Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS152179.roa
File: AS152179.roa (raw, json)
Hash identifier: TUH7/FkhXARBxcXmUvEFmfFHNCCMgXhrQ9t3pCIVbY4=
Subject key identifier: 8B:B9:39:8C:6F:9B:C8:46:28:43:E5:E2:78:13:DA:3D:BE:78:58:DE
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6C39B6AD4B88EEB9AB279A83BF9B3BEB41B8F9F5
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS152179.roa
Signing time: Tue 19 Nov 2024 08:55:25 +0000
ROA not before: Tue 19 Nov 2024 08:50:25 +0000
ROA not after: Tue 18 Nov 2025 08:55:25 +0000
asID: 152179
IP address blocks: 146.103.16.0/23 maxlen: 24
150.241.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:39:b6:ad:4b:88:ee:b9:ab:27:9a:83:bf:9b:3b:eb:41:b8:f9:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Nov 19 08:50:25 2024 GMT
Not After : Nov 18 08:55:25 2025 GMT
Subject: CN=8BB9398C6F9BC8462843E5E27813DA3DBE7858DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:75:db:4e:b6:21:03:7d:68:ed:22:c0:99:8b:
a3:06:90:f0:9b:f9:7a:f4:87:d8:f5:32:74:38:7f:
96:30:db:4a:70:fe:70:4a:57:a4:5c:78:0d:43:ad:
90:e4:65:20:83:56:a1:d6:ad:17:18:82:29:23:7c:
96:8d:6e:6d:30:3c:59:9d:01:d1:22:69:69:42:e2:
2f:22:43:e7:f9:06:c1:16:8b:14:08:39:46:05:6c:
a3:65:a8:23:29:fb:3c:39:4e:70:ab:df:f8:5a:c6:
19:b1:f9:e9:f6:09:6f:bb:f9:5c:3c:f4:6a:9d:ce:
f8:d1:a1:1b:0f:84:0c:8e:24:3f:a5:b6:ac:48:87:
c7:2a:c6:f5:94:56:56:9b:9c:17:80:7c:21:73:77:
54:b7:91:e5:14:09:70:cb:41:4f:ad:e5:f2:85:73:
c4:dd:97:58:37:b8:80:dd:5a:f5:be:4b:c2:6a:24:
d7:f8:6b:a1:5a:86:2d:d4:2d:56:82:85:10:d9:7a:
98:e9:a8:92:d5:8a:94:cb:ce:cd:9b:22:78:a8:e2:
d9:d2:a5:97:d1:36:be:43:8f:b3:3c:02:d2:a6:aa:
7b:9a:8f:bf:7f:91:cf:02:06:e4:76:f2:6c:90:a9:
f9:f8:4f:e5:64:ca:82:45:89:db:f1:8b:25:3b:e2:
0f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:B9:39:8C:6F:9B:C8:46:28:43:E5:E2:78:13:DA:3D:BE:78:58:DE
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS152179.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.103.16.0/23
150.241.129.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:55:92:1c:44:b0:e5:72:c6:01:91:2b:28:ac:2f:36:3d:e2:
ae:0d:0c:02:75:a7:9f:d9:8a:57:7c:51:1f:83:0b:ac:f7:7b:
b9:c0:96:8e:93:8b:1b:cc:2a:af:df:9b:a5:40:c1:03:38:2a:
e6:74:06:87:75:ff:2a:df:82:25:3e:59:39:ae:ad:c7:b2:23:
5c:6e:1b:cf:df:a6:11:5d:a8:e5:ed:76:5a:7c:34:3d:3d:39:
67:65:57:78:e9:d5:b7:b0:3f:47:30:a1:a9:2b:e2:29:77:e6:
d1:fb:2f:04:6b:9e:a8:52:3f:5e:4d:37:62:98:8e:99:a5:ab:
24:9d:e2:4c:4c:65:5b:11:af:d7:dd:ff:a0:4d:b7:56:05:ad:
64:f5:f8:e0:4d:a1:1a:91:74:89:29:b8:c2:b8:a7:d2:8b:a7:
e4:a9:a9:ca:42:7a:23:0c:42:d1:b8:80:35:28:76:c4:c1:24:
4d:a9:a8:81:fe:8e:f9:2d:c6:3d:dc:64:8a:e0:8a:66:d7:3e:
bb:1b:dc:f3:72:f0:fd:90:e0:32:5b:34:d3:5d:08:5f:16:3d:
68:7c:be:c9:a6:9b:bc:ad:23:eb:79:fd:3a:12:f6:a0:7a:a0:
fa:5c:de:fb:c8:c6:95:8a:36:6d:8b:ce:d5:ca:1b:30:18:c3:
0b:55:61:24
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUbDm2rUuI7rmrJ5qDv5s760G4+fUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDExMTkwODUwMjVaFw0yNTExMTgwODU1MjVaMDMxMTAvBgNV
BAMTKDhCQjkzOThDNkY5QkM4NDYyODQzRTVFMjc4MTNEQTNEQkU3ODU4REUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYddtOtiEDfWjtIsCZi6MGkPCb
+Xr0h9j1MnQ4f5Yw20pw/nBKV6RceA1DrZDkZSCDVqHWrRcYgikjfJaNbm0wPFmd
AdEiaWlC4i8iQ+f5BsEWixQIOUYFbKNlqCMp+zw5TnCr3/haxhmx+en2CW+7+Vw8
9GqdzvjRoRsPhAyOJD+ltqxIh8cqxvWUVlabnBeAfCFzd1S3keUUCXDLQU+t5fKF
c8Tdl1g3uIDdWvW+S8JqJNf4a6Fahi3ULVaChRDZepjpqJLVipTLzs2bInio4tnS
pZfRNr5Dj7M8AtKmqnuaj79/kc8CBuR28myQqfn4T+VkyoJFidvxiyU74g9PAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUi7k5jG+byEYoQ+XieBPaPb54WN4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTUyMTc5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBkmcQ
AwQAlvGBMA0GCSqGSIb3DQEBCwUAA4IBAQA/VZIcRLDlcsYBkSsorC82PeKuDQwC
daef2YpXfFEfgwus93u5wJaOk4sbzCqv35ulQMEDOCrmdAaHdf8q34IlPlk5rq3H
siNcbhvP36YRXajl7XZafDQ9PTlnZVd46dW3sD9HMKGpK+Ipd+bR+y8Ea56oUj9e
TTdimI6ZpaskneJMTGVbEa/X3f+gTbdWBa1k9fjgTaEakXSJKbjCuKfSi6fkqanK
QnojDELRuIA1KHbEwSRNqaiB/o75LcY93GSK4Ipm1z67G9zzcvD9kOAyWzTTXQhf
Fj1ofL7Jppu8rSPref06EvageqD6XN77yMaVijZti87VyhswGMMLVWEk
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:14:19 2024 by rpki-client on console-ams.rpki-client.org