Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS215645.roa
File: AS215645.roa (raw, json)
Hash identifier: WBhmHUkZQFdxyiou0xZlUtb+mvA87XsLoWZmGuBgf8w=
Subject key identifier: 0C:C7:BB:93:AE:0E:4B:56:02:A8:E9:2A:BA:B4:26:79:5A:8D:D9:1D
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 64836C789EEF4A19E049E2D1A2E3C4A6E0DAA6BF
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS215645.roa
Signing time: Fri 20 Jun 2025 14:27:27 +0000
ROA not before: Fri 20 Jun 2025 14:22:27 +0000
ROA not after: Fri 19 Jun 2026 14:27:27 +0000
asID: 215645
IP address blocks: 31.40.196.0/24 maxlen: 24
31.40.197.0/24 maxlen: 24
31.40.204.0/24 maxlen: 24
37.221.77.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
92.249.63.0/24 maxlen: 24
93.190.8.0/24 maxlen: 24
139.28.48.0/24 maxlen: 24
139.28.49.0/24 maxlen: 24
139.28.50.0/24 maxlen: 24
139.28.51.0/24 maxlen: 24
176.96.129.0/24 maxlen: 24
176.96.130.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:83:6c:78:9e:ef:4a:19:e0:49:e2:d1:a2:e3:c4:a6:e0:da:a6:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jun 20 14:22:27 2025 GMT
Not After : Jun 19 14:27:27 2026 GMT
Subject: CN=0CC7BB93AE0E4B5602A8E92ABAB426795A8DD91D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e4:cb:9d:b2:19:91:d3:1e:e6:61:0c:83:92:
4b:d1:c7:54:b4:cb:ed:26:ce:46:2d:bf:ae:fb:fb:
27:2b:56:45:84:00:98:f2:ea:1d:e8:b7:b5:1d:c8:
fd:55:8d:aa:b3:e0:34:5d:32:11:38:e9:36:24:6d:
f6:ac:b6:07:9d:5b:e4:75:bd:43:c2:e9:43:35:2d:
07:08:75:2e:a6:74:eb:2b:9d:39:9f:7f:e8:5b:e1:
d7:9c:69:fd:4a:1e:e1:a4:88:27:eb:89:f2:56:a7:
0d:a2:9c:1e:7c:2d:1d:92:b6:92:81:a7:40:04:58:
b6:2f:21:eb:de:8b:10:83:da:ab:31:4b:f5:cc:5c:
e0:01:46:60:a5:de:51:2f:fc:a9:88:71:8d:23:07:
39:50:60:7a:9f:61:f0:31:99:1a:40:1a:eb:16:a5:
c5:82:95:8f:06:a1:88:14:77:d7:10:5b:b3:66:ca:
77:5d:07:53:ac:9f:f7:23:f3:4b:4b:96:fa:04:80:
a6:f5:8c:49:ca:f3:9c:c8:7d:b6:94:35:62:2c:6d:
68:11:19:5d:81:7b:20:11:09:d0:cd:de:a7:a1:9c:
49:ab:7a:0e:bd:76:1a:ae:34:0b:8e:ca:da:fe:5e:
98:8f:6c:3a:10:26:a0:34:31:30:4a:39:75:e6:a6:
88:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:C7:BB:93:AE:0E:4B:56:02:A8:E9:2A:BA:B4:26:79:5A:8D:D9:1D
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS215645.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.196.0/23
31.40.204.0/24
37.221.77.0/24
85.235.73.0-85.235.74.255
92.249.63.0/24
93.190.8.0/24
139.28.48.0/22
176.96.129.0-176.96.130.255
217.18.208.0/24
Signature Algorithm: sha256WithRSAEncryption
32:70:4c:6d:c5:e9:cc:63:a0:8d:80:0b:bd:7d:cb:2b:9c:2a:
79:12:c8:12:09:d7:4b:2b:a1:52:12:63:70:86:d6:dd:d8:a4:
67:d5:93:5f:34:1d:ac:4a:e0:63:10:24:81:9f:bf:89:3a:18:
c1:80:fa:c1:0d:ff:34:5f:3a:7e:ae:69:22:13:16:e0:75:63:
a4:7c:d7:f4:ab:4e:57:17:34:e8:12:ad:fd:00:24:aa:f0:54:
8b:0a:a9:67:15:11:a9:a9:d8:5e:fc:a4:ea:7c:9c:f4:fa:d3:
a7:87:d2:81:50:ae:ea:b4:74:2b:69:1c:90:c2:6a:cf:d6:7a:
85:07:2d:1f:cf:f3:85:e0:11:26:d9:76:54:58:67:d0:95:06:
25:e3:74:78:5e:07:b0:f7:4c:5e:f4:ca:9e:80:96:83:c6:b1:
76:0a:de:8b:de:06:7a:22:77:cf:71:09:69:e9:f5:91:5b:89:
48:d1:72:e9:15:5c:8e:a5:26:c1:39:4e:ff:9a:d6:94:90:45:
8b:15:ad:df:b4:10:33:c2:ef:aa:d5:63:40:11:6d:96:66:4a:
00:e9:25:a5:6b:53:ce:24:59:25:7e:c4:37:17:3d:d7:8b:44:
04:f2:9f:b2:89:53:72:bb:97:2e:02:b6:41:ba:20:e3:8f:03:
55:0a:e7:2d
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUZINseJ7vShngSeLRouPEpuDapr8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA2MjAxNDIyMjdaFw0yNjA2MTkxNDI3MjdaMDMxMTAvBgNV
BAMTKDBDQzdCQjkzQUUwRTRCNTYwMkE4RTkyQUJBQjQyNjc5NUE4REQ5MUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC05MudshmR0x7mYQyDkkvRx1S0
y+0mzkYtv677+ycrVkWEAJjy6h3ot7UdyP1Vjaqz4DRdMhE46TYkbfastgedW+R1
vUPC6UM1LQcIdS6mdOsrnTmff+hb4decaf1KHuGkiCfrifJWpw2inB58LR2StpKB
p0AEWLYvIeveixCD2qsxS/XMXOABRmCl3lEv/KmIcY0jBzlQYHqfYfAxmRpAGusW
pcWClY8GoYgUd9cQW7NmynddB1Osn/cj80tLlvoEgKb1jEnK85zIfbaUNWIsbWgR
GV2BeyARCdDN3qehnEmreg69dhquNAuOytr+XpiPbDoQJqA0MTBKOXXmpogLAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUDMe7k64OS1YCqOkqurQmeVqN2R0wHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjE1NjQ1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQBHyjE
AwQAHyjMAwQAJd1NMAwDBABV60kDBABV60oDBABc+T8DBABdvggDBAKLHDAwDAME
ALBggQMEALBgggMEANkS0DANBgkqhkiG9w0BAQsFAAOCAQEAMnBMbcXpzGOgjYAL
vX3LK5wqeRLIEgnXSyuhUhJjcIbW3dikZ9WTXzQdrErgYxAkgZ+/iToYwYD6wQ3/
NF86fq5pIhMW4HVjpHzX9KtOVxc06BKt/QAkqvBUiwqpZxURqanYXvyk6nyc9PrT
p4fSgVCu6rR0K2kckMJqz9Z6hQctH8/zheARJtl2VFhn0JUGJeN0eF4HsPdMXvTK
noCWg8axdgrei94GeiJ3z3EJaen1kVuJSNFy6RVcjqUmwTlO/5rWlJBFixWt37QQ
M8LvqtVjQBFtlmZKAOklpWtTziRZJX7ENxc914tEBPKfsolTcruXLgK2Qbog448D
VQrnLQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:12:55 2025 by rpki-client