Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS211895.roa
File: AS211895.roa (raw, json)
Hash identifier: XXmFaRK9mkJlpYX2o7IdwOIbjCHBILGe/BFfdTN1FPM=
Subject key identifier: A7:A6:F6:3E:CE:49:F3:95:9A:E0:6F:4B:50:3F:E5:1B:13:4F:34:E7
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 10B568CB5EE1DB780F01607171B0BBE4B11BC2F7
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS211895.roa
Signing time: Thu 30 Nov 2023 13:05:07 +0000
ROA not before: Thu 30 Nov 2023 13:00:07 +0000
ROA not after: Thu 28 Nov 2024 13:05:07 +0000
asID: 211895
IP address blocks: 91.198.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:b5:68:cb:5e:e1:db:78:0f:01:60:71:71:b0:bb:e4:b1:1b:c2:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Nov 30 13:00:07 2023 GMT
Not After : Nov 28 13:05:07 2024 GMT
Subject: CN=A7A6F63ECE49F3959AE06F4B503FE51B134F34E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:54:18:31:6f:7f:e9:1c:0f:48:dc:e7:27:a3:
a7:50:a1:2e:b0:e8:39:39:ed:31:8c:75:cb:e0:4f:
e1:32:6f:85:01:e7:75:93:7d:25:dd:03:89:b8:3d:
40:6e:eb:df:d6:be:24:2d:d4:31:19:5c:bd:eb:e5:
8c:6b:b8:2a:21:ae:5f:90:29:d2:c8:fe:2c:5b:d5:
51:40:cf:d4:e0:b8:c8:d4:82:a2:36:a9:2c:5d:58:
7f:e1:67:28:c0:4c:d4:3f:ac:67:45:49:e1:0f:0a:
90:e7:47:8b:5e:0b:9a:ab:21:b9:de:ad:25:25:c1:
aa:9c:f6:60:69:bc:25:0a:fb:20:00:9f:70:36:dd:
71:60:25:a4:3a:03:f5:cc:5f:01:ee:38:d0:0b:87:
ee:1a:77:25:8d:4c:a9:29:60:7e:f6:f0:1f:0d:a8:
b3:71:d7:2a:7d:92:56:24:4c:a3:09:61:eb:5b:e4:
5d:6c:09:0e:eb:b0:a3:cf:ef:b8:b5:8d:1b:42:a8:
56:1a:54:a1:61:e4:f8:88:ad:d5:c8:8d:91:61:44:
4d:3c:84:04:a0:fe:a6:f8:c4:c1:e1:23:a8:63:cb:
5d:df:07:6e:31:f0:e1:ea:7f:63:f1:7c:dc:e4:f9:
8c:0e:03:02:33:00:83:98:bf:ae:44:39:d3:4c:f2:
eb:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:A6:F6:3E:CE:49:F3:95:9A:E0:6F:4B:50:3F:E5:1B:13:4F:34:E7
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS211895.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.77.0/24
Signature Algorithm: sha256WithRSAEncryption
98:c9:fb:40:b7:f7:47:6e:c5:9d:e2:49:9f:dc:36:39:64:11:
6d:c3:2e:7f:8d:9a:59:a1:78:fa:76:58:5e:ac:bd:5e:66:61:
77:c6:a1:fd:78:f8:46:cc:ff:a3:2b:3b:b4:99:4d:d3:24:21:
ac:dd:68:a1:3c:e1:1e:9e:32:10:cc:c3:99:35:19:4e:22:01:
18:3f:90:7b:aa:1e:31:9f:92:c2:04:d2:04:d3:79:38:fd:4f:
c2:1f:58:46:07:6a:e8:af:c4:27:e2:cf:eb:68:de:07:f9:50:
7c:ae:6a:29:09:b0:72:37:97:f6:31:d7:da:1d:ae:79:b1:b7:
55:68:53:07:30:42:ac:d6:e8:84:44:1b:0c:e0:29:5c:72:b1:
00:f6:5a:f8:59:1f:71:f6:16:e8:34:36:cd:2b:86:c5:47:a1:
2c:d5:18:22:86:3f:fe:19:53:aa:e2:a0:47:bf:2b:7a:dd:8e:
85:70:b1:ed:18:4a:f2:e3:5c:e8:ab:ee:e4:a4:1c:18:3a:47:
28:be:0c:08:39:d6:b8:53:ee:04:93:cb:16:f1:9e:01:37:f1:
3c:6c:ff:91:6d:4e:b8:98:ab:8b:89:db:0e:9c:ae:65:62:39:
30:59:9a:a4:10:cd:52:57:ee:aa:66:96:8e:81:11:95:55:f0:
7a:9e:75:36
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUELVoy17h23gPAWBxcbC75LEbwvcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yMzExMzAxMzAwMDdaFw0yNDExMjgxMzA1MDdaMDMxMTAvBgNV
BAMTKEE3QTZGNjNFQ0U0OUYzOTU5QUUwNkY0QjUwM0ZFNTFCMTM0RjM0RTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTVBgxb3/pHA9I3Ocno6dQoS6w
6Dk57TGMdcvgT+Eyb4UB53WTfSXdA4m4PUBu69/WviQt1DEZXL3r5YxruCohrl+Q
KdLI/ixb1VFAz9TguMjUgqI2qSxdWH/hZyjATNQ/rGdFSeEPCpDnR4teC5qrIbne
rSUlwaqc9mBpvCUK+yAAn3A23XFgJaQ6A/XMXwHuONALh+4adyWNTKkpYH728B8N
qLNx1yp9klYkTKMJYetb5F1sCQ7rsKPP77i1jRtCqFYaVKFh5PiIrdXIjZFhRE08
hASg/qb4xMHhI6hjy13fB24x8OHqf2PxfNzk+YwOAwIzAIOYv65EOdNM8uvJAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUp6b2Ps5J85Wa4G9LUD/lGxNPNOcwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjExODk1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8ZN
MA0GCSqGSIb3DQEBCwUAA4IBAQCYyftAt/dHbsWd4kmf3DY5ZBFtwy5/jZpZoXj6
dlherL1eZmF3xqH9ePhGzP+jKzu0mU3TJCGs3WihPOEenjIQzMOZNRlOIgEYP5B7
qh4xn5LCBNIE03k4/U/CH1hGB2ror8Qn4s/raN4H+VB8rmopCbByN5f2MdfaHa55
sbdVaFMHMEKs1uiERBsM4ClccrEA9lr4WR9x9hboNDbNK4bFR6Es1Rgihj/+GVOq
4qBHvyt63Y6FcLHtGEry41zoq+7kpBwYOkcovgwIOda4U+4Ek8sW8Z4BN/E8bP+R
bU64mKuLidsOnK5lYjkwWZqkEM1SV+6qZpaOgRGVVfB6nnU2
-----END CERTIFICATE-----
Generated at Sat Jun 1 05:09:36 2024 by rpki-client on console-fra.rpki-client.org