Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS199737.roa
File: AS199737.roa (raw, json)
Hash identifier: 4l0yDTkRKuNpAoLheJ6/zrcdSAarj82qBDsz0OXN6wg=
Subject key identifier: 90:16:EF:06:29:65:7A:F4:97:33:5B:24:C6:69:5E:40:E5:29:76:A6
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7CBB16C3DB7B82EF13661689A148062C44D7A5AB
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS199737.roa
Signing time: Wed 05 Jun 2024 12:53:37 +0000
ROA not before: Wed 05 Jun 2024 12:48:37 +0000
ROA not after: Wed 04 Jun 2025 12:53:37 +0000
asID: 199737
IP address blocks: 146.103.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:bb:16:c3:db:7b:82:ef:13:66:16:89:a1:48:06:2c:44:d7:a5:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 5 12:48:37 2024 GMT
Not After : Jun 4 12:53:37 2025 GMT
Subject: CN=9016EF0629657AF497335B24C6695E40E52976A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0e:19:26:52:33:a3:0c:36:4b:f3:2f:04:6f:
52:9a:2c:44:d0:04:89:b4:de:5a:10:60:5d:9d:4a:
2f:e9:29:e1:b2:32:ec:6b:b2:95:e0:1d:36:e9:85:
a4:fb:a9:1f:39:e0:88:6b:64:6c:f4:aa:f9:64:6d:
4d:e5:10:41:0c:bc:07:e0:b2:6e:f2:26:7e:69:d6:
ab:5e:38:00:e0:d0:33:d7:23:8d:13:1c:51:d1:75:
1c:2d:0e:96:10:9b:d8:c3:c6:65:c5:45:c3:df:02:
72:12:6c:d1:78:48:49:ab:ae:89:ec:00:2c:de:56:
fa:ad:9c:58:af:20:08:c8:c3:dd:05:ec:9a:6f:5b:
8f:5b:99:92:5d:65:db:9a:ce:fa:ac:53:6c:68:56:
39:c6:e5:76:ca:8c:78:19:22:7d:d9:4f:dd:51:80:
c8:09:84:fe:64:88:4e:69:a0:0f:9f:f1:10:08:5b:
3f:5b:06:6b:0e:ae:3b:1c:37:61:14:44:78:ed:ea:
2f:fa:18:24:92:7e:e6:ed:a5:15:f0:a0:78:c6:85:
87:c8:70:d7:f2:19:e9:a5:d5:72:95:42:ce:4f:7f:
2d:61:96:78:d7:e0:1d:5e:6c:2b:49:16:89:95:90:
9a:cd:5d:eb:58:b7:81:dc:c0:f1:ee:7f:d1:46:0b:
79:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:16:EF:06:29:65:7A:F4:97:33:5B:24:C6:69:5E:40:E5:29:76:A6
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS199737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.103.61.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:e3:01:f4:18:08:21:ff:e6:23:0f:9d:20:f6:65:44:a4:76:
c1:e3:ee:ba:d9:10:cc:dc:fa:81:1f:6d:25:20:32:47:38:e0:
31:e9:3a:ec:9a:1e:e8:fd:68:94:22:e6:7f:07:15:00:06:5b:
eb:cc:71:50:e8:f5:8f:dd:cd:bc:a4:e2:77:e9:62:56:5a:23:
d4:4b:40:69:79:77:53:24:e5:cf:75:22:6b:91:f3:f3:e0:30:
a7:bb:1b:73:a6:ec:1f:94:71:86:13:3a:16:14:9b:a0:0e:dc:
3d:24:44:3a:33:57:9f:ec:e7:b1:17:d8:55:e8:ca:90:9c:44:
0c:57:36:04:42:b4:ec:0b:cb:ad:7b:55:8b:b2:10:bd:46:29:
c4:a3:04:37:18:8b:6c:70:d5:da:31:4c:96:2f:42:57:bd:ed:
09:bd:71:d8:fb:ea:f9:fe:dc:f9:f7:65:81:a8:5c:d4:1b:3e:
63:2c:af:3f:f2:42:4a:92:e0:a9:28:e9:83:2d:ab:a0:71:99:
1a:5b:2a:27:67:e4:bc:6c:e7:b4:d4:5f:b1:c9:87:aa:74:e8:
ad:aa:8b:85:83:8c:ae:75:18:ea:30:f7:bf:3a:0b:75:47:98:
f1:12:69:57:28:f4:e4:16:1e:9a:80:43:24:6a:b8:3a:ed:b5:
15:97:b8:33
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUfLsWw9t7gu8TZhaJoUgGLETXpaswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA2MDUxMjQ4MzdaFw0yNTA2MDQxMjUzMzdaMDMxMTAvBgNV
BAMTKDkwMTZFRjA2Mjk2NTdBRjQ5NzMzNUIyNEM2Njk1RTQwRTUyOTc2QTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4DhkmUjOjDDZL8y8Eb1KaLETQ
BIm03loQYF2dSi/pKeGyMuxrspXgHTbphaT7qR854IhrZGz0qvlkbU3lEEEMvAfg
sm7yJn5p1qteOADg0DPXI40THFHRdRwtDpYQm9jDxmXFRcPfAnISbNF4SEmrrons
ACzeVvqtnFivIAjIw90F7JpvW49bmZJdZduazvqsU2xoVjnG5XbKjHgZIn3ZT91R
gMgJhP5kiE5poA+f8RAIWz9bBmsOrjscN2EURHjt6i/6GCSSfubtpRXwoHjGhYfI
cNfyGeml1XKVQs5Pfy1hlnjX4B1ebCtJFomVkJrNXetYt4HcwPHuf9FGC3mlAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUkBbvBillevSXM1skxmleQOUpdqYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTk5NzM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkmc9
MA0GCSqGSIb3DQEBCwUAA4IBAQAM4wH0GAgh/+YjD50g9mVEpHbB4+662RDM3PqB
H20lIDJHOOAx6Trsmh7o/WiUIuZ/BxUABlvrzHFQ6PWP3c28pOJ36WJWWiPUS0Bp
eXdTJOXPdSJrkfPz4DCnuxtzpuwflHGGEzoWFJugDtw9JEQ6M1ef7OexF9hV6MqQ
nEQMVzYEQrTsC8ute1WLshC9RinEowQ3GItscNXaMUyWL0JXve0JvXHY++r5/tz5
92WBqFzUGz5jLK8/8kJKkuCpKOmDLaugcZkaWyonZ+S8bOe01F+xyYeqdOitqouF
g4yudRjqMPe/Ogt1R5jxEmlXKPTkFh6agEMkarg67bUVl7gz
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:14:19 2024 by rpki-client on console-ams.rpki-client.org