Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS215645.roa
File: AS215645.roa (raw, json)
Hash identifier: P78azAYcMrPXwJRgZI771AvBXC+FInraNszlKQKYWEM=
Subject key identifier: 50:1E:16:32:65:53:AF:C0:95:B4:DA:7A:E1:DD:11:37:B7:88:AA:C0
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 768A4C2B1212AF628E9A79E5498D5A5671F756CC
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS215645.roa
Signing time: Thu 21 Aug 2025 12:59:00 +0000
ROA not before: Thu 21 Aug 2025 12:54:00 +0000
ROA not after: Thu 20 Aug 2026 12:59:00 +0000
asID: 215645
IP address blocks: 31.40.197.0/24 maxlen: 24
37.221.77.0/24 maxlen: 24
37.221.79.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
92.249.63.0/24 maxlen: 24
93.190.8.0/24 maxlen: 24
176.96.129.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 01:33:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:8a:4c:2b:12:12:af:62:8e:9a:79:e5:49:8d:5a:56:71:f7:56:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Aug 21 12:54:00 2025 GMT
Not After : Aug 20 12:59:00 2026 GMT
Subject: CN=501E16326553AFC095B4DA7AE1DD1137B788AAC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:76:bd:8c:38:b7:10:8e:0c:e0:22:c1:4e:0b:
a9:c8:0a:54:62:0c:3c:32:e4:0c:b7:be:5f:a4:03:
cb:8a:12:df:a8:ed:44:15:7d:bb:ef:31:65:2e:b2:
e5:0c:8c:ef:98:6c:c4:12:83:87:ce:fe:6e:0e:3d:
94:eb:08:8d:3b:ce:d2:fd:3d:de:06:4a:60:71:e4:
39:c3:57:c2:c0:08:c2:7f:2d:fb:f3:2b:eb:5b:22:
e3:47:c1:96:c5:78:42:4c:e5:15:60:ab:df:ed:af:
4c:09:9d:63:23:d7:c7:74:43:0d:b5:35:b9:08:0a:
2c:68:5d:2e:e4:4a:55:00:f6:2f:6c:be:62:ec:62:
01:64:2c:08:81:83:64:15:52:fd:e0:01:a9:4c:d8:
c0:a3:0b:ac:78:ec:2a:85:7d:ed:db:e6:58:67:40:
26:41:86:84:9a:92:08:33:f5:c7:81:52:92:ed:32:
79:0d:df:97:bb:1a:81:30:e9:9a:a8:47:9d:9d:7c:
92:ac:1d:bb:7e:19:d0:04:c2:9d:d0:08:82:42:13:
57:4c:8d:5b:f7:6c:a0:98:59:62:3b:9e:00:12:ef:
1c:cb:0a:ef:0f:97:cd:5e:3a:d6:f8:4e:c1:c1:42:
6b:4c:9f:df:e5:eb:58:92:76:53:c9:8b:a1:0a:7e:
47:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:1E:16:32:65:53:AF:C0:95:B4:DA:7A:E1:DD:11:37:B7:88:AA:C0
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS215645.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.197.0/24
37.221.77.0/24
37.221.79.0/24
85.235.74.0/24
92.249.63.0/24
93.190.8.0/24
176.96.129.0/24
217.18.208.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:00:4f:49:5f:97:bb:9f:8a:03:23:2b:98:b0:d4:d8:3a:9f:
d3:6b:f3:2d:9c:fc:d5:20:68:ac:82:30:5d:3e:51:64:b1:9a:
d6:d1:c1:7f:5a:8b:ad:3a:66:2a:31:86:fa:b5:76:64:0b:7d:
c4:21:b6:ef:95:91:f5:ea:5c:01:5d:be:7e:83:9c:39:f4:f8:
a7:ad:68:82:ed:1b:3c:91:ca:25:ca:2e:d1:d4:25:15:0f:ab:
92:08:5f:82:f2:6c:08:77:69:fb:01:9e:a0:f9:16:4d:b3:3f:
75:01:a7:7b:3d:43:94:f2:ee:dd:e0:b1:1b:24:72:87:00:92:
d7:ad:9f:a2:ae:6c:eb:3c:14:54:0f:3f:92:29:47:f9:3b:cd:
70:ff:ef:f1:f2:7a:c4:ee:88:3f:89:28:f1:c9:9d:82:a2:36:
67:c3:d6:11:df:db:bf:c8:11:48:b0:92:9f:79:4f:12:94:74:
8d:4d:27:c1:c1:a7:10:5d:14:f6:6c:ab:00:02:51:e6:a5:04:
74:be:da:6c:79:25:be:89:d1:3b:80:cf:b0:c3:33:0d:2d:95:
8b:03:f8:44:cb:e6:b3:e3:ab:26:ec:7b:09:aa:c4:18:8e:00:
3f:17:3f:78:2e:da:d7:f7:9e:40:1c:6a:e7:39:c8:f9:f5:4e:
4b:87:57:99
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUdopMKxISr2KOmnnlSY1aVnH3VswwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA4MjExMjU0MDBaFw0yNjA4MjAxMjU5MDBaMDMxMTAvBgNV
BAMTKDUwMUUxNjMyNjU1M0FGQzA5NUI0REE3QUUxREQxMTM3Qjc4OEFBQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVdr2MOLcQjgzgIsFOC6nIClRi
DDwy5Ay3vl+kA8uKEt+o7UQVfbvvMWUusuUMjO+YbMQSg4fO/m4OPZTrCI07ztL9
Pd4GSmBx5DnDV8LACMJ/LfvzK+tbIuNHwZbFeEJM5RVgq9/tr0wJnWMj18d0Qw21
NbkICixoXS7kSlUA9i9svmLsYgFkLAiBg2QVUv3gAalM2MCjC6x47CqFfe3b5lhn
QCZBhoSakggz9ceBUpLtMnkN35e7GoEw6ZqoR52dfJKsHbt+GdAEwp3QCIJCE1dM
jVv3bKCYWWI7ngAS7xzLCu8Pl81eOtb4TsHBQmtMn9/l61iSdlPJi6EKfketAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUUB4WMmVTr8CVtNp64d0RN7eIqsAwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjE1NjQ1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAHyjF
AwQAJd1NAwQAJd1PAwQAVetKAwQAXPk/AwQAXb4IAwQAsGCBAwQA2RLQMA0GCSqG
SIb3DQEBCwUAA4IBAQCfAE9JX5e7n4oDIyuYsNTYOp/Ta/MtnPzVIGisgjBdPlFk
sZrW0cF/WoutOmYqMYb6tXZkC33EIbbvlZH16lwBXb5+g5w59PinrWiC7Rs8kcol
yi7R1CUVD6uSCF+C8mwId2n7AZ6g+RZNsz91Aad7PUOU8u7d4LEbJHKHAJLXrZ+i
rmzrPBRUDz+SKUf5O81w/+/x8nrE7og/iSjxyZ2CojZnw9YR39u/yBFIsJKfeU8S
lHSNTSfBwacQXRT2bKsAAlHmpQR0vtpseSW+idE7gM+wwzMNLZWLA/hEy+az46sm
7HsJqsQYjgA/Fz94LtrX955AHGrnOcj59U5Lh1eZ
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:48:00 2025 by rpki-client