Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS209854.roa
File: AS209854.roa (raw, json)
Hash identifier: VYWSYxV5Tl5NHB1WxDT4uaRASLl95h3ounNdd9yegs8=
Subject key identifier: B2:03:EF:67:5B:45:DC:6A:2E:22:AD:0D:F0:A8:3B:67:C1:FF:00:8C
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 2DEE64B106D63F4836FB6B57FB820C1429E777B5
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS209854.roa
Signing time: Thu 19 Sep 2024 09:36:59 +0000
ROA not before: Thu 19 Sep 2024 09:31:59 +0000
ROA not after: Thu 18 Sep 2025 09:36:59 +0000
asID: 209854
IP address blocks: 145.223.0.0/24 maxlen: 24
145.223.1.0/24 maxlen: 24
145.223.2.0/24 maxlen: 24
145.223.3.0/24 maxlen: 24
145.223.4.0/24 maxlen: 24
145.223.5.0/24 maxlen: 24
145.223.6.0/24 maxlen: 24
145.223.7.0/24 maxlen: 24
145.223.8.0/24 maxlen: 24
145.223.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:ee:64:b1:06:d6:3f:48:36:fb:6b:57:fb:82:0c:14:29:e7:77:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Sep 19 09:31:59 2024 GMT
Not After : Sep 18 09:36:59 2025 GMT
Subject: CN=B203EF675B45DC6A2E22AD0DF0A83B67C1FF008C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ce:04:83:56:ad:77:75:80:bd:52:2f:87:f3:
99:a5:42:19:e3:ec:45:a9:19:e3:47:71:61:97:68:
c2:1e:e3:22:fa:d9:cd:2c:4b:af:d1:19:c9:34:10:
8d:e8:12:32:8c:93:74:d8:8c:39:30:77:30:4b:17:
66:e8:2f:27:6a:75:6c:82:15:55:cf:8a:26:41:5a:
ee:a9:41:15:77:86:4b:e5:bb:8e:d6:47:b2:aa:a7:
3d:1a:5b:74:fc:50:21:e4:03:6c:e7:d2:62:18:88:
33:5f:d5:9a:b3:a3:4c:55:c9:90:c1:e8:0b:0e:fb:
e7:ed:ab:e7:4b:48:20:ae:20:a7:1d:fe:b6:24:1f:
be:f3:9d:18:9a:f3:ef:d5:d8:01:7a:ff:fd:07:5b:
23:7e:e3:06:56:bf:0f:da:d8:76:8e:bf:cd:87:76:
bc:fe:5d:14:50:f5:d4:a2:d5:3c:a3:96:0b:6b:02:
5d:d6:65:1e:8c:cb:f2:fb:bc:5a:4f:8a:47:fc:02:
93:58:a6:62:10:e6:d0:4e:eb:60:54:9d:c5:3e:5a:
f2:27:a2:58:e1:44:63:54:ee:3a:49:88:05:26:21:
5d:e4:60:e3:a0:a1:83:68:a5:22:1d:69:d2:7c:5d:
a2:8f:56:59:88:90:74:fd:53:35:0e:b6:2d:62:c4:
20:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:03:EF:67:5B:45:DC:6A:2E:22:AD:0D:F0:A8:3B:67:C1:FF:00:8C
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS209854.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.0.0-145.223.9.255
Signature Algorithm: sha256WithRSAEncryption
4d:41:9f:41:96:53:9d:03:22:9f:f7:80:09:08:28:9d:a7:b9:
76:5a:ce:26:28:98:5b:a6:ba:97:d1:ce:d8:61:60:3d:d9:97:
15:b7:94:a9:d6:80:88:82:e3:82:24:55:79:49:92:d2:b6:3d:
cc:a2:e5:40:ee:87:b9:26:f9:f9:2d:12:7a:d7:0d:30:76:fb:
59:ca:f4:3d:15:de:26:1d:25:ff:ea:1c:82:52:bd:97:61:e8:
0b:69:14:0b:69:b3:55:45:ac:be:df:47:ec:29:33:08:ce:f6:
2f:d5:aa:5c:f5:b8:0c:0b:4a:c8:78:5b:01:d8:6b:fe:a2:9f:
68:65:07:c1:18:d3:db:f1:74:0c:08:e4:7b:7b:51:9d:8c:57:
13:2c:73:b2:98:59:60:09:39:d4:74:28:65:5d:14:27:de:a7:
71:6e:2b:45:2b:f7:75:c6:98:f1:11:3f:cc:53:a2:c2:4c:e3:
78:2e:c8:06:b7:dc:41:f1:8a:a3:31:f4:f5:01:b7:98:36:27:
b4:9b:b9:1c:cb:ee:d1:00:47:e7:6b:fc:9c:a3:b9:18:46:0f:
ff:fb:9d:7d:03:cd:e9:61:1f:2c:cd:7b:0b:e4:46:49:4b:29:
1d:c3:a3:c5:28:08:d2:08:ef:e9:ac:bf:cb:e4:dc:68:ff:e4:
0f:47:fb:0e
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIULe5ksQbWP0g2+2tX+4IMFCnnd7UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA5MTkwOTMxNTlaFw0yNTA5MTgwOTM2NTlaMDMxMTAvBgNV
BAMTKEIyMDNFRjY3NUI0NURDNkEyRTIyQUQwREYwQTgzQjY3QzFGRjAwOEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtzgSDVq13dYC9Ui+H85mlQhnj
7EWpGeNHcWGXaMIe4yL62c0sS6/RGck0EI3oEjKMk3TYjDkwdzBLF2boLydqdWyC
FVXPiiZBWu6pQRV3hkvlu47WR7Kqpz0aW3T8UCHkA2zn0mIYiDNf1Zqzo0xVyZDB
6AsO++ftq+dLSCCuIKcd/rYkH77znRia8+/V2AF6//0HWyN+4wZWvw/a2HaOv82H
drz+XRRQ9dSi1TyjlgtrAl3WZR6My/L7vFpPikf8ApNYpmIQ5tBO62BUncU+WvIn
oljhRGNU7jpJiAUmIV3kYOOgoYNopSIdadJ8XaKPVlmIkHT9UzUOti1ixCBFAgMB
AAGjggIRMIICDTAdBgNVHQ4EFgQUsgPvZ1tF3GouIq0N8Kg7Z8H/AIwwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjA5ODU0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwCR
3wMEAZHfCDANBgkqhkiG9w0BAQsFAAOCAQEATUGfQZZTnQMin/eACQgonae5dlrO
JiiYW6a6l9HO2GFgPdmXFbeUqdaAiILjgiRVeUmS0rY9zKLlQO6HuSb5+S0SetcN
MHb7Wcr0PRXeJh0l/+ocglK9l2HoC2kUC2mzVUWsvt9H7CkzCM72L9WqXPW4DAtK
yHhbAdhr/qKfaGUHwRjT2/F0DAjke3tRnYxXEyxzsphZYAk51HQoZV0UJ96ncW4r
RSv3dcaY8RE/zFOiwkzjeC7IBrfcQfGKozH09QG3mDYntJu5HMvu0QBH52v8nKO5
GEYP//udfQPN6WEfLM17C+RGSUspHcOjxSgI0gjv6ay/y+TcaP/kD0f7Dg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:14:19 2024 by rpki-client on console-ams.rpki-client.org