Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS8220.roa
File: AS8220.roa (raw, json)
Hash identifier: MCOcACLUrRVfYOjpSuWMB8i96LhvfBuoWmZiZcJ3PEI=
Subject key identifier: 00:12:30:C5:5A:EA:01:0E:5D:88:51:F5:FC:53:DE:6C:37:A9:76:A3
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 40C3D726D32EEA81590C0B48A2E3718B161CEDFA
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS8220.roa
Signing time: Wed 08 May 2024 14:58:36 +0000
ROA not before: Wed 08 May 2024 14:53:36 +0000
ROA not after: Wed 07 May 2025 14:58:36 +0000
asID: 8220
IP address blocks: 91.124.19.0/24 maxlen: 24
91.124.20.0/24 maxlen: 24
91.124.21.0/24 maxlen: 24
91.124.22.0/24 maxlen: 24
91.124.23.0/24 maxlen: 24
91.124.40.0/24 maxlen: 24
91.124.41.0/24 maxlen: 24
91.124.42.0/24 maxlen: 24
91.124.43.0/24 maxlen: 24
91.124.44.0/24 maxlen: 24
91.124.45.0/24 maxlen: 24
91.124.46.0/24 maxlen: 24
91.124.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:c3:d7:26:d3:2e:ea:81:59:0c:0b:48:a2:e3:71:8b:16:1c:ed:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 8 14:53:36 2024 GMT
Not After : May 7 14:58:36 2025 GMT
Subject: CN=001230C55AEA010E5D8851F5FC53DE6C37A976A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8e:4e:16:e0:bb:d9:ce:fc:c3:57:62:40:70:
06:ed:1d:2b:1a:e5:fc:c5:d7:79:0c:be:06:dc:fd:
72:f2:c7:ea:f3:ae:f3:16:8e:ed:95:28:23:a5:32:
2d:09:32:fb:c0:f4:cf:d2:4e:1e:ce:b6:74:a5:09:
6d:d2:18:8f:2f:a1:e0:6c:ec:d6:2b:d6:40:32:9f:
a5:f5:ca:c3:2b:ab:8a:76:ac:9e:7e:f5:86:63:c8:
9b:e6:a3:b9:02:79:af:17:dc:8e:d6:61:78:35:cb:
65:d6:d6:f2:87:8d:20:7c:0b:f0:1d:f7:97:a3:97:
15:ce:c7:51:af:a2:05:65:8a:6e:9d:04:fe:25:8b:
53:b5:47:5f:47:40:51:d6:c8:c9:dc:0f:ac:8e:7c:
cf:89:58:97:37:c5:52:56:d0:83:3a:ad:e6:04:e7:
58:ef:9e:93:b7:1f:e6:d2:2a:6f:db:eb:a1:c8:96:
65:a6:0e:3c:78:98:68:09:7f:32:dc:c7:31:e2:5d:
10:cd:de:ea:f8:87:2c:91:7f:f1:33:41:c9:6f:51:
88:1b:45:33:44:0c:61:3e:ee:e1:23:c2:27:04:cd:
a2:7a:74:8f:9e:02:c9:7b:2c:1b:18:4b:54:de:66:
06:7d:cf:fb:3d:90:26:0f:5b:e3:ad:c6:13:e3:03:
8f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:12:30:C5:5A:EA:01:0E:5D:88:51:F5:FC:53:DE:6C:37:A9:76:A3
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS8220.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.19.0-91.124.23.255
91.124.40.0/21
Signature Algorithm: sha256WithRSAEncryption
72:18:4a:5d:ac:35:f0:ad:3d:d9:1a:ba:a7:d3:fd:14:01:43:
62:69:4d:95:a6:35:b1:9a:14:1b:b6:77:05:cf:41:52:e5:cd:
21:8d:95:4d:8f:e5:5c:a9:eb:2a:63:3a:66:a2:1e:ff:db:9d:
f7:48:d0:24:86:15:ba:2a:d7:84:16:63:ef:0a:be:e0:1f:fc:
c9:8e:41:6c:c7:13:06:83:8d:58:a2:87:93:3f:14:64:d8:c3:
be:ee:39:b7:62:40:00:5f:2a:9c:c2:c6:8d:70:31:d3:8f:a0:
a5:b4:c2:97:84:91:8a:88:97:75:b3:35:80:24:3b:d6:c5:4f:
07:0d:b0:82:db:2f:95:fb:52:d9:9a:e6:b9:d2:df:eb:89:ef:
90:b3:36:1b:ba:bf:4d:cb:cb:c3:93:3c:61:69:08:e8:d2:13:
55:8d:84:6d:b1:3d:b5:fb:68:db:ff:23:ef:83:9b:4b:15:4c:
57:4b:58:18:82:b9:fd:8d:25:60:c8:62:ff:8c:88:da:6e:15:
54:72:9d:d2:a8:89:25:83:b0:d8:90:2c:8f:79:7e:8d:20:bd:
bc:4c:e6:43:2a:65:5b:05:2f:4f:6d:4b:bf:44:e4:2b:03:7c:
ef:79:b8:44:67:12:8b:9d:40:a2:82:e8:07:66:ba:6e:05:73:
b8:af:0d:36
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUQMPXJtMu6oFZDAtIouNxixYc7fowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDA1MDgxNDUzMzZaFw0yNTA1MDcxNDU4MzZaMDMxMTAvBgNV
BAMTKDAwMTIzMEM1NUFFQTAxMEU1RDg4NTFGNUZDNTNERTZDMzdBOTc2QTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChjk4W4LvZzvzDV2JAcAbtHSsa
5fzF13kMvgbc/XLyx+rzrvMWju2VKCOlMi0JMvvA9M/STh7OtnSlCW3SGI8voeBs
7NYr1kAyn6X1ysMrq4p2rJ5+9YZjyJvmo7kCea8X3I7WYXg1y2XW1vKHjSB8C/Ad
95ejlxXOx1GvogVlim6dBP4li1O1R19HQFHWyMncD6yOfM+JWJc3xVJW0IM6reYE
51jvnpO3H+bSKm/b66HIlmWmDjx4mGgJfzLcxzHiXRDN3ur4hyyRf/EzQclvUYgb
RTNEDGE+7uEjwicEzaJ6dI+eAsl7LBsYS1TeZgZ9z/s9kCYPW+OtxhPjA49ZAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUABIwxVrqAQ5diFH1/FPebDepdqMwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTODIyMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQAW3wT
AwQDW3wQAwQDW3woMA0GCSqGSIb3DQEBCwUAA4IBAQByGEpdrDXwrT3ZGrqn0/0U
AUNiaU2VpjWxmhQbtncFz0FS5c0hjZVNj+VcqesqYzpmoh7/2533SNAkhhW6KteE
FmPvCr7gH/zJjkFsxxMGg41YooeTPxRk2MO+7jm3YkAAXyqcwsaNcDHTj6CltMKX
hJGKiJd1szWAJDvWxU8HDbCC2y+V+1LZmua50t/rie+QszYbur9Ny8vDkzxhaQjo
0hNVjYRtsT21+2jb/yPvg5tLFUxXS1gYgrn9jSVgyGL/jIjabhVUcp3SqIklg7DY
kCyPeX6NIL28TOZDKmVbBS9PbUu/ROQrA3zvebhEZxKLnUCigugHZrpuBXO4rw02
-----END CERTIFICATE-----
Generated at Sat Jun 1 14:28:07 2024 by rpki-client on console-ams.rpki-client.org