Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: cqvWBEIh+J+RYUbgMiKzG5MpnrvskANtYR0e5zinz48=
Subject key identifier: 06:D9:79:46:D3:1F:B4:CC:6F:75:5D:BE:8B:26:34:9E:73:17:EE:93
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 59D6CCA9AA6E5DC3E79D5DCE0F66E1A03D01C99B
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa
Signing time: Sat 30 Nov 2024 00:00:19 +0000
ROA not before: Fri 29 Nov 2024 23:55:19 +0000
ROA not after: Sat 29 Nov 2025 00:00:19 +0000
asID: 16509
IP address blocks: 140.233.128.0/19 maxlen: 24
145.223.64.0/24 maxlen: 24
145.223.65.0/24 maxlen: 24
146.103.60.0/24 maxlen: 24
146.103.62.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 02:59:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:d6:cc:a9:aa:6e:5d:c3:e7:9d:5d:ce:0f:66:e1:a0:3d:01:c9:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Nov 29 23:55:19 2024 GMT
Not After : Nov 29 00:00:19 2025 GMT
Subject: CN=06D97946D31FB4CC6F755DBE8B26349E7317EE93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e9:f2:0a:87:76:46:20:97:5d:af:4f:81:e4:
90:9c:1e:2f:a3:06:21:f8:6a:4a:1d:88:6f:e3:08:
db:9c:d0:59:7c:e5:59:db:d8:15:cd:46:4b:55:d5:
80:f9:42:bc:e0:19:8b:2b:a7:59:1b:b3:d5:a2:a4:
8a:74:90:65:24:eb:3c:2a:92:91:b9:17:62:c1:e5:
13:43:e4:09:c1:f8:13:ab:9a:cb:4c:a4:3b:9f:7b:
df:6f:43:90:a3:b7:f2:a0:f7:b4:35:9b:d4:78:83:
d8:09:63:25:c8:51:ef:43:83:12:96:90:a3:ad:1b:
68:92:77:d9:ba:75:24:e5:e5:72:db:55:bd:b4:7c:
11:44:87:43:89:76:fc:f3:66:9e:83:e3:12:a8:2f:
7b:29:c9:85:62:ae:04:75:10:9f:e1:28:06:19:78:
2b:ed:a9:0a:98:94:cd:9d:e3:a0:d5:da:62:9d:ea:
5a:e7:b9:27:06:7f:5b:5c:f7:7f:fc:43:8a:c2:ce:
2b:b3:9e:d3:20:56:5c:78:de:5d:a2:aa:ce:6d:e6:
98:48:a4:88:ff:c4:0c:cc:13:16:f0:7c:75:3b:ab:
3c:d4:e5:b9:6e:bd:96:8d:17:f8:82:55:02:27:e0:
76:f2:b5:27:8f:ef:dd:0a:ee:9e:40:17:cc:62:9f:
94:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:D9:79:46:D3:1F:B4:CC:6F:75:5D:BE:8B:26:34:9E:73:17:EE:93
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.128.0/19
145.223.64.0/23
146.103.60.0/24
146.103.62.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:f1:b2:8c:aa:b8:e8:b2:54:e9:ac:21:46:bc:5c:29:c9:a3:
c1:10:59:df:bd:d0:a4:1c:f0:36:19:64:0f:74:a8:fe:6a:f5:
44:ff:01:a5:7d:d9:e5:b7:28:21:79:48:a2:13:dc:ba:22:6d:
38:05:89:46:4a:ea:5e:07:de:d0:f0:fa:75:52:00:19:63:49:
d4:72:83:59:67:33:9a:dd:25:c1:cc:f7:97:ae:29:13:a4:45:
08:12:77:2a:70:1c:44:4d:aa:66:99:4f:05:5d:5b:a5:45:33:
d7:c3:45:58:c9:e7:b4:6b:31:62:8d:3b:34:df:29:bc:56:01:
46:0b:4a:2b:e4:b1:18:f9:1a:40:0d:f4:de:18:16:9a:e2:91:
79:b5:0f:a6:73:90:c0:b6:ab:cf:68:da:3d:2d:62:21:2d:71:
f2:9a:d8:73:fc:d3:fd:ce:41:91:40:ad:81:85:58:f2:08:40:
aa:15:f9:c3:8a:da:7a:6b:53:17:a7:ee:0b:17:ca:fb:37:56:
1e:63:99:a3:b6:5c:d7:7c:61:45:5b:99:ef:04:bd:48:e9:0d:
e6:4e:5c:26:36:f2:00:30:81:0d:11:f2:c3:58:ae:89:a4:d1:
7c:5a:f4:0f:c6:54:83:8d:47:40:46:c5:c2:44:22:34:ed:0d:
be:c6:f1:5f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUWdbMqapuXcPnnV3OD2bhoD0ByZswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDExMjkyMzU1MTlaFw0yNTExMjkwMDAwMTlaMDMxMTAvBgNV
BAMTKDA2RDk3OTQ2RDMxRkI0Q0M2Rjc1NURCRThCMjYzNDlFNzMxN0VFOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC66fIKh3ZGIJddr0+B5JCcHi+j
BiH4akodiG/jCNuc0Fl85Vnb2BXNRktV1YD5QrzgGYsrp1kbs9WipIp0kGUk6zwq
kpG5F2LB5RND5AnB+BOrmstMpDufe99vQ5Cjt/Kg97Q1m9R4g9gJYyXIUe9DgxKW
kKOtG2iSd9m6dSTl5XLbVb20fBFEh0OJdvzzZp6D4xKoL3spyYVirgR1EJ/hKAYZ
eCvtqQqYlM2d46DV2mKd6lrnuScGf1tc93/8Q4rCziuzntMgVlx43l2iqs5t5phI
pIj/xAzMExbwfHU7qzzU5bluvZaNF/iCVQIn4HbytSeP790K7p5AF8xin5QpAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUBtl5RtMftMxvdV2+iyY0nnMX7pMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAWM6YAD
BAGR30ADBACSZzwDBAGSZz4wDQYJKoZIhvcNAQELBQADggEBACzxsoyquOiyVOms
IUa8XCnJo8EQWd+90KQc8DYZZA90qP5q9UT/AaV92eW3KCF5SKIT3LoibTgFiUZK
6l4H3tDw+nVSABljSdRyg1lnM5rdJcHM95euKROkRQgSdypwHERNqmaZTwVdW6VF
M9fDRVjJ57RrMWKNOzTfKbxWAUYLSivksRj5GkAN9N4YFprikXm1D6ZzkMC2q89o
2j0tYiEtcfKa2HP80/3OQZFArYGFWPIIQKoV+cOK2nprUxen7gsXyvs3Vh5jmaO2
XNd8YUVbme8EvUjpDeZOXCY28gAwgQ0R8sNYromk0Xxa9A/GVIONR0BGxcJEIjTt
Db7G8V8=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:11:56 2025 by rpki-client