Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215304.roa
File: AS215304.roa (raw, json)
Hash identifier: inVtaADbV4X4EixQ0+A2ct/lci85RdM6IWw0EvZwkP4=
Subject key identifier: 81:41:5E:0E:57:C0:29:03:33:6D:08:EC:27:B0:FE:E9:1B:89:EB:C9
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 1CFE9B148E91964171D098F7199D3ED25A23D553
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215304.roa
Signing time: Mon 05 May 2025 17:08:32 +0000
ROA not before: Mon 05 May 2025 17:03:32 +0000
ROA not after: Mon 04 May 2026 17:08:32 +0000
asID: 215304
IP address blocks: 96.62.100.0/24 maxlen: 24
96.62.101.0/24 maxlen: 24
96.62.114.0/24 maxlen: 24
96.62.115.0/24 maxlen: 24
148.135.154.0/24 maxlen: 24
148.135.181.0/24 maxlen: 24
148.135.190.0/24 maxlen: 24
148.135.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 16:09:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:fe:9b:14:8e:91:96:41:71:d0:98:f7:19:9d:3e:d2:5a:23:d5:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 5 17:03:32 2025 GMT
Not After : May 4 17:08:32 2026 GMT
Subject: CN=81415E0E57C02903336D08EC27B0FEE91B89EBC9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:24:46:29:b7:c2:48:3a:96:35:fc:4a:1a:ae:
2a:33:7f:4b:d3:85:e0:7d:9b:bc:59:c5:5e:5f:d7:
4d:49:b8:5e:82:74:b4:c9:ba:a0:4e:fb:10:7d:00:
38:5b:79:bd:03:eb:28:9b:2e:9a:ae:99:78:a5:cf:
9d:1c:49:4e:fa:4e:87:5f:23:bd:58:f5:9d:de:8f:
d1:e7:3a:6f:54:f9:da:2f:04:fa:bb:44:ea:2f:2b:
aa:ef:d9:f9:ba:99:57:53:be:8f:d8:a5:9b:46:fb:
10:4a:82:a1:d0:ab:00:c0:0f:03:4c:98:26:19:45:
f1:18:80:f2:b9:b2:91:b0:5d:e7:68:71:7c:b0:32:
ca:f1:f9:0c:c9:86:77:f4:a6:34:4d:dc:40:77:35:
eb:c1:24:5a:89:72:02:4a:bc:ef:d6:e9:3e:d9:ea:
f4:4a:b6:f5:0b:05:1d:4f:3c:85:15:6d:b6:e0:b8:
9d:61:05:9c:ba:bd:39:cd:89:85:95:d0:df:d6:b9:
6a:ec:cb:d9:a1:eb:ad:c2:70:d6:b3:cc:d1:57:17:
41:37:67:94:7c:2e:b6:99:1a:b6:57:e2:15:e8:b4:
06:db:98:25:f9:70:4c:37:7c:b4:51:20:e7:fb:8a:
3b:af:8b:0e:ba:55:6f:16:1f:1d:2f:e0:ac:e0:16:
c4:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:41:5E:0E:57:C0:29:03:33:6D:08:EC:27:B0:FE:E9:1B:89:EB:C9
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.100.0/23
96.62.114.0/23
148.135.154.0/24
148.135.181.0/24
148.135.190.0/24
148.135.255.0/24
Signature Algorithm: sha256WithRSAEncryption
35:c3:38:79:38:0c:85:dd:bb:ac:a7:d1:dd:41:e2:af:e8:be:
0c:42:ce:64:61:00:27:5c:50:15:2d:8a:8c:1b:61:ac:9c:54:
47:51:9c:f2:fe:3a:e1:e0:d9:5d:f9:cd:8b:e9:7c:75:b8:d9:
22:1e:07:8f:d6:22:01:17:a7:47:80:d1:d0:d1:87:d8:12:d8:
76:e6:17:5e:21:63:76:fa:06:15:9b:06:9d:76:00:63:36:c5:
f1:34:15:b7:28:2a:6a:20:1e:db:4d:bb:c3:83:69:dc:90:45:
af:b8:82:cf:d0:eb:51:aa:f0:00:ff:13:77:57:a0:41:ee:57:
22:f3:83:b1:47:94:35:09:0f:5d:cb:f4:1f:5c:b4:79:d2:cc:
7a:dc:58:90:4b:25:2d:e8:ad:1f:6c:3b:5f:49:de:06:5b:78:
8e:73:05:7a:74:27:72:75:08:7d:2f:f0:20:b0:f3:8d:5b:73:
1b:ce:69:e4:60:89:25:c4:92:10:a1:77:28:c2:f5:be:33:e0:
1e:ca:04:e0:db:ae:18:29:c3:14:63:a2:52:d0:2a:7b:f4:82:
bc:35:b8:09:01:4e:1a:5c:26:d4:57:cc:b2:63:f1:26:ba:83:
7b:ea:94:b0:8e:9c:4e:20:d2:7b:f9:2e:46:8c:0e:e7:6e:4b:
9f:b5:e9:43
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUHP6bFI6RlkFx0Jj3GZ0+0loj1VMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MDUxNzAzMzJaFw0yNjA1MDQxNzA4MzJaMDMxMTAvBgNV
BAMTKDgxNDE1RTBFNTdDMDI5MDMzMzZEMDhFQzI3QjBGRUU5MUI4OUVCQzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeJEYpt8JIOpY1/Eoariozf0vT
heB9m7xZxV5f101JuF6CdLTJuqBO+xB9ADhbeb0D6yibLpqumXilz50cSU76Todf
I71Y9Z3ej9HnOm9U+dovBPq7ROovK6rv2fm6mVdTvo/YpZtG+xBKgqHQqwDADwNM
mCYZRfEYgPK5spGwXedocXywMsrx+QzJhnf0pjRN3EB3NevBJFqJcgJKvO/W6T7Z
6vRKtvULBR1PPIUVbbbguJ1hBZy6vTnNiYWV0N/WuWrsy9mh663CcNazzNFXF0E3
Z5R8LraZGrZX4hXotAbbmCX5cEw3fLRRIOf7ijuviw66VW8WHx0v4KzgFsS1AgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQUgUFeDlfAKQMzbQjsJ7D+6RuJ68kwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE1MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBYD5k
AwQBYD5yAwQAlIeaAwQAlIe1AwQAlIe+AwQAlIf/MA0GCSqGSIb3DQEBCwUAA4IB
AQA1wzh5OAyF3busp9HdQeKv6L4MQs5kYQAnXFAVLYqMG2GsnFRHUZzy/jrh4Nld
+c2L6Xx1uNkiHgeP1iIBF6dHgNHQ0YfYEth25hdeIWN2+gYVmwaddgBjNsXxNBW3
KCpqIB7bTbvDg2nckEWvuILP0OtRqvAA/xN3V6BB7lci84OxR5Q1CQ9dy/QfXLR5
0sx63FiQSyUt6K0fbDtfSd4GW3iOcwV6dCdydQh9L/AgsPONW3MbzmnkYIklxJIQ
oXcowvW+M+AeygTg264YKcMUY6JS0Cp79IK8NbgJAU4aXCbUV8yyY/EmuoN76pSw
jpxOINJ7+S5GjA7nbkuftelD
-----END CERTIFICATE-----
Generated at Sat May 10 08:19:32 2025 by rpki-client