Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS206628.roa
File: AS206628.roa (raw, json)
Hash identifier: PJUITGqmuiJ3g2Xqo5pFaDoQMNxW5QOFvtI+3vnOfDg=
Subject key identifier: 93:48:D5:6E:68:F6:B3:20:F1:5A:FB:6A:1C:76:69:76:C7:1B:B7:4C
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 55F3A946F4DC5F9CAAA3990EC142227F7F8C1F1B
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS206628.roa
Signing time: Thu 23 May 2024 16:49:13 +0000
ROA not before: Thu 23 May 2024 16:44:13 +0000
ROA not after: Thu 22 May 2025 16:49:13 +0000
asID: 206628
IP address blocks: 2a0f:85c1::/48 maxlen: 48
2a0f:85c1:21::/48 maxlen: 48
2a0f:85c1:22::/48 maxlen: 48
2a0f:85c1:30::/48 maxlen: 48
2a0f:85c1:31::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.mft
rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:f3:a9:46:f4:dc:5f:9c:aa:a3:99:0e:c1:42:22:7f:7f:8c:1f:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: May 23 16:44:13 2024 GMT
Not After : May 22 16:49:13 2025 GMT
Subject: CN=9348D56E68F6B320F15AFB6A1C766976C71BB74C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:95:31:d8:f1:2f:cc:67:d9:07:a9:91:ad:71:
fd:65:e8:1f:e2:ea:fa:5e:e3:ee:fc:07:2f:8e:a6:
2d:40:35:d9:d8:5a:09:d6:9d:99:e2:ed:f6:f9:27:
45:35:9b:a2:d4:a1:51:e8:81:46:f7:f5:3a:8d:4c:
81:8d:ed:c2:16:ea:1f:bf:3c:53:2c:af:f5:24:69:
3e:9a:b2:9f:0c:71:05:ed:6a:b8:e3:c3:01:0c:77:
60:ea:2c:96:a0:08:aa:64:04:cb:23:ea:62:a1:b6:
7b:0c:e3:41:5c:a5:61:4f:1d:6f:22:db:96:18:22:
95:8b:c3:6b:e7:24:b8:9a:b8:91:28:3f:d4:aa:ef:
f4:71:8e:1f:fc:53:06:7b:df:e7:d6:c2:05:3a:4f:
15:ce:4c:73:8f:24:a5:c2:eb:a1:1e:a9:49:0d:44:
5b:8e:0e:da:f7:4e:d6:d1:cc:bd:42:58:0e:37:a8:
4a:af:16:b4:90:cf:82:60:34:18:b9:d4:e4:84:db:
0d:e1:ad:8c:37:fe:2a:c3:38:f6:9f:ac:81:c2:dc:
42:be:28:b1:db:ed:29:44:59:8c:5a:0c:93:92:55:
6a:39:0a:a4:cb:36:9a:d4:fc:95:c6:96:e4:9e:b8:
41:a2:4d:cd:07:f4:13:24:aa:e1:aa:7e:41:02:a0:
bc:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:48:D5:6E:68:F6:B3:20:F1:5A:FB:6A:1C:76:69:76:C7:1B:B7:4C
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS206628.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1::/48
2a0f:85c1:21::-2a0f:85c1:22:ffff:ffff:ffff:ffff:ffff
2a0f:85c1:30::/47
Signature Algorithm: sha256WithRSAEncryption
13:41:78:53:2b:9a:14:1a:c3:66:05:e9:1b:2e:23:53:a2:4d:
a1:42:c3:7b:3e:91:3c:7b:a7:b9:60:54:62:e9:c3:61:57:d9:
67:36:7b:0d:7c:eb:ab:4b:74:59:10:1d:f4:f2:43:63:47:b5:
49:bf:79:cf:4b:72:2e:80:4e:ab:6c:ff:90:97:18:0a:fd:dc:
03:59:c3:18:f4:20:b6:21:fe:96:f4:21:0a:f5:a0:41:ee:80:
30:a1:8f:74:c2:fa:fd:7d:df:3a:06:4b:a5:f5:f1:bd:f6:d6:
b6:e2:00:ff:3c:7a:22:86:b8:45:6a:20:ca:39:f1:68:06:ab:
c3:f6:8a:5e:c8:42:79:e0:d9:85:20:f5:aa:be:58:fa:c3:2e:
1e:80:b9:b8:26:dc:4d:c5:8d:db:48:15:98:c5:e8:51:c7:78:
b6:78:7c:95:06:5d:60:26:d0:92:35:9c:89:18:51:06:5f:04:
20:d9:09:e6:70:22:52:1f:97:79:87:d6:44:8a:11:61:2d:41:
23:b1:3a:ed:bb:12:1f:38:93:38:fe:58:5d:45:ac:db:ba:97:
72:5f:a2:b6:11:1e:26:5c:06:d2:cb:1a:82:6e:f1:5a:d5:2f:
11:46:b0:84:4e:b7:be:23:0f:f4:a4:22:3e:2d:d6:9b:59:e4:
61:9c:26:7a
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIUVfOpRvTcX5yqo5kOwUIif3+MHxswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA1MjMxNjQ0MTNaFw0yNTA1MjIxNjQ5MTNaMDMxMTAvBgNV
BAMTKDkzNDhENTZFNjhGNkIzMjBGMTVBRkI2QTFDNzY2OTc2QzcxQkI3NEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHlTHY8S/MZ9kHqZGtcf1l6B/i
6vpe4+78By+Opi1ANdnYWgnWnZni7fb5J0U1m6LUoVHogUb39TqNTIGN7cIW6h+/
PFMsr/UkaT6asp8McQXtarjjwwEMd2DqLJagCKpkBMsj6mKhtnsM40FcpWFPHW8i
25YYIpWLw2vnJLiauJEoP9Sq7/Rxjh/8UwZ73+fWwgU6TxXOTHOPJKXC66EeqUkN
RFuODtr3TtbRzL1CWA43qEqvFrSQz4JgNBi51OSE2w3hrYw3/irDOPafrIHC3EK+
KLHb7SlEWYxaDJOSVWo5CqTLNprU/JXGluSeuEGiTc0H9BMkquGqfkECoLw5AgMB
AAGjggIqMIICJjAdBgNVHQ4EFgQUk0jVbmj2syDxWvtqHHZpdscbt0wwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjA2NjI4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAwcAKg+F
wQAAMBIDBwAqD4XBACEDBwAqD4XBACIDBwEqD4XBADAwDQYJKoZIhvcNAQELBQAD
ggEBABNBeFMrmhQaw2YF6RsuI1OiTaFCw3s+kTx7p7lgVGLpw2FX2Wc2ew1866tL
dFkQHfTyQ2NHtUm/ec9Lci6ATqts/5CXGAr93ANZwxj0ILYh/pb0IQr1oEHugDCh
j3TC+v193zoGS6X18b321rbiAP88eiKGuEVqIMo58WgGq8P2il7IQnng2YUg9aq+
WPrDLh6Aubgm3E3FjdtIFZjF6FHHeLZ4fJUGXWAm0JI1nIkYUQZfBCDZCeZwIlIf
l3mH1kSKEWEtQSOxOu27Eh84kzj+WF1FrNu6l3JforYRHiZcBtLLGoJu8VrVLxFG
sIROt74jD/SkIj4t1ptZ5GGcJno=
-----END CERTIFICATE-----
Generated at Wed Jun 26 05:17:46 2024 by rpki-client on console-fra.rpki-client.org