Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS138195.roa
File: AS138195.roa (raw, json)
Hash identifier: +3w8PsG4nU6aEeQ1swOFmcOHK72NC5FFVqnMpnMt6tc=
Subject key identifier: 90:CE:F8:13:18:8F:42:BF:33:45:25:5E:BD:92:F3:0B:23:85:10:C0
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 13F41EF206D5D35B3161F9E183E229A082E8DCE1
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS138195.roa
Signing time: Tue 30 Apr 2024 16:06:03 +0000
ROA not before: Tue 30 Apr 2024 16:01:03 +0000
ROA not after: Tue 29 Apr 2025 16:06:03 +0000
asID: 138195
IP address blocks: 146.103.27.0/24 maxlen: 24
146.103.36.0/24 maxlen: 24
147.79.22.0/24 maxlen: 24
147.79.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 13:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:f4:1e:f2:06:d5:d3:5b:31:61:f9:e1:83:e2:29:a0:82:e8:dc:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 30 16:01:03 2024 GMT
Not After : Apr 29 16:06:03 2025 GMT
Subject: CN=90CEF813188F42BF3345255EBD92F30B238510C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:40:99:37:0a:3a:8e:46:e6:0d:74:97:75:f2:
ce:68:20:37:38:da:11:e6:80:45:f9:6b:6b:d5:a8:
6d:f4:70:e5:83:d3:22:42:d8:70:86:87:31:f4:93:
b8:2f:96:3c:7b:52:f3:13:aa:da:45:6e:33:ef:e3:
28:86:16:25:e5:17:1c:1c:c7:8b:8b:f1:9a:0d:89:
02:42:c0:6c:b8:da:25:91:fc:1f:bc:8b:87:29:09:
ba:df:50:c2:53:05:50:b4:e3:75:57:ca:f7:d9:dc:
93:5e:df:d1:d7:83:34:55:a4:20:c3:68:65:d0:41:
52:3f:a1:f8:b8:b4:e9:f2:ac:cc:d8:df:ca:cf:82:
d0:2d:f8:50:37:eb:ad:e0:41:99:a4:db:3d:9c:14:
6b:36:44:f4:d2:91:83:f8:27:cc:b4:03:7c:67:27:
8d:70:15:46:c5:4e:e3:c0:a9:5b:b3:fd:55:0a:3f:
44:36:93:af:cf:06:f0:87:ef:e6:a3:49:7f:10:00:
24:e8:d9:51:f6:d4:ea:a4:4a:94:ce:d9:88:5b:95:
e0:93:da:d3:6c:93:d1:b7:8b:fa:79:2a:7a:d8:69:
44:3b:59:15:61:28:c7:74:53:5d:d7:ff:8a:ee:d0:
8b:43:a4:63:63:3f:3b:a4:76:6e:2a:9a:be:17:e1:
e7:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:CE:F8:13:18:8F:42:BF:33:45:25:5E:BD:92:F3:0B:23:85:10:C0
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS138195.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.103.27.0/24
146.103.36.0/24
147.79.22.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:7d:50:53:b1:47:34:21:61:3f:5d:7d:aa:69:78:e6:ae:78:
54:c6:0d:fc:c5:e6:00:83:18:49:ac:1c:97:97:a8:04:0e:79:
b9:4b:3b:02:ac:4b:ac:a9:50:c2:fa:92:bf:98:98:ec:ae:e1:
00:1d:4c:db:e8:6e:3e:3f:0b:3a:84:80:eb:64:d0:f0:55:46:
1b:fa:0d:79:aa:89:89:66:9c:00:26:19:5c:cd:41:56:57:da:
6c:01:ea:50:71:32:bf:56:3a:63:89:fb:d3:fd:ef:ab:3c:0c:
44:85:39:ed:5d:60:b0:a5:41:b2:05:7a:74:bd:98:28:18:ac:
75:35:bc:22:d2:09:dc:b0:93:76:8b:ad:7c:da:d5:73:2d:f5:
89:97:fc:88:fc:4b:4c:21:4b:a8:8d:e7:c2:38:38:c9:cf:b4:
a1:74:b8:40:68:a0:43:7d:2e:e5:65:9a:0e:f4:4f:d5:65:15:
03:e4:d7:aa:70:ba:e7:0a:be:66:34:d7:ce:bc:11:e5:43:b3:
ac:8f:93:63:8b:1f:f0:e2:25:d3:a4:86:e7:fb:7b:bb:8e:76:
29:f0:a2:65:f7:9d:4e:ef:c8:ae:1f:60:81:94:f5:e8:ec:5b:
f8:e9:6a:ec:f8:09:0e:b3:9c:47:bc:5f:97:02:e5:41:5f:d3:
37:72:32:7f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUE/Qe8gbV01sxYfnhg+IpoILo3OEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA0MzAxNjAxMDNaFw0yNTA0MjkxNjA2MDNaMDMxMTAvBgNV
BAMTKDkwQ0VGODEzMTg4RjQyQkYzMzQ1MjU1RUJEOTJGMzBCMjM4NTEwQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuQJk3CjqORuYNdJd18s5oIDc4
2hHmgEX5a2vVqG30cOWD0yJC2HCGhzH0k7gvljx7UvMTqtpFbjPv4yiGFiXlFxwc
x4uL8ZoNiQJCwGy42iWR/B+8i4cpCbrfUMJTBVC043VXyvfZ3JNe39HXgzRVpCDD
aGXQQVI/ofi4tOnyrMzY38rPgtAt+FA3663gQZmk2z2cFGs2RPTSkYP4J8y0A3xn
J41wFUbFTuPAqVuz/VUKP0Q2k6/PBvCH7+ajSX8QACTo2VH21OqkSpTO2YhbleCT
2tNsk9G3i/p5KnrYaUQ7WRVhKMd0U13X/4ru0ItDpGNjPzukdm4qmr4X4ef5AgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUkM74ExiPQr8zRSVevZLzCyOFEMAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM4MTk1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAkmcb
AwQAkmckAwQBk08WMA0GCSqGSIb3DQEBCwUAA4IBAQCxfVBTsUc0IWE/XX2qaXjm
rnhUxg38xeYAgxhJrByXl6gEDnm5SzsCrEusqVDC+pK/mJjsruEAHUzb6G4+Pws6
hIDrZNDwVUYb+g15qomJZpwAJhlczUFWV9psAepQcTK/VjpjifvT/e+rPAxEhTnt
XWCwpUGyBXp0vZgoGKx1Nbwi0gncsJN2i6182tVzLfWJl/yI/EtMIUuojefCODjJ
z7ShdLhAaKBDfS7lZZoO9E/VZRUD5NeqcLrnCr5mNNfOvBHlQ7Osj5Njix/w4iXT
pIbn+3u7jnYp8KJl951O78iuH2CBlPXo7Fv46Wrs+AkOs5xHvF+XAuVBX9M3cjJ/
-----END CERTIFICATE-----
Generated at Sun May 19 16:48:08 2024 by rpki-client on console-fra.rpki-client.org