Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: ep/07QFlw62dCBjcl5E4BiYqMftRtbSFA9EdcJ0V7EU=
Subject key identifier: 96:F1:B3:F4:D5:40:B5:02:7B:D9:B8:DA:B3:DE:60:D1:CD:21:CA:8E
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 06F25CB04664ADFF24E6622648670C0AF18A602D
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa
Signing time: Tue 30 Apr 2024 00:01:18 +0000
ROA not before: Mon 29 Apr 2024 23:56:18 +0000
ROA not after: Tue 29 Apr 2025 00:01:18 +0000
asID: 16509
IP address blocks: 140.150.232.0/22 maxlen: 22
140.233.128.0/19 maxlen: 24
146.103.60.0/22 maxlen: 22
147.79.80.0/20 maxlen: 20
147.79.112.0/20 maxlen: 20
148.135.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:f2:5c:b0:46:64:ad:ff:24:e6:62:26:48:67:0c:0a:f1:8a:60:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 29 23:56:18 2024 GMT
Not After : Apr 29 00:01:18 2025 GMT
Subject: CN=96F1B3F4D540B5027BD9B8DAB3DE60D1CD21CA8E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f4:6f:1a:92:e9:25:54:1e:22:ae:b1:90:33:
89:00:fe:42:41:2d:a0:e7:4e:f6:99:1d:a1:b7:99:
6a:5d:e9:85:07:42:34:35:3e:d8:d7:69:e9:10:0d:
d3:a2:d5:51:c6:00:5d:30:9c:83:73:86:19:b6:a7:
95:0a:90:7e:a6:2f:25:44:cf:09:86:30:fc:6a:09:
5b:53:5f:17:bb:aa:9b:89:11:98:d7:a9:3a:84:66:
79:81:fc:28:b0:04:96:d7:12:a5:49:5b:72:db:ac:
62:b5:e8:f4:8a:ef:c0:32:b9:84:16:b8:f9:b9:cf:
15:3a:a4:10:ad:44:e3:c5:5c:e1:76:4f:1f:2d:33:
2e:ac:c2:13:9d:98:f2:e7:d0:9b:96:02:d3:31:ae:
a3:9a:2b:fe:67:f7:5d:7c:cd:d6:8d:58:81:1d:fb:
fa:8b:12:02:4e:e1:2c:e0:80:b8:a3:c1:e8:6d:7f:
e0:1d:de:76:1c:3c:5f:42:79:55:f5:37:30:8d:86:
46:5f:0c:1f:1d:6e:83:49:3b:5f:91:01:ce:7e:fd:
73:86:af:49:ae:78:b7:12:86:5b:e0:06:ca:fc:84:
47:1a:4a:0d:5b:0c:57:fa:ff:b4:e2:ba:0f:84:fd:
c3:10:07:cf:e7:7d:d0:0e:05:16:2b:09:b3:e1:f6:
56:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:F1:B3:F4:D5:40:B5:02:7B:D9:B8:DA:B3:DE:60:D1:CD:21:CA:8E
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.232.0/22
140.233.128.0/19
146.103.60.0/22
147.79.80.0/20
147.79.112.0/20
148.135.128.0/17
Signature Algorithm: sha256WithRSAEncryption
aa:14:cb:d2:f3:68:1c:22:88:57:c1:96:3c:e9:62:2f:29:75:
23:6c:fe:67:f7:b7:b7:80:e5:7b:61:d7:ac:da:74:c1:fc:f6:
9c:9c:bc:3a:51:cb:9f:c6:f6:40:ff:63:64:18:58:44:b5:d9:
1b:f0:b5:46:4a:4c:e5:d2:e7:7d:66:d5:07:5b:bf:d1:e0:a7:
f0:e6:9a:88:44:79:02:3c:ae:be:cb:3f:c8:fc:7c:a4:c6:24:
58:a1:e2:bf:1c:34:d0:78:b9:eb:47:af:44:f2:55:67:64:38:
43:ed:60:7d:a1:52:e8:4d:b2:49:9a:41:fd:b3:c6:7c:fb:22:
88:22:ab:8c:18:d5:fb:08:58:b6:06:6d:02:af:de:6e:4d:53:
37:29:b4:36:9a:05:46:6c:a1:ba:9d:f3:4b:6b:2c:36:e4:36:
7d:ca:d2:62:26:1f:a0:1d:84:ac:df:99:15:67:b1:ec:f8:2f:
2d:82:6a:1c:53:29:b7:64:e5:d3:63:28:80:5a:aa:c6:8b:51:
ee:5c:ab:93:74:40:68:e4:13:68:ae:5c:dc:d2:ac:64:16:85:
e3:48:76:3b:85:f5:51:69:83:49:49:db:ca:41:39:a9:ec:73:
a9:6c:ae:76:9a:6d:a5:89:73:24:40:b4:ac:95:db:77:00:ae:
9d:7b:91:c6
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUBvJcsEZkrf8k5mImSGcMCvGKYC0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA0MjkyMzU2MThaFw0yNTA0MjkwMDAxMThaMDMxMTAvBgNV
BAMTKDk2RjFCM0Y0RDU0MEI1MDI3QkQ5QjhEQUIzREU2MEQxQ0QyMUNBOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCX9G8akuklVB4irrGQM4kA/kJB
LaDnTvaZHaG3mWpd6YUHQjQ1PtjXaekQDdOi1VHGAF0wnINzhhm2p5UKkH6mLyVE
zwmGMPxqCVtTXxe7qpuJEZjXqTqEZnmB/CiwBJbXEqVJW3LbrGK16PSK78AyuYQW
uPm5zxU6pBCtROPFXOF2Tx8tMy6swhOdmPLn0JuWAtMxrqOaK/5n9118zdaNWIEd
+/qLEgJO4SzggLijwehtf+Ad3nYcPF9CeVX1NzCNhkZfDB8dboNJO1+RAc5+/XOG
r0mueLcShlvgBsr8hEcaSg1bDFf6/7Tiug+E/cMQB8/nfdAOBRYrCbPh9lYBAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUlvGz9NVAtQJ72bjas95g0c0hyo4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBAKMlugD
BAWM6YADBAKSZzwDBASTT1ADBASTT3ADBAeUh4AwDQYJKoZIhvcNAQELBQADggEB
AKoUy9LzaBwiiFfBljzpYi8pdSNs/mf3t7eA5Xth16zadMH89pycvDpRy5/G9kD/
Y2QYWES12RvwtUZKTOXS531m1Qdbv9Hgp/DmmohEeQI8rr7LP8j8fKTGJFih4r8c
NNB4uetHr0TyVWdkOEPtYH2hUuhNskmaQf2zxnz7Iogiq4wY1fsIWLYGbQKv3m5N
UzcptDaaBUZsobqd80trLDbkNn3K0mImH6AdhKzfmRVnsez4Ly2CahxTKbdk5dNj
KIBaqsaLUe5cq5N0QGjkE2iuXNzSrGQWheNIdjuF9VFpg0lJ28pBOansc6lsrnaa
baWJcyRAtKyV23cArp17kcY=
-----END CERTIFICATE-----
Generated at Thu May 2 16:58:30 2024 by rpki-client on console-fra.rpki-client.org