Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: BY7W0A3tZjgPIpRP7rMySZ9kWGICNodJ/FdSwJa4xz8=
Subject key identifier: C9:9D:B3:EB:A3:53:E9:7B:84:9B:E5:85:9D:50:C1:1E:A7:B0:89:70
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 65B4A12F648AE8411AB0D831E86C93939E066DCB
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
Signing time: Mon 18 Nov 2024 09:39:57 +0000
ROA not before: Mon 18 Nov 2024 09:34:57 +0000
ROA not after: Mon 17 Nov 2025 09:39:57 +0000
asID: 212238
IP address blocks: 140.233.176.0/23 maxlen: 24
140.233.178.0/23 maxlen: 24
140.233.188.0/23 maxlen: 24
146.103.10.0/24 maxlen: 24
146.103.45.0/24 maxlen: 24
148.135.192.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:b4:a1:2f:64:8a:e8:41:1a:b0:d8:31:e8:6c:93:93:9e:06:6d:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Nov 18 09:34:57 2024 GMT
Not After : Nov 17 09:39:57 2025 GMT
Subject: CN=C99DB3EBA353E97B849BE5859D50C11EA7B08970
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6c:7e:fa:54:4a:f6:f9:79:1f:d7:30:f2:2b:
93:1b:e0:b7:3f:f3:4c:26:d9:bd:92:93:1a:23:47:
5a:0c:13:90:cc:ab:e3:bf:eb:1f:09:57:5b:7d:30:
64:6a:49:e5:02:3d:6a:f2:78:b1:d7:2d:6c:5a:f8:
5a:be:49:65:67:a6:80:2e:8e:17:2e:85:ba:d6:f6:
39:1c:f8:df:9e:3e:ce:e9:05:43:7f:19:eb:3f:6d:
97:48:b4:bb:78:4c:a3:9a:df:17:49:d7:16:a1:1d:
e6:6b:6d:d0:39:56:b6:94:3e:c2:8b:1d:04:a7:4c:
7a:9c:99:2d:d3:43:02:e3:ae:0c:d3:86:a3:94:93:
53:e2:e3:83:15:d7:52:fc:87:55:bc:d7:e1:0e:fd:
7a:17:dc:55:72:0d:d8:4e:0e:b4:69:e3:6c:62:09:
9a:57:60:dc:ed:e4:7c:0b:e5:24:a2:68:cb:43:58:
e6:59:3c:ca:5f:b2:de:90:da:8e:5d:58:f8:dd:1f:
2d:ea:eb:87:ac:97:c0:f9:fb:72:61:10:ed:8e:24:
47:58:ed:54:20:43:14:d1:7a:dd:97:f0:0b:3a:1b:
dd:1b:36:2e:bf:69:e5:a2:b4:bc:cf:9a:38:05:16:
e2:5b:a8:18:76:9b:81:a4:f6:60:28:b3:52:3c:93:
0c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:9D:B3:EB:A3:53:E9:7B:84:9B:E5:85:9D:50:C1:1E:A7:B0:89:70
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.176.0/22
140.233.188.0/23
146.103.10.0/24
146.103.45.0/24
148.135.192.0/22
Signature Algorithm: sha256WithRSAEncryption
75:3d:e9:dd:90:d0:07:3a:a7:a2:8c:99:02:66:a9:90:a9:4f:
64:f9:17:6a:9d:15:9b:5b:c8:32:54:42:4c:ce:7c:4f:c9:94:
fd:3c:b6:20:a7:52:a1:e4:e4:81:2e:4a:e3:4f:d0:18:b8:24:
37:dc:c8:02:c0:3e:a0:07:9a:77:40:f6:c8:62:b7:63:fc:f4:
6c:88:c3:9a:41:52:99:d4:a7:4a:c5:fd:19:b7:3b:44:54:4e:
ec:9c:8b:fc:6c:e6:9b:d5:42:95:2d:10:83:9b:ca:51:92:04:
07:fc:ca:c4:eb:8b:c2:bd:66:e2:53:28:8c:d7:ea:e3:04:c3:
ac:70:8d:1e:bb:b0:7e:fc:4a:d0:57:1d:39:64:df:55:a8:d9:
90:90:6a:f0:41:88:e7:07:ce:56:ae:d2:13:c4:ca:c7:79:0d:
48:22:96:27:0f:b9:46:a9:ee:5d:57:61:32:30:92:de:7e:50:
b1:f1:30:89:af:b5:19:be:78:9d:6d:78:38:57:84:f2:ec:ca:
c1:16:61:4d:d5:e9:df:46:bf:0d:75:51:73:35:e1:fd:0c:9a:
95:b4:68:a0:a9:55:b3:ff:3b:90:d8:ac:d0:27:46:e5:71:3f:
a6:83:ad:cf:6a:9d:59:67:e4:8a:2f:48:0c:26:27:d6:f8:59:
19:cc:49:82
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUZbShL2SK6EEasNgx6GyTk54GbcswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDExMTgwOTM0NTdaFw0yNTExMTcwOTM5NTdaMDMxMTAvBgNV
BAMTKEM5OURCM0VCQTM1M0U5N0I4NDlCRTU4NTlENTBDMTFFQTdCMDg5NzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvbH76VEr2+Xkf1zDyK5Mb4Lc/
80wm2b2SkxojR1oME5DMq+O/6x8JV1t9MGRqSeUCPWryeLHXLWxa+Fq+SWVnpoAu
jhcuhbrW9jkc+N+ePs7pBUN/Ges/bZdItLt4TKOa3xdJ1xahHeZrbdA5VraUPsKL
HQSnTHqcmS3TQwLjrgzThqOUk1Pi44MV11L8h1W81+EO/XoX3FVyDdhODrRp42xi
CZpXYNzt5HwL5SSiaMtDWOZZPMpfst6Q2o5dWPjdHy3q64esl8D5+3JhEO2OJEdY
7VQgQxTRet2X8As6G90bNi6/aeWitLzPmjgFFuJbqBh2m4Gk9mAos1I8kwxrAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUyZ2z66NT6XuEm+WFnVDBHqewiXAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCjOmw
AwQBjOm8AwQAkmcKAwQAkmctAwQClIfAMA0GCSqGSIb3DQEBCwUAA4IBAQB1Pend
kNAHOqeijJkCZqmQqU9k+RdqnRWbW8gyVEJMznxPyZT9PLYgp1Kh5OSBLkrjT9AY
uCQ33MgCwD6gB5p3QPbIYrdj/PRsiMOaQVKZ1KdKxf0ZtztEVE7snIv8bOab1UKV
LRCDm8pRkgQH/MrE64vCvWbiUyiM1+rjBMOscI0eu7B+/ErQVx05ZN9VqNmQkGrw
QYjnB85WrtITxMrHeQ1IIpYnD7lGqe5dV2EyMJLeflCx8TCJr7UZvnidbXg4V4Ty
7MrBFmFN1enfRr8NdVFzNeH9DJqVtGigqVWz/zuQ2KzQJ0blcT+mg63Pap1ZZ+SK
L0gMJifW+FkZzEmC
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:50:40 2024 by rpki-client on console-ams.rpki-client.org