Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212150.roa
File: AS212150.roa (raw, json)
Hash identifier: kSP1O/mTZI7Puu0qq2KR4Le91+MyOhghgBUv9O/PQgA=
Subject key identifier: 99:0B:58:B8:C5:1A:2D:7D:8F:F4:DD:8D:B7:4D:87:58:3E:0B:6C:8C
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 262EEB226EC3089FB1AB71EBEE7140421618CA9D
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212150.roa
Signing time: Mon 13 Jan 2025 17:23:12 +0000
ROA not before: Mon 13 Jan 2025 17:18:12 +0000
ROA not after: Mon 12 Jan 2026 17:23:12 +0000
asID: 212150
IP address blocks: 150.241.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:2e:eb:22:6e:c3:08:9f:b1:ab:71:eb:ee:71:40:42:16:18:ca:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jan 13 17:18:12 2025 GMT
Not After : Jan 12 17:23:12 2026 GMT
Subject: CN=990B58B8C51A2D7D8FF4DD8DB74D87583E0B6C8C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:92:64:f9:3b:69:14:43:4c:1e:3a:dd:d2:29:
fa:2a:f2:96:d0:f7:1b:62:3d:9b:22:97:7c:8b:60:
a7:38:e3:b0:d4:00:21:08:0c:4d:26:58:ce:a4:54:
01:9f:ae:b8:f6:3c:d4:be:72:b0:c9:ae:a4:82:1b:
8a:74:c2:51:e0:19:6d:a4:84:51:56:2d:5f:6e:3e:
d9:6b:ad:7d:14:e4:b4:24:2a:53:12:0e:b5:77:52:
91:60:5a:bf:4d:48:d2:e2:40:b0:ff:3f:7b:31:4b:
83:06:41:b3:4a:70:dd:bc:55:d0:e8:ce:19:ae:f8:
64:12:8c:e1:84:8d:7c:cc:8e:4a:79:ff:af:29:fc:
4a:cb:e0:c2:f4:4b:18:cc:0a:94:d1:82:14:ac:6f:
05:09:c5:50:65:e5:bf:6a:c2:d2:67:16:54:ba:d9:
6a:91:60:9b:cd:60:cb:44:02:03:24:7d:05:4f:66:
86:5c:f8:dd:51:81:04:27:0c:c9:d7:fc:64:6e:95:
45:19:9e:bc:72:12:31:ce:59:a5:93:60:21:f0:91:
58:90:49:cb:95:2c:08:19:20:e5:82:5c:57:fd:aa:
43:e5:59:66:df:10:0a:d2:19:c0:28:9b:a3:6f:af:
87:20:f4:1a:76:a6:2c:89:1b:0b:cf:c7:a4:c9:26:
8e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:0B:58:B8:C5:1A:2D:7D:8F:F4:DD:8D:B7:4D:87:58:3E:0B:6C:8C
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212150.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.241.198.0/24
Signature Algorithm: sha256WithRSAEncryption
78:82:15:9e:c5:5d:3e:96:b8:e5:95:5d:4a:42:ec:21:3b:97:
34:70:e4:d3:f5:37:af:d1:85:64:95:31:d4:78:8b:de:ad:73:
a5:3f:ea:3b:25:86:78:96:8c:7a:c6:22:9f:55:ea:78:ec:8a:
bc:62:c8:f9:95:2d:74:ea:01:3b:77:7f:0e:0d:b5:ce:55:06:
7a:97:b2:0e:a1:e5:d8:69:11:10:4c:5e:2d:0d:5a:60:11:5e:
22:e4:3d:3e:05:19:5f:15:d4:ac:90:43:72:f4:c2:8b:ad:24:
00:7a:6a:c8:a9:3f:a5:18:f6:e8:a0:0d:ce:8f:00:18:9e:73:
38:36:f5:82:fb:16:44:05:fb:d9:e7:c7:d2:e8:ca:c0:3f:12:
b5:29:02:f1:de:33:15:50:f5:15:17:ee:25:19:12:ad:1d:0a:
4c:ee:9c:a6:e5:8d:52:40:43:a4:e7:c8:ee:cd:3b:fd:e8:2e:
de:8e:27:fc:28:bb:cd:d6:a5:aa:e2:35:4c:ea:9e:40:49:59:
58:f8:8d:52:c6:97:64:70:7f:50:66:b8:fb:00:a8:0b:b9:4d:
59:eb:1d:da:7f:a8:9c:d2:92:b9:8b:ea:c0:66:85:df:6b:42:
b2:4a:47:a0:f9:be:f6:ff:c4:cf:48:3c:52:fd:13:17:45:7c:
4b:40:79:9a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUJi7rIm7DCJ+xq3Hr7nFAQhYYyp0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAxMTMxNzE4MTJaFw0yNjAxMTIxNzIzMTJaMDMxMTAvBgNV
BAMTKDk5MEI1OEI4QzUxQTJEN0Q4RkY0REQ4REI3NEQ4NzU4M0UwQjZDOEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbkmT5O2kUQ0weOt3SKfoq8pbQ
9xtiPZsil3yLYKc447DUACEIDE0mWM6kVAGfrrj2PNS+crDJrqSCG4p0wlHgGW2k
hFFWLV9uPtlrrX0U5LQkKlMSDrV3UpFgWr9NSNLiQLD/P3sxS4MGQbNKcN28VdDo
zhmu+GQSjOGEjXzMjkp5/68p/ErL4ML0SxjMCpTRghSsbwUJxVBl5b9qwtJnFlS6
2WqRYJvNYMtEAgMkfQVPZoZc+N1RgQQnDMnX/GRulUUZnrxyEjHOWaWTYCHwkViQ
ScuVLAgZIOWCXFf9qkPlWWbfEArSGcAom6Nvr4cg9Bp2piyJGwvPx6TJJo5rAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUmQtYuMUaLX2P9N2Nt02HWD4LbIwwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEyMTUwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAlvHG
MA0GCSqGSIb3DQEBCwUAA4IBAQB4ghWexV0+lrjllV1KQuwhO5c0cOTT9Tev0YVk
lTHUeIverXOlP+o7JYZ4lox6xiKfVep47Iq8Ysj5lS106gE7d38ODbXOVQZ6l7IO
oeXYaREQTF4tDVpgEV4i5D0+BRlfFdSskENy9MKLrSQAemrIqT+lGPbooA3OjwAY
nnM4NvWC+xZEBfvZ58fS6MrAPxK1KQLx3jMVUPUVF+4lGRKtHQpM7pym5Y1SQEOk
58juzTv96C7ejif8KLvN1qWq4jVM6p5ASVlY+I1SxpdkcH9QZrj7AKgLuU1Z6x3a
f6ic0pK5i+rAZoXfa0KySkeg+b72/8TPSDxS/RMXRXxLQHma
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:30:03 2025 by rpki-client