Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215304.roa
File: AS215304.roa (raw, json)
Hash identifier: XylXFFKKH55THECzjkMWq3dFinr1OqChnfqkO8NoroI=
Subject key identifier: 6B:A8:83:E3:23:16:A3:FE:14:E2:0F:07:64:DB:68:F3:D7:A7:6B:28
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 27552A099614BAC48A2EB0502A698D21B14EAFDC
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215304.roa
Signing time: Fri 08 Aug 2025 16:34:10 +0000
ROA not before: Fri 08 Aug 2025 16:29:10 +0000
ROA not after: Fri 07 Aug 2026 16:34:10 +0000
asID: 215304
IP address blocks: 96.62.115.0/24 maxlen: 24
96.62.152.0/24 maxlen: 24
143.14.1.0/24 maxlen: 24
143.14.226.0/24 maxlen: 24
148.135.181.0/24 maxlen: 24
155.117.127.0/24 maxlen: 24
155.117.136.0/24 maxlen: 24
155.117.137.0/24 maxlen: 24
155.117.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:55:2a:09:96:14:ba:c4:8a:2e:b0:50:2a:69:8d:21:b1:4e:af:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 8 16:29:10 2025 GMT
Not After : Aug 7 16:34:10 2026 GMT
Subject: CN=6BA883E32316A3FE14E20F0764DB68F3D7A76B28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:78:e4:a1:37:90:58:95:ff:fa:22:05:84:c4:
a7:08:4d:9d:a5:01:69:8b:22:4b:f8:55:b5:92:43:
ec:4c:76:be:e0:02:e2:e1:8d:87:2f:e9:e7:10:8c:
91:88:c8:63:c8:ea:e4:58:64:be:63:ef:91:b0:2e:
08:79:1c:1d:dc:ba:bb:f3:97:47:2e:c6:a7:42:a5:
ed:e9:65:25:15:5c:33:fd:32:6a:5b:1c:d0:d0:15:
a9:c8:1d:f3:1e:f4:d1:91:11:41:10:db:41:44:8d:
ea:c8:ce:57:8c:8e:fb:da:13:68:39:44:74:53:20:
34:fd:39:86:35:aa:c8:fd:f7:22:fe:2c:c2:08:09:
7d:98:8e:96:37:ce:53:be:64:38:a5:a2:0e:41:cb:
ed:e3:2f:e8:86:ac:bb:47:03:a2:59:f7:7e:88:f2:
90:c6:4e:7f:7c:42:b8:28:08:a7:33:4e:ee:91:9e:
6a:57:d2:7b:e7:7d:5e:31:8c:86:56:e7:2e:a9:c7:
b4:04:d3:6c:ad:9d:34:85:7c:4b:3d:de:05:6f:57:
32:40:3a:ec:63:65:c6:2d:e0:db:b1:74:fd:ae:af:
aa:54:9d:48:e3:e5:fc:5e:32:f0:14:73:11:d1:93:
6e:ab:66:0d:14:71:3e:67:f4:7b:ff:f0:24:67:83:
3d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:A8:83:E3:23:16:A3:FE:14:E2:0F:07:64:DB:68:F3:D7:A7:6B:28
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.115.0/24
96.62.152.0/24
143.14.1.0/24
143.14.226.0/24
148.135.181.0/24
155.117.127.0/24
155.117.136.0/23
155.117.201.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:6c:73:1a:3d:88:53:d6:cd:62:2f:49:88:8b:92:d0:32:6b:
07:cf:ea:5a:23:68:e0:15:d5:82:71:a9:c9:5a:fa:33:94:d0:
e9:6d:40:57:21:60:f7:e0:b0:18:aa:86:2b:75:5b:c7:33:48:
55:64:c6:ed:d0:2d:f6:42:39:42:22:b8:b6:b5:85:5c:e4:46:
40:98:e3:9a:f0:67:25:5b:ff:17:90:64:80:19:b5:4e:cb:87:
bf:a2:ef:5a:74:a5:5a:a6:67:e6:d0:ff:c3:ee:20:47:bf:bc:
74:f5:d2:8a:e2:50:df:63:f8:fa:4e:9a:f5:6e:8e:f1:45:50:
fa:1e:53:75:e5:31:8d:c8:f1:f0:dd:0c:48:bc:bd:e2:72:eb:
dc:f7:61:af:a3:0f:45:56:11:8e:23:36:8e:31:4a:7f:95:a9:
57:cf:f6:cd:6f:7c:26:56:22:be:29:37:e6:36:9e:e4:61:63:
c1:29:76:4c:c8:dc:d3:59:82:d9:e1:ad:a2:b3:1a:1b:94:5e:
86:ec:85:b4:3d:1e:0c:11:d6:1f:c3:52:92:d7:be:28:7a:e5:
37:8a:7d:a2:59:dd:19:74:aa:01:22:97:bb:70:d9:bc:16:b9:
19:35:c2:07:ac:9c:92:b7:06:d2:27:a0:fa:52:81:97:2e:22:
a3:74:4a:35
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUJ1UqCZYUusSKLrBQKmmNIbFOr9wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MDgxNjI5MTBaFw0yNjA4MDcxNjM0MTBaMDMxMTAvBgNV
BAMTKDZCQTg4M0UzMjMxNkEzRkUxNEUyMEYwNzY0REI2OEYzRDdBNzZCMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpeOShN5BYlf/6IgWExKcITZ2l
AWmLIkv4VbWSQ+xMdr7gAuLhjYcv6ecQjJGIyGPI6uRYZL5j75GwLgh5HB3curvz
l0cuxqdCpe3pZSUVXDP9MmpbHNDQFanIHfMe9NGREUEQ20FEjerIzleMjvvaE2g5
RHRTIDT9OYY1qsj99yL+LMIICX2YjpY3zlO+ZDilog5By+3jL+iGrLtHA6JZ936I
8pDGTn98QrgoCKczTu6RnmpX0nvnfV4xjIZW5y6px7QE02ytnTSFfEs93gVvVzJA
OuxjZcYt4NuxdP2ur6pUnUjj5fxeMvAUcxHRk26rZg0UcT5n9Hv/8CRngz3TAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUa6iD4yMWo/4U4g8HZNto89enaygwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE1MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAYD5z
AwQAYD6YAwQAjw4BAwQAjw7iAwQAlIe1AwQAm3V/AwQBm3WIAwQAm3XJMA0GCSqG
SIb3DQEBCwUAA4IBAQAObHMaPYhT1s1iL0mIi5LQMmsHz+paI2jgFdWCcanJWvoz
lNDpbUBXIWD34LAYqoYrdVvHM0hVZMbt0C32QjlCIri2tYVc5EZAmOOa8GclW/8X
kGSAGbVOy4e/ou9adKVapmfm0P/D7iBHv7x09dKK4lDfY/j6Tpr1bo7xRVD6HlN1
5TGNyPHw3QxIvL3icuvc92Gvow9FVhGOIzaOMUp/lalXz/bNb3wmViK+KTfmNp7k
YWPBKXZMyNzTWYLZ4a2isxoblF6G7IW0PR4MEdYfw1KS174oeuU3in2iWd0ZdKoB
Ipe7cNm8FrkZNcIHrJyStwbSJ6D6UoGXLiKjdEo1
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:40:57 2025 by rpki-client