Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS13213.roa
File: AS13213.roa (raw, json)
Hash identifier: IP7fvznHib0mMoqXnOgwjEyPIxsZ8QU08nHehMVeXfQ=
Subject key identifier: 0D:7D:2C:3E:13:32:7A:EB:C4:C8:F5:00:DD:59:CC:DE:1A:C1:BC:98
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 127C0D4BF89E3C5D52DC32A31FBF86471C99CFCA
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS13213.roa
Signing time: Mon 18 Nov 2024 15:47:38 +0000
ROA not before: Mon 18 Nov 2024 15:42:38 +0000
ROA not after: Mon 17 Nov 2025 15:47:38 +0000
asID: 13213
IP address blocks: 145.223.43.0/24 maxlen: 24
145.223.46.0/24 maxlen: 24
145.223.48.0/24 maxlen: 24
145.223.49.0/24 maxlen: 24
146.103.2.0/24 maxlen: 24
146.103.3.0/24 maxlen: 24
146.103.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:7c:0d:4b:f8:9e:3c:5d:52:dc:32:a3:1f:bf:86:47:1c:99:cf:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Nov 18 15:42:38 2024 GMT
Not After : Nov 17 15:47:38 2025 GMT
Subject: CN=0D7D2C3E13327AEBC4C8F500DD59CCDE1AC1BC98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:82:fc:6e:47:7e:b1:58:5f:fb:de:03:15:ff:
7c:0c:68:62:f4:04:bb:72:a8:6e:f1:d8:9a:cc:a2:
c2:36:47:1e:21:b1:5e:02:8e:35:15:71:43:7d:1b:
52:88:5a:b6:f7:99:36:cf:42:92:4e:64:52:e0:10:
03:41:9a:9f:ad:d9:75:93:a2:bc:49:18:00:fc:5b:
a7:67:70:79:99:8a:6e:01:22:b8:50:eb:49:cc:71:
1f:70:a8:ad:50:66:75:13:52:2d:17:09:20:4c:09:
3b:ba:f0:4e:bf:46:b2:9d:11:f8:24:68:2b:0a:1a:
58:e8:d6:cc:9c:46:48:f5:f4:71:00:89:b6:df:0e:
13:3e:56:9f:7e:2a:d0:66:75:fa:46:27:a0:60:6a:
92:62:b2:06:6c:60:1a:ad:76:64:06:4d:3b:4a:14:
6e:88:c1:68:5d:e8:7e:78:bd:30:3e:3b:9c:1b:36:
95:47:1b:36:0d:6b:81:0d:0e:8b:d8:d6:9c:1b:01:
51:b4:3b:cf:6a:7e:ce:71:77:e7:ee:bc:e8:da:c0:
ba:e4:42:5f:cf:02:17:21:48:f6:04:37:c3:86:26:
13:7f:2c:93:30:d6:93:06:3b:0c:51:b3:6a:f9:73:
b1:44:32:15:a5:da:b7:1c:85:51:80:04:dc:62:22:
b5:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:7D:2C:3E:13:32:7A:EB:C4:C8:F5:00:DD:59:CC:DE:1A:C1:BC:98
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS13213.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.43.0/24
145.223.46.0/24
145.223.48.0/23
146.103.2.0/23
146.103.56.0/24
Signature Algorithm: sha256WithRSAEncryption
53:a4:a7:79:2c:6e:45:7a:86:f0:e5:75:9f:bd:9d:c0:9e:60:
5d:12:a5:ce:81:c7:40:58:5a:a2:6d:05:7f:f1:d3:d5:a9:b4:
aa:ce:e3:02:a4:47:43:37:f8:4d:bd:3a:04:03:dd:aa:d5:93:
a3:f8:54:8b:1d:bb:29:5d:ea:69:6f:c0:c2:34:7d:c8:f1:a0:
78:ee:30:db:bf:0c:5d:5a:2c:4f:cd:fb:35:ab:11:ca:98:5b:
0e:97:46:90:ef:f0:41:3f:ea:84:3b:8a:99:33:6b:64:02:34:
ba:5d:13:67:02:37:f7:eb:fd:19:04:32:0a:c9:79:d0:12:0d:
78:9d:f3:50:98:8f:c5:0c:c0:3f:03:67:f8:04:e0:12:8d:f1:
77:aa:f1:ab:62:85:45:22:a2:f3:4d:6f:31:ca:df:85:30:21:
da:c4:83:40:b8:6a:8a:6c:00:06:b2:7c:4a:e2:8c:c6:11:e4:
8a:40:ef:0f:18:57:40:2e:87:ba:93:02:b4:7e:d8:ae:b2:c2:
d8:4f:fd:ac:5d:13:38:9f:97:46:a9:39:e4:29:ec:92:51:48:
0c:f1:f1:d5:15:e3:9a:2b:d1:3a:7f:64:2a:96:8d:c2:08:18:
d3:e4:ad:78:53:9a:76:f3:8d:39:ef:2f:2b:d0:e2:8f:c1:f4:
8a:3e:d3:65
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUEnwNS/iePF1S3DKjH7+GRxyZz8owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDExMTgxNTQyMzhaFw0yNTExMTcxNTQ3MzhaMDMxMTAvBgNV
BAMTKDBEN0QyQzNFMTMzMjdBRUJDNEM4RjUwMERENTlDQ0RFMUFDMUJDOTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAgvxuR36xWF/73gMV/3wMaGL0
BLtyqG7x2JrMosI2Rx4hsV4CjjUVcUN9G1KIWrb3mTbPQpJOZFLgEANBmp+t2XWT
orxJGAD8W6dncHmZim4BIrhQ60nMcR9wqK1QZnUTUi0XCSBMCTu68E6/RrKdEfgk
aCsKGljo1sycRkj19HEAibbfDhM+Vp9+KtBmdfpGJ6BgapJisgZsYBqtdmQGTTtK
FG6IwWhd6H54vTA+O5wbNpVHGzYNa4ENDovY1pwbAVG0O89qfs5xd+fuvOjawLrk
Ql/PAhchSPYEN8OGJhN/LJMw1pMGOwxRs2r5c7FEMhWl2rcchVGABNxiIrVfAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUDX0sPhMyeuvEyPUA3VnM3hrBvJgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTMyMTMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBACR3ysD
BACR3y4DBAGR3zADBAGSZwIDBACSZzgwDQYJKoZIhvcNAQELBQADggEBAFOkp3ks
bkV6hvDldZ+9ncCeYF0Spc6Bx0BYWqJtBX/x09WptKrO4wKkR0M3+E29OgQD3arV
k6P4VIsduyld6mlvwMI0fcjxoHjuMNu/DF1aLE/N+zWrEcqYWw6XRpDv8EE/6oQ7
ipkza2QCNLpdE2cCN/fr/RkEMgrJedASDXid81CYj8UMwD8DZ/gE4BKN8Xeq8ati
hUUiovNNbzHK34UwIdrEg0C4aopsAAayfErijMYR5IpA7w8YV0Auh7qTArR+2K6y
wthP/axdEzifl0apOeQp7JJRSAzx8dUV45or0Tp/ZCqWjcIIGNPkrXhTmnbzjTnv
LyvQ4o/B9Io+02U=
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:49 2024 by rpki-client on console-fra.rpki-client.org