Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: 0tjUxZEZkZg9mhBIP75Ji5xmhNCoAE+RXv0yjMFBeLs=
Subject key identifier: 07:E3:6B:B3:D3:4A:F9:46:CE:66:0A:6E:46:68:9C:B4:28:2A:2D:19
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 2B04E8C84B4CF246EB2251BFE00A8C6268DDA9A8
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
Signing time: Mon 13 May 2024 03:24:07 +0000
ROA not before: Mon 13 May 2024 03:19:07 +0000
ROA not after: Mon 12 May 2025 03:24:07 +0000
asID: 212238
IP address blocks: 140.233.166.0/23 maxlen: 23
140.233.176.0/23 maxlen: 24
140.233.178.0/23 maxlen: 24
140.233.184.0/22 maxlen: 22
140.233.188.0/23 maxlen: 24
146.103.10.0/24 maxlen: 24
146.103.45.0/24 maxlen: 24
147.79.2.0/23 maxlen: 23
147.79.52.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:04:e8:c8:4b:4c:f2:46:eb:22:51:bf:e0:0a:8c:62:68:dd:a9:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 13 03:19:07 2024 GMT
Not After : May 12 03:24:07 2025 GMT
Subject: CN=07E36BB3D34AF946CE660A6E46689CB4282A2D19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:14:22:dc:69:01:15:e6:7e:57:b5:50:4a:26:
12:6c:d6:5a:4f:d9:5e:97:06:f7:20:eb:6d:66:6a:
54:a7:89:d8:86:43:b9:4c:cb:3e:ae:24:32:a2:d3:
55:c6:93:f0:58:30:01:4f:7b:b7:7b:e2:45:d6:9b:
7a:b5:20:3d:5b:87:1a:47:67:94:56:db:4a:3f:ae:
80:dc:f6:e1:84:51:26:0f:19:4e:e4:e4:1a:4a:33:
09:aa:ed:b0:d7:e2:b2:8f:04:5b:1f:21:8f:0c:7b:
cc:f1:5d:1d:5a:75:e7:d7:8c:e7:6e:8f:a4:98:e0:
16:8a:46:22:a9:d5:d2:2a:fb:a5:a7:88:b1:95:47:
0a:d6:74:3c:66:8c:75:46:b7:2e:4e:2b:ac:2f:63:
15:db:cd:f5:f9:02:a6:70:8a:ab:5d:da:6a:c6:b3:
53:ce:94:d0:e8:c1:16:7c:16:d8:56:d1:18:d4:e7:
22:27:29:80:d0:f5:5f:ba:6a:06:0d:c4:a7:0d:29:
9c:05:b7:04:16:b6:3c:e2:d6:14:04:8e:31:3a:a4:
40:3c:0a:4f:6c:a1:4a:8d:ad:ee:b8:05:18:f8:cb:
b1:de:b1:80:bb:4e:42:af:a5:54:fa:83:9d:33:20:
af:66:9a:27:ae:09:b5:fd:a7:1a:9f:46:34:3b:0d:
db:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:E3:6B:B3:D3:4A:F9:46:CE:66:0A:6E:46:68:9C:B4:28:2A:2D:19
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.166.0/23
140.233.176.0/22
140.233.184.0-140.233.189.255
146.103.10.0/24
146.103.45.0/24
147.79.2.0/23
147.79.52.0/22
Signature Algorithm: sha256WithRSAEncryption
98:80:70:4b:d0:7c:f9:f2:b6:04:6f:7a:63:55:c5:e4:a8:82:
3f:dd:e9:42:27:e3:74:f2:08:18:eb:9d:e4:59:bf:4e:93:32:
ab:f6:4e:87:e8:ae:64:c8:1a:8a:f6:56:ec:a4:de:fb:a9:43:
9e:db:8e:05:e3:f4:a5:66:5f:34:4b:ce:7a:b7:bb:23:ce:4a:
6b:fc:69:5e:34:11:50:33:19:cf:ce:3c:60:0d:a8:9e:bb:61:
90:5c:0a:57:44:19:f7:9e:5b:05:54:9d:47:f7:7f:4b:49:3f:
a3:7e:49:7b:d0:61:36:1e:f7:4f:49:02:11:49:85:7c:74:b0:
5f:e6:f8:ac:3d:03:d5:72:93:4f:a7:e7:e6:01:1e:fb:fa:e2:
c2:a2:31:94:3a:e1:81:6a:4f:a8:96:01:f6:94:dc:79:c8:35:
fe:49:47:da:21:de:08:4b:e7:94:9b:58:dc:15:05:18:8f:8a:
94:12:e6:6c:b9:ef:12:2b:67:02:c3:a6:95:56:15:c4:a3:c6:
bc:7d:01:21:62:e3:db:ba:91:d8:68:1b:c5:b8:a5:20:1e:ef:
09:b6:3a:ea:9c:cf:ee:9c:12:05:52:33:b8:a8:21:77:9d:0d:
19:e2:97:a1:94:8f:79:9e:cf:57:f1:c1:26:66:8e:ec:ab:ea:
cc:bc:00:e6
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUKwToyEtM8kbrIlG/4AqMYmjdqagwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA1MTMwMzE5MDdaFw0yNTA1MTIwMzI0MDdaMDMxMTAvBgNV
BAMTKDA3RTM2QkIzRDM0QUY5NDZDRTY2MEE2RTQ2Njg5Q0I0MjgyQTJEMTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHFCLcaQEV5n5XtVBKJhJs1lpP
2V6XBvcg621malSnidiGQ7lMyz6uJDKi01XGk/BYMAFPe7d74kXWm3q1ID1bhxpH
Z5RW20o/roDc9uGEUSYPGU7k5BpKMwmq7bDX4rKPBFsfIY8Me8zxXR1adefXjOdu
j6SY4BaKRiKp1dIq+6WniLGVRwrWdDxmjHVGty5OK6wvYxXbzfX5AqZwiqtd2mrG
s1POlNDowRZ8FthW0RjU5yInKYDQ9V+6agYNxKcNKZwFtwQWtjzi1hQEjjE6pEA8
Ck9soUqNre64BRj4y7HesYC7TkKvpVT6g50zIK9mmieuCbX9pxqfRjQ7DdvzAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUB+Nrs9NK+UbOZgpuRmictCgqLRkwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBjOmm
AwQCjOmwMAwDBAOM6bgDBAGM6bwDBACSZwoDBACSZy0DBAGTTwIDBAKTTzQwDQYJ
KoZIhvcNAQELBQADggEBAJiAcEvQfPnytgRvemNVxeSogj/d6UIn43TyCBjrneRZ
v06TMqv2ToformTIGor2Vuyk3vupQ57bjgXj9KVmXzRLznq3uyPOSmv8aV40EVAz
Gc/OPGANqJ67YZBcCldEGfeeWwVUnUf3f0tJP6N+SXvQYTYe909JAhFJhXx0sF/m
+Kw9A9Vyk0+n5+YBHvv64sKiMZQ64YFqT6iWAfaU3HnINf5JR9oh3ghL55SbWNwV
BRiPipQS5my57xIrZwLDppVWFcSjxrx9ASFi49u6kdhoG8W4pSAe7wm2Ouqcz+6c
EgVSM7ioIXedDRnil6GUj3mez1fxwSZmjuyr6sy8AOY=
-----END CERTIFICATE-----
Generated at Wed May 29 05:14:39 2024 by rpki-client on console-ams.rpki-client.org