Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215703.roa
File: AS215703.roa (raw, json)
Hash identifier: rw8H0oqvp9hZ3/sK3fvsT7T3mJ5ADAVy3CZhSf3MYiA=
Subject key identifier: B9:FF:2C:84:98:F4:A5:69:36:FC:17:AF:BA:24:34:17:9F:19:7A:7D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7692F578B46D97E2469D6236BE9BE7D20B6562DD
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215703.roa
Signing time: Wed 18 Jun 2025 14:19:43 +0000
ROA not before: Wed 18 Jun 2025 14:14:43 +0000
ROA not after: Wed 17 Jun 2026 14:19:43 +0000
asID: 215703
IP address blocks: 150.241.230.0/24 maxlen: 24
155.117.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:92:f5:78:b4:6d:97:e2:46:9d:62:36:be:9b:e7:d2:0b:65:62:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 18 14:14:43 2025 GMT
Not After : Jun 17 14:19:43 2026 GMT
Subject: CN=B9FF2C8498F4A56936FC17AFBA2434179F197A7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f3:9a:12:c4:80:e0:1e:28:4f:47:90:db:21:
0e:37:11:79:bc:57:a9:35:bc:0b:27:c8:62:84:02:
13:26:15:32:f2:b3:ef:2d:1c:d2:e8:b1:f0:75:45:
ff:d7:f6:a9:0e:44:24:42:78:95:4d:5c:4c:8f:46:
cb:91:39:dd:67:ff:02:4b:d7:92:34:75:21:29:a9:
8e:29:52:0b:be:a5:12:55:89:bf:5c:64:c0:e2:f4:
6d:57:71:40:67:e0:f7:bf:e7:34:6e:c9:f4:17:5b:
05:d7:b9:ac:f5:d4:0f:92:09:08:2b:ca:82:b9:a2:
58:b7:49:51:33:ed:2f:07:4c:f7:db:d7:0d:11:6d:
50:e0:7c:52:fe:eb:98:f6:05:0c:f5:97:11:bd:6c:
98:c6:8d:2d:43:28:75:f2:ec:be:58:56:67:49:c5:
80:90:e6:25:41:b5:ae:0a:40:c8:49:e6:30:2b:dd:
46:71:30:e5:42:bf:98:0f:d1:29:d9:e6:1e:7f:34:
22:b6:05:10:84:e0:68:04:bb:50:fc:49:4d:bd:be:
c2:c8:32:27:18:9d:c0:b7:1d:41:16:70:6f:53:79:
12:27:9b:50:c7:c5:b3:f9:f8:9c:fb:38:7a:f7:80:
c6:fd:c3:2a:aa:e9:7d:7a:58:c2:b5:d1:87:90:a5:
56:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:FF:2C:84:98:F4:A5:69:36:FC:17:AF:BA:24:34:17:9F:19:7A:7D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215703.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.241.230.0/24
155.117.117.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:9f:e6:d6:4c:f0:b8:c1:92:07:6a:de:bb:75:be:2f:a1:27:
3e:fb:a8:02:96:e7:7c:4d:fb:b9:19:d0:ed:bf:69:f4:1a:0b:
df:df:57:be:ce:02:10:7c:e1:6d:e1:19:09:66:60:e1:76:83:
e4:e8:ba:2e:fa:11:85:94:44:04:1f:49:a2:43:48:3c:4f:a7:
48:33:8f:b2:88:ba:ca:ad:aa:e5:58:cd:0b:d0:9c:78:57:e3:
eb:7a:21:05:45:5d:09:17:72:78:08:6f:f2:d3:f5:08:6e:b3:
23:39:15:ef:c1:14:49:19:86:d7:b9:3a:e5:b8:05:d6:2c:f0:
48:be:a2:a0:a3:62:aa:6e:a0:3e:0f:4f:2d:91:4d:84:fe:1a:
25:d6:08:7a:de:21:c4:21:7a:45:16:65:8c:e1:bd:d7:01:3a:
ed:db:45:8d:50:ad:22:67:ce:ee:7f:ec:d5:a3:a5:5c:2f:dd:
27:60:a7:d8:92:61:a7:93:32:5e:37:c9:70:3c:36:8a:fa:cd:
f5:2b:30:4d:3b:f4:10:17:80:e9:39:9e:ca:f0:ce:37:e0:c4:
d7:76:30:30:73:a0:cd:97:80:57:67:ed:4c:18:da:8f:ed:e7:
6a:02:d9:89:81:bd:97:a7:42:b8:fb:b4:1c:ff:a7:1d:a5:15:
10:07:07:00
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUdpL1eLRtl+JGnWI2vpvn0gtlYt0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MTgxNDE0NDNaFw0yNjA2MTcxNDE5NDNaMDMxMTAvBgNV
BAMTKEI5RkYyQzg0OThGNEE1NjkzNkZDMTdBRkJBMjQzNDE3OUYxOTdBN0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu85oSxIDgHihPR5DbIQ43EXm8
V6k1vAsnyGKEAhMmFTLys+8tHNLosfB1Rf/X9qkORCRCeJVNXEyPRsuROd1n/wJL
15I0dSEpqY4pUgu+pRJVib9cZMDi9G1XcUBn4Pe/5zRuyfQXWwXXuaz11A+SCQgr
yoK5oli3SVEz7S8HTPfb1w0RbVDgfFL+65j2BQz1lxG9bJjGjS1DKHXy7L5YVmdJ
xYCQ5iVBta4KQMhJ5jAr3UZxMOVCv5gP0SnZ5h5/NCK2BRCE4GgEu1D8SU29vsLI
MicYncC3HUEWcG9TeRInm1DHxbP5+Jz7OHr3gMb9wyqq6X16WMK10YeQpVZTAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUuf8shJj0pWk2/BevuiQ0F58Zen0wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE1NzAzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAlvHm
AwQAm3V1MA0GCSqGSIb3DQEBCwUAA4IBAQBtn+bWTPC4wZIHat67db4voSc++6gC
lud8Tfu5GdDtv2n0Ggvf31e+zgIQfOFt4RkJZmDhdoPk6Lou+hGFlEQEH0miQ0g8
T6dIM4+yiLrKrarlWM0L0Jx4V+PreiEFRV0JF3J4CG/y0/UIbrMjORXvwRRJGYbX
uTrluAXWLPBIvqKgo2KqbqA+D08tkU2E/hol1gh63iHEIXpFFmWM4b3XATrt20WN
UK0iZ87uf+zVo6VcL90nYKfYkmGnkzJeN8lwPDaK+s31KzBNO/QQF4DpOZ7K8M43
4MTXdjAwc6DNl4BXZ+1MGNqP7edqAtmJgb2Xp0K4+7Qc/6cdpRUQBwcA
-----END CERTIFICATE-----
Generated at Sun Jun 29 00:48:09 2025 by rpki-client