Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214984.roa
File: AS214984.roa (raw, json)
Hash identifier: bJA+x3DH71iJhFRBn6BO/+b/5KWgXxBgiVyiGsXjbGI=
Subject key identifier: F6:FE:41:F7:1F:D2:C5:F9:5E:AC:09:D2:F5:5F:19:27:8C:76:68:A2
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 4E4ADEB43B85BB89B70AA0AC719A75C998012528
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214984.roa
Signing time: Thu 23 May 2024 16:49:08 +0000
ROA not before: Thu 23 May 2024 16:44:08 +0000
ROA not after: Thu 22 May 2025 16:49:08 +0000
asID: 214984
IP address blocks: 2a0f:85c1:3d2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.mft
rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:4a:de:b4:3b:85:bb:89:b7:0a:a0:ac:71:9a:75:c9:98:01:25:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: May 23 16:44:08 2024 GMT
Not After : May 22 16:49:08 2025 GMT
Subject: CN=F6FE41F71FD2C5F95EAC09D2F55F19278C7668A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7f:9b:e6:c9:73:35:52:fb:ef:76:04:a6:b5:
28:37:63:15:35:f1:f7:77:66:19:96:d4:e8:25:bc:
ee:eb:c1:46:12:3d:06:3b:c1:96:d1:93:4e:9a:2c:
fa:14:ee:fc:8a:46:e7:87:bc:d4:c6:a5:12:af:20:
7b:c4:11:ab:d2:09:0d:33:d4:91:8e:3c:ff:4a:c5:
7b:1f:2f:cd:52:3e:06:5d:04:4f:4c:38:a5:85:aa:
9a:ce:ca:68:1f:5d:76:c3:8d:ac:11:50:f9:ac:07:
c2:a6:2c:29:30:17:91:a2:9b:4d:4c:e4:ad:27:b9:
a6:02:cd:21:23:64:a5:a9:cd:77:33:d0:f4:97:4b:
f5:91:d7:ff:5c:c3:75:b6:f0:c4:56:dc:33:e0:ae:
99:78:25:b1:9a:90:2d:d7:2f:e7:a2:ab:7e:36:18:
6d:9e:c8:d8:2e:bf:17:50:a9:07:06:cd:45:cf:15:
8c:d0:f2:2f:80:5d:e3:bc:f2:de:a8:54:e5:fe:0b:
1a:38:3e:42:8b:43:7c:76:02:bb:6c:1f:dc:b6:06:
36:4c:33:ac:a4:ac:aa:c5:6d:5b:45:8a:e6:8c:51:
7d:4c:d1:21:b0:ef:af:34:21:a6:d4:1d:52:94:63:
3a:ab:70:c9:da:05:6c:d8:9e:b0:a5:00:36:2e:e0:
47:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:FE:41:F7:1F:D2:C5:F9:5E:AC:09:D2:F5:5F:19:27:8C:76:68:A2
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214984.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3d2::/48
Signature Algorithm: sha256WithRSAEncryption
52:77:e8:13:03:f7:dc:13:8d:d8:7f:b4:ca:28:bd:4a:00:a6:
84:0d:ec:e9:4b:93:c0:97:75:bd:fe:ca:03:8b:51:9e:63:72:
a3:60:82:85:6f:54:f9:10:56:d9:24:95:65:51:96:57:fa:97:
cd:e5:1e:c9:a2:86:26:12:6d:a4:4d:fe:58:62:d8:35:67:ef:
4a:3f:93:e4:88:2e:76:75:ef:48:18:8f:8b:ca:c0:74:7e:fc:
2e:88:9e:93:bf:ef:ca:06:76:e1:8b:fc:89:ce:92:f2:50:ec:
37:c8:c5:11:43:54:e7:18:79:3a:b9:14:71:60:bd:50:d0:1c:
f3:0d:24:40:b3:00:ed:aa:43:cd:c1:c6:76:f6:8a:29:95:0f:
a7:18:82:ba:4c:48:26:cc:08:56:c0:e4:34:3b:24:c8:e5:16:
35:69:ae:5d:9b:70:eb:59:4d:76:5d:91:b8:99:70:b4:09:ff:
f9:00:d8:91:c4:37:bb:6b:e8:13:19:16:c9:73:d2:c6:6d:e5:
f8:52:79:11:56:34:98:93:41:cd:1e:2a:0f:2f:7d:dd:3e:63:
36:1c:5d:77:5e:83:de:16:fd:c4:bd:27:dd:22:2e:01:1a:9f:
59:c5:e0:38:4a:09:2e:28:a5:64:63:56:40:4b:83:35:02:41:
37:00:44:77
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUTkretDuFu4m3CqCscZp1yZgBJSgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA1MjMxNjQ0MDhaFw0yNTA1MjIxNjQ5MDhaMDMxMTAvBgNV
BAMTKEY2RkU0MUY3MUZEMkM1Rjk1RUFDMDlEMkY1NUYxOTI3OEM3NjY4QTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2f5vmyXM1UvvvdgSmtSg3YxU1
8fd3ZhmW1OglvO7rwUYSPQY7wZbRk06aLPoU7vyKRueHvNTGpRKvIHvEEavSCQ0z
1JGOPP9KxXsfL81SPgZdBE9MOKWFqprOymgfXXbDjawRUPmsB8KmLCkwF5Gim01M
5K0nuaYCzSEjZKWpzXcz0PSXS/WR1/9cw3W28MRW3DPgrpl4JbGakC3XL+eiq342
GG2eyNguvxdQqQcGzUXPFYzQ8i+AXeO88t6oVOX+Cxo4PkKLQ3x2ArtsH9y2BjZM
M6ykrKrFbVtFiuaMUX1M0SGw7680IabUHVKUYzqrcMnaBWzYnrClADYu4Ee1AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU9v5B9x/SxflerAnS9V8ZJ4x2aKIwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE0OTg0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQPSMA0GCSqGSIb3DQEBCwUAA4IBAQBSd+gTA/fcE43Yf7TKKL1KAKaEDezpS5PA
l3W9/soDi1GeY3KjYIKFb1T5EFbZJJVlUZZX+pfN5R7JooYmEm2kTf5YYtg1Z+9K
P5PkiC52de9IGI+LysB0fvwuiJ6Tv+/KBnbhi/yJzpLyUOw3yMURQ1TnGHk6uRRx
YL1Q0BzzDSRAswDtqkPNwcZ29ooplQ+nGIK6TEgmzAhWwOQ0OyTI5RY1aa5dm3Dr
WU12XZG4mXC0Cf/5ANiRxDe7a+gTGRbJc9LGbeX4UnkRVjSYk0HNHioPL33dPmM2
HF13XoPeFv3EvSfdIi4BGp9ZxeA4SgkuKKVkY1ZAS4M1AkE3AER3
-----END CERTIFICATE-----
Generated at Wed Jun 26 06:31:24 2024 by rpki-client on console-ams.rpki-client.org