Rw0gDuG
mEQLSMZZo1QdzcUvlUGV30VChHU2bOi9pb7nMN27PikmB9uyGMcAL7LOgov7eGUf
07mYfDZ5/GIrqiiFVdQ+YvcwS1neMpnFGBFl009GO9KZUtoYttxBCytB3J61AgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQUs/Pr5t88aD2GsrK94RWUG1QT8UswHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE1MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAYD5z
AwQAYD6YAwQAjw4BAwQAjw7iAwQAlIe1AwQAm3UGAwQAm3V/AwQBm3WIAwQAm3XF
MA0GCSqGSIb3DQEBCwUAA4IBAQCpFZ1CH5LGsRxwud95rpxyQFcy/Hh5SdNf5C43
z23JQvtS+nhRCuQTt08+SdZ+AKG6JR9yX8ZKYA8B+bvPmkcyd061bMysh1UUk8qP
Cd2SsK0eIXSv/369FOtUD7tSeC7nwfYQXRZpobyRkOANEcFJgGjfEUMT/aK8iftr
zZeFRa2fVnTCHdv4JCMOW7UAXfIPUy8F+qiSEa4TFFbU4asH/Q7vj2O3ceheww2+
R9UqjsQ5vbJF2PShwcnjv/wYxq5/BHT0eRNC7BDPks30erBYpiRKEpecIlsXLTQe
mwPB75PUX9XRrKkNqGONYwK2/lcZw7zQ5R+PJxKP6ZSkeoF3
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:07:35 2025 by rpki-client