Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS204828.roa
File: AS204828.roa (raw, json)
Hash identifier: +W0Oslp/4Zpoj9qGBK2k5Vpl7QYEJC4ghtmN9iBlvBQ=
Subject key identifier: FC:62:F7:8C:7F:D3:46:C4:F1:72:44:DA:78:05:F8:58:9A:73:6D:46
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 4B3C42F02BBFE91A2243D6256D285C080EDA3074
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS204828.roa
Signing time: Wed 10 Jul 2024 16:11:07 +0000
ROA not before: Wed 10 Jul 2024 16:06:07 +0000
ROA not after: Wed 09 Jul 2025 16:11:07 +0000
asID: 204828
IP address blocks: 146.103.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:3c:42:f0:2b:bf:e9:1a:22:43:d6:25:6d:28:5c:08:0e:da:30:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 10 16:06:07 2024 GMT
Not After : Jul 9 16:11:07 2025 GMT
Subject: CN=FC62F78C7FD346C4F17244DA7805F8589A736D46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:48:0a:28:6a:63:b8:c4:7a:23:cb:02:54:00:
88:8b:c5:5d:eb:f0:56:a6:50:a8:23:f3:7d:78:49:
63:c3:c8:51:64:ea:eb:a1:38:6e:6b:08:45:25:26:
38:f2:79:76:eb:14:2d:c9:10:1b:e0:9d:0c:ad:a5:
0b:19:48:38:58:07:1f:63:70:ad:74:98:26:81:2b:
b0:38:4f:46:97:da:a9:6f:2c:3c:7a:ae:75:b4:17:
73:e7:37:31:41:e2:b1:03:94:b5:8c:20:36:55:52:
11:03:b9:64:9b:0a:1e:2c:fd:75:86:ac:dd:05:00:
77:38:4f:e8:11:4d:53:ef:c9:b1:da:a4:61:b8:f8:
d9:e2:b5:95:05:e3:45:f2:1d:a1:5e:9b:5b:10:cb:
91:5b:d6:83:6a:4b:f9:5e:fe:ce:ef:6a:0f:b8:9d:
b7:30:4f:9a:38:40:57:df:26:56:16:c6:1f:b0:3d:
58:46:1a:c4:20:76:98:00:65:d4:e1:31:b1:06:cb:
54:75:d4:e0:27:3c:15:40:68:1e:bb:57:15:40:da:
2b:8c:63:1e:9b:eb:24:dd:f2:40:dc:5f:f4:39:a9:
78:ea:3b:1b:be:ed:a5:9b:35:7c:4c:6b:8f:ab:d3:
61:59:6e:85:66:2a:1c:0c:11:f2:35:e6:2b:2e:39:
95:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:62:F7:8C:7F:D3:46:C4:F1:72:44:DA:78:05:F8:58:9A:73:6D:46
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS204828.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.103.52.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:16:b7:8e:65:3e:c9:44:c2:0f:c8:4f:a1:da:e3:53:48:4c:
89:46:4f:1e:bf:bf:8c:92:7c:8f:f5:1d:ba:c4:aa:dd:f5:3f:
ef:21:79:eb:a5:f6:14:f3:a5:d7:b7:ee:0c:3c:c2:f8:74:43:
6d:15:c1:c2:7f:67:40:48:9b:ab:bd:ae:84:e1:14:90:01:05:
bd:0b:e9:91:8a:4d:ab:fb:88:1d:c1:ab:ce:e3:4a:e4:d9:e8:
9b:a1:2e:cc:86:e6:63:44:57:fa:a7:9e:56:ed:1b:8b:52:6e:
30:7f:d3:e6:fc:fd:88:83:8b:68:2d:44:e4:be:f7:be:2e:30:
08:86:e5:74:48:31:89:e9:19:1d:5e:e8:2f:f1:56:25:26:e1:
46:a8:2f:84:b3:e4:94:86:5a:78:ab:e4:85:6c:fd:6c:f7:8f:
b5:5a:8a:00:62:ef:24:89:68:d9:f8:39:e6:f7:1b:c7:2d:81:
9c:84:84:0f:9e:1a:b3:7b:5d:55:88:e3:2a:be:9a:75:5e:47:
fd:30:0d:be:77:67:0c:42:a0:d4:8d:53:fd:e0:bf:00:c4:e6:
19:c1:8e:b4:06:33:3d:09:10:76:6e:78:38:50:5f:0d:cf:8f:
50:ee:95:64:15:31:5d:bd:fd:25:0d:f7:b0:79:ef:2c:e7:ef:
63:84:2f:57
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUSzxC8Cu/6RoiQ9YlbShcCA7aMHQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA3MTAxNjA2MDdaFw0yNTA3MDkxNjExMDdaMDMxMTAvBgNV
BAMTKEZDNjJGNzhDN0ZEMzQ2QzRGMTcyNDREQTc4MDVGODU4OUE3MzZENDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDESAooamO4xHojywJUAIiLxV3r
8FamUKgj8314SWPDyFFk6uuhOG5rCEUlJjjyeXbrFC3JEBvgnQytpQsZSDhYBx9j
cK10mCaBK7A4T0aX2qlvLDx6rnW0F3PnNzFB4rEDlLWMIDZVUhEDuWSbCh4s/XWG
rN0FAHc4T+gRTVPvybHapGG4+NnitZUF40XyHaFem1sQy5Fb1oNqS/le/s7vag+4
nbcwT5o4QFffJlYWxh+wPVhGGsQgdpgAZdThMbEGy1R11OAnPBVAaB67VxVA2iuM
Yx6b6yTd8kDcX/Q5qXjqOxu+7aWbNXxMa4+r02FZboVmKhwMEfI15isuOZW1AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU/GL3jH/TRsTxckTaeAX4WJpzbUYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjA0ODI4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkmc0
MA0GCSqGSIb3DQEBCwUAA4IBAQA6FreOZT7JRMIPyE+h2uNTSEyJRk8ev7+MknyP
9R26xKrd9T/vIXnrpfYU86XXt+4MPML4dENtFcHCf2dASJurva6E4RSQAQW9C+mR
ik2r+4gdwavO40rk2eiboS7MhuZjRFf6p55W7RuLUm4wf9Pm/P2Ig4toLUTkvve+
LjAIhuV0SDGJ6RkdXugv8VYlJuFGqC+Es+SUhlp4q+SFbP1s94+1WooAYu8kiWjZ
+Dnm9xvHLYGchIQPnhqze11ViOMqvpp1Xkf9MA2+d2cMQqDUjVP94L8AxOYZwY60
BjM9CRB2bng4UF8Nz49Q7pVkFTFdvf0lDfewee8s5+9jhC9X
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:14:19 2024 by rpki-client on console-ams.rpki-client.org