Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS133296.roa
File: AS133296.roa (raw, json)
Hash identifier: Gp79qkJgamZzPNAfg8H1eYAoH3Q0R+7tJRiveML9eN4=
Subject key identifier: FC:14:7A:8D:2D:3B:FF:EB:4F:8B:E5:11:53:01:AF:72:CE:D7:05:8C
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3FB0CA27C51D41C828962B1DA31D89D11AF25F
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS133296.roa
Signing time: Fri 04 Oct 2024 08:14:41 +0000
ROA not before: Fri 04 Oct 2024 08:09:41 +0000
ROA not after: Fri 03 Oct 2025 08:14:41 +0000
asID: 133296
IP address blocks: 145.223.10.0/24 maxlen: 24
145.223.11.0/24 maxlen: 24
145.223.12.0/24 maxlen: 24
145.223.13.0/24 maxlen: 24
145.223.14.0/24 maxlen: 24
145.223.15.0/24 maxlen: 24
148.135.155.0/24 maxlen: 24
148.135.164.0/24 maxlen: 24
148.135.165.0/24 maxlen: 24
148.135.166.0/24 maxlen: 24
148.135.167.0/24 maxlen: 24
148.135.168.0/24 maxlen: 24
148.135.169.0/24 maxlen: 24
148.135.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:b0:ca:27:c5:1d:41:c8:28:96:2b:1d:a3:1d:89:d1:1a:f2:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 4 08:09:41 2024 GMT
Not After : Oct 3 08:14:41 2025 GMT
Subject: CN=FC147A8D2D3BFFEB4F8BE5115301AF72CED7058C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:12:5f:be:be:b9:4f:fe:95:76:b0:b6:db:7a:
ea:36:95:f0:9b:a4:32:b7:0f:e5:cc:f4:0a:2b:fe:
35:24:23:f2:94:30:36:b9:d1:11:82:53:18:a8:ef:
d9:49:6b:46:61:41:5f:35:6b:4a:25:9d:98:1d:50:
3d:98:01:8d:66:e2:af:49:a2:8c:76:cf:22:ef:1c:
de:a1:43:b4:d9:98:11:60:ee:f8:15:71:c2:5e:32:
07:c1:5d:da:2a:b3:0c:56:24:f7:95:d5:79:70:20:
47:ed:e4:0e:b9:b7:d9:60:51:b8:f5:9f:d7:ab:a2:
5c:b5:c3:71:ab:93:3a:2d:38:8e:02:d5:1a:58:00:
f5:7e:18:2f:03:1c:f0:81:f0:aa:93:36:e3:34:0e:
56:5c:a5:a5:f4:aa:f6:07:cb:3f:62:15:29:94:8f:
fc:ea:09:3c:5e:fd:b6:72:e6:dd:3c:19:20:30:a7:
1c:57:87:56:68:55:19:ac:c6:cf:9b:3c:38:47:df:
66:36:74:b5:f3:55:0d:3a:0b:fb:bc:f9:88:93:26:
53:04:fe:1d:35:df:9f:29:d9:22:d4:93:db:50:f8:
8d:83:12:82:48:cc:54:90:5b:c0:c7:96:74:b3:fd:
77:b8:66:61:00:62:54:0c:d2:a6:27:92:c3:55:26:
a6:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:14:7A:8D:2D:3B:FF:EB:4F:8B:E5:11:53:01:AF:72:CE:D7:05:8C
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS133296.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.10.0-145.223.15.255
148.135.155.0/24
148.135.164.0-148.135.170.255
Signature Algorithm: sha256WithRSAEncryption
03:1b:59:f3:f4:84:33:d3:cd:f7:ed:70:ec:9f:7f:f0:ba:5a:
8a:95:9d:a8:c4:86:8b:13:22:97:d6:20:b5:b4:1e:ac:5a:c3:
e5:79:e9:bb:9d:66:16:93:73:67:3e:45:b2:83:44:66:32:d7:
d8:51:94:d0:3e:7f:94:9f:cb:ac:60:b4:6d:f6:f5:90:eb:e0:
66:af:9b:b4:6c:8b:48:f9:fb:0f:79:3a:c6:3d:f0:b5:c3:e9:
5f:5c:c1:6a:2a:67:1e:9a:cd:24:08:cd:11:ad:94:4d:08:22:
fe:f2:e1:ba:4b:7f:6b:d8:96:c1:b8:5f:af:8b:b7:0b:e0:d0:
a0:3d:9c:15:ac:f2:a6:e2:42:96:75:1d:db:74:6a:a7:2a:c8:
c9:5f:a8:85:f0:4d:7d:9e:c6:fb:f0:30:49:da:fa:14:09:c3:
4c:e9:70:b7:21:98:96:0c:c3:88:17:d9:98:d0:18:11:a4:35:
a8:10:d2:79:ac:f8:1f:8d:dd:41:cd:45:7d:a1:d7:8b:7c:cd:
ef:74:55:02:ca:31:f0:be:fc:ac:da:1e:a0:b9:97:ab:64:1d:
91:63:f3:1c:78:ce:73:7d:a8:cd:00:ff:e8:4f:20:66:29:44:
d7:53:95:5f:5d:c6:5d:c6:03:f5:b1:b2:27:88:ff:01:00:62:
da:57:b7:25
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgITP7DKJ8UdQcgolisdox2J0RryXzANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg0ZmMzMzZiZjlmM2RlNWNlNDE0MTRiZDE5NzE5NDVmNGIy
NDZiZmNjMB4XDTI0MTAwNDA4MDk0MVoXDTI1MTAwMzA4MTQ0MVowMzExMC8GA1UE
AxMoRkMxNDdBOEQyRDNCRkZFQjRGOEJFNTExNTMwMUFGNzJDRUQ3MDU4QzCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMYSX76+uU/+lXawttt66jaV8Juk
MrcP5cz0Civ+NSQj8pQwNrnREYJTGKjv2UlrRmFBXzVrSiWdmB1QPZgBjWbir0mi
jHbPIu8c3qFDtNmYEWDu+BVxwl4yB8Fd2iqzDFYk95XVeXAgR+3kDrm32WBRuPWf
16uiXLXDcauTOi04jgLVGlgA9X4YLwMc8IHwqpM24zQOVlylpfSq9gfLP2IVKZSP
/OoJPF79tnLm3TwZIDCnHFeHVmhVGazGz5s8OEffZjZ0tfNVDToL+7z5iJMmUwT+
HTXfnynZItST21D4jYMSgkjMVJBbwMeWdLP9d7hmYQBiVAzSpieSw1UmpjECAwEA
AaOCAiYwggIiMB0GA1UdDgQWBBT8FHqNLTv/60+L5RFTAa9yztcFjDAfBgNVHSME
GDAWgBRPwza/nz3lzkFBS9GXGUX0ska/zDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS8wOWJlM2FhZS1hZWExLTQxZGMtYjFiOS05NWFjNTkxODI0
NGQvMC80RkMzMzZCRjlGM0RFNUNFNDE0MTRCRDE5NzE5NDVGNEIyNDZCRkNDLmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvVDhNMnY1ODk1YzVCUVV2Umx4bEY5TEpH
djh3LmNlcjB7BggrBgEFBQcBCwRvMG0wawYIKwYBBQUHMAuGX3JzeW5jOi8vcnN5
bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00
MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvQVMxMzMyOTYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOwYIKwYBBQUHAQcBAf8ELDAqMCgEAgABMCIwDAMEAZHf
CgMEBJHfAAMEAJSHmzAMAwQClIekAwQAlIeqMA0GCSqGSIb3DQEBCwUAA4IBAQAD
G1nz9IQz08337XDsn3/wulqKlZ2oxIaLEyKX1iC1tB6sWsPleem7nWYWk3NnPkWy
g0RmMtfYUZTQPn+Un8usYLRt9vWQ6+Bmr5u0bItI+fsPeTrGPfC1w+lfXMFqKmce
ms0kCM0RrZRNCCL+8uG6S39r2JbBuF+vi7cL4NCgPZwVrPKm4kKWdR3bdGqnKsjJ
X6iF8E19nsb78DBJ2voUCcNM6XC3IZiWDMOIF9mY0BgRpDWoENJ5rPgfjd1BzUV9
odeLfM3vdFUCyjHwvvys2h6guZerZB2RY/MceM5zfajNAP/oTyBmKUTXU5VfXcZd
xgP1sbIniP8BAGLaV7cl
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:14:19 2024 by rpki-client on console-ams.rpki-client.org