Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/AS215478.roa
File:                     AS215478.roa (raw, json)
Hash identifier:          cc2noibC0DVKecODPrfVz0y58Z4cgs2+5Ilig5EuATs=
Subject key identifier:   8C:26:0C:40:04:43:A8:BE:9B:8C:AE:D2:FC:C9:DB:8C:64:D3:66:84
Certificate issuer:       /CN=CCD5D3BE49456F7D48B7321029C886F318C23B36
Certificate serial:       39B287EB0728912896F006FF0D681B6991CB4BBB
Authority key identifier: CC:D5:D3:BE:49:45:6F:7D:48:B7:32:10:29:C8:86:F3:18:C2:3B:36
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/AS215478.roa
Signing time:             Mon 30 Jun 2025 14:59:39 +0000
ROA not before:           Mon 30 Jun 2025 14:54:39 +0000
ROA not after:            Mon 29 Jun 2026 14:59:39 +0000
asID:                     215478
IP address blocks:        2a05:dfc3:fb00::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/CCD5D3BE49456F7D48B7321029C886F318C23B36.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/CCD5D3BE49456F7D48B7321029C886F318C23B36.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 02 Jul 2025 03:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:b2:87:eb:07:28:91:28:96:f0:06:ff:0d:68:1b:69:91:cb:4b:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CCD5D3BE49456F7D48B7321029C886F318C23B36
        Validity
            Not Before: Jun 30 14:54:39 2025 GMT
            Not After : Jun 29 14:59:39 2026 GMT
        Subject: CN=8C260C400443A8BE9B8CAED2FCC9DB8C64D36684
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:29:0f:b2:86:38:c3:ca:42:ca:f3:69:b7:73:
                    e7:eb:5f:d8:b9:8e:21:13:2a:f7:05:4f:cb:b1:74:
                    21:f3:f2:94:63:9b:fd:50:54:88:3a:99:19:29:68:
                    7c:24:be:7d:f0:94:ab:f6:85:0b:c3:c1:af:1a:e7:
                    05:4e:44:21:27:3e:3f:cf:97:31:ae:43:c7:ad:50:
                    3d:8b:98:48:42:d1:d8:c4:a9:e1:dc:3f:fd:f5:0b:
                    e4:fb:1c:24:60:34:7e:37:3c:ba:f5:6e:43:20:50:
                    6a:b6:83:96:85:d5:a3:c2:f5:d5:6b:a9:62:9a:fd:
                    79:48:bd:61:3b:b1:a5:28:b0:e5:0d:92:6e:1a:81:
                    00:91:15:12:ef:3c:22:dc:a7:aa:84:8f:23:47:fa:
                    fb:3a:2e:83:b5:aa:6c:c8:39:c5:56:11:23:64:b5:
                    15:b6:89:e3:f3:27:0a:40:70:dc:ff:4d:c7:7e:b0:
                    5f:d1:37:56:e0:79:ef:90:b4:b4:d4:a5:e4:4d:9c:
                    4e:69:43:19:a8:06:a7:89:fe:04:ae:ae:b2:26:61:
                    14:b0:42:88:9a:5c:5c:35:68:97:38:c9:7b:8c:82:
                    52:9e:91:27:6c:2e:17:b8:31:fd:4d:1c:43:bd:17:
                    ae:5a:8c:97:67:6d:98:b2:c7:d7:4e:46:a6:76:e3:
                    10:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:26:0C:40:04:43:A8:BE:9B:8C:AE:D2:FC:C9:DB:8C:64:D3:66:84
            X509v3 Authority Key Identifier:
                keyid:CC:D5:D3:BE:49:45:6F:7D:48:B7:32:10:29:C8:86:F3:18:C2:3B:36

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/CCD5D3BE49456F7D48B7321029C886F318C23B36.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/AS215478.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc3:fb00::/40

    Signature Algorithm: sha256WithRSAEncryption
         60:a2:45:a6:8a:14:d0:bc:e9:05:a5:29:33:70:87:40:d5:72:
         9a:e9:8b:8a:ca:ad:49:ef:c8:28:4a:35:f2:f1:25:08:d4:a4:
         57:57:21:13:53:ab:bb:35:6e:a5:83:93:03:96:9d:c4:07:c7:
         15:2a:8d:26:02:0e:b4:47:1d:6c:03:15:23:b1:bb:5c:29:58:
         c2:5a:8f:ae:3c:7c:d0:17:fd:58:68:31:f1:95:64:5a:fd:26:
         81:d7:31:b8:3c:8f:43:c2:dd:81:d2:1e:dc:ad:e5:16:36:16:
         8c:ad:36:bc:63:48:63:6f:e1:7c:59:de:70:3d:ac:f3:6a:d0:
         03:41:98:21:0a:fc:00:bb:07:f9:e6:11:2b:35:f7:b8:4c:56:
         e2:ff:e2:41:20:d6:13:ae:ed:6c:f1:6e:76:64:8d:68:72:34:
         0b:05:2d:73:8d:6f:db:99:ef:a5:b8:ea:8d:5b:76:14:b1:36:
         09:b0:0f:3b:7c:0d:31:12:45:79:77:9d:5e:d6:ae:a9:ea:e2:
         93:ef:f1:ba:18:b5:79:2a:47:7e:05:2e:a2:88:26:0a:e6:c5:
         1a:0e:59:ac:e1:5f:b2:9b:22:4d:dc:58:42:c6:54:32:5b:4c:
         bf:d3:74:7a:f8:76:28:1a:82:fd:59:85:17:37:3e:55:45:1e:
         9c:95:ed:62
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUObKH6wcokSiW8Ab/DWgbaZHLS7swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMx
OEMyM0IzNjAeFw0yNTA2MzAxNDU0MzlaFw0yNjA2MjkxNDU5MzlaMDMxMTAvBgNV
BAMTKDhDMjYwQzQwMDQ0M0E4QkU5QjhDQUVEMkZDQzlEQjhDNjREMzY2ODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQKQ+yhjjDykLK82m3c+frX9i5
jiETKvcFT8uxdCHz8pRjm/1QVIg6mRkpaHwkvn3wlKv2hQvDwa8a5wVORCEnPj/P
lzGuQ8etUD2LmEhC0djEqeHcP/31C+T7HCRgNH43PLr1bkMgUGq2g5aF1aPC9dVr
qWKa/XlIvWE7saUosOUNkm4agQCRFRLvPCLcp6qEjyNH+vs6LoO1qmzIOcVWESNk
tRW2iePzJwpAcNz/Tcd+sF/RN1bgee+QtLTUpeRNnE5pQxmoBqeJ/gSurrImYRSw
QoiaXFw1aJc4yXuMglKekSdsLhe4Mf1NHEO9F65ajJdnbZiyx9dORqZ24xDhAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUjCYMQARDqL6bjK7S/MnbjGTTZoQwHwYDVR0j
BBgwFoAUzNXTvklFb31ItzIQKciG8xjCOzYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjc5NDg3MzgtMzI1NS00OWY5LTliNmMtOWM5ZjM4OTg5
OTVkLzMvQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMxOEMyM0IzNi5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMxOEMy
M0IzNi5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2Y3OTQ4NzM4LTMyNTUt
NDlmOS05YjZjLTljOWYzODk4OTk1ZC8zL0FTMjE1NDc4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXf
w/swDQYJKoZIhvcNAQELBQADggEBAGCiRaaKFNC86QWlKTNwh0DVcprpi4rKrUnv
yChKNfLxJQjUpFdXIRNTq7s1bqWDkwOWncQHxxUqjSYCDrRHHWwDFSOxu1wpWMJa
j648fNAX/VhoMfGVZFr9JoHXMbg8j0PC3YHSHtyt5RY2FoytNrxjSGNv4XxZ3nA9
rPNq0ANBmCEK/AC7B/nmESs197hMVuL/4kEg1hOu7WzxbnZkjWhyNAsFLXONb9uZ
76W46o1bdhSxNgmwDzt8DTESRXl3nV7Wrqnq4pPv8boYtXkqR34FLqKIJgrmxRoO
WazhX7KbIk3cWELGVDJbTL/TdHr4digagv1ZhRc3PlVFHpyV7WI=
-----END CERTIFICATE-----
Generated at Tue Jul 1 11:35:30 2025 by rpki-client