Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214025.roa
File: AS214025.roa (raw, json)
Hash identifier: rxnQxyAyCe4pH+t47l0/d3R5EwVXmt3+fw6bJmzb890=
Subject key identifier: 36:0A:48:73:92:7B:81:0D:99:AB:5E:82:E6:85:44:CB:F8:32:30:13
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 580A1D6B47E4C7CA9CA46497A896EBC8B48D9174
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214025.roa
Signing time: Mon 28 Oct 2024 11:30:42 +0000
ROA not before: Mon 28 Oct 2024 11:25:42 +0000
ROA not after: Mon 27 Oct 2025 11:30:42 +0000
asID: 214025
IP address blocks: 140.233.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:0a:1d:6b:47:e4:c7:ca:9c:a4:64:97:a8:96:eb:c8:b4:8d:91:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 28 11:25:42 2024 GMT
Not After : Oct 27 11:30:42 2025 GMT
Subject: CN=360A4873927B810D99AB5E82E68544CBF8323013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:75:f8:12:73:8d:c6:bb:41:76:1b:ed:37:ab:
36:7f:f5:a4:18:4b:83:9f:6f:92:de:4b:d8:cd:0f:
be:b9:6b:18:59:76:c3:3d:c0:01:ef:15:a1:69:69:
84:a6:08:29:3a:95:36:3a:27:6a:53:aa:3b:32:c3:
a5:03:38:ec:be:a4:00:36:bd:95:c3:57:d8:da:0f:
a8:5d:06:1e:1f:95:f9:4b:ed:b6:e3:09:15:10:a1:
98:43:f7:2b:f3:49:bf:55:b1:89:f2:bc:49:aa:9c:
ac:c2:4c:62:1b:ed:2c:25:ff:ac:cf:cd:fe:89:90:
87:f5:49:79:f0:27:23:7b:38:ce:41:85:bb:50:cb:
f1:a2:b8:6c:ad:e3:5c:65:7d:77:ad:a8:5a:0c:26:
c2:d8:55:13:1a:66:7a:70:dc:d4:53:e8:06:0c:00:
2c:af:60:cc:00:bc:42:10:f4:1a:33:0e:a7:8a:cb:
35:b1:57:c5:9c:96:9d:30:28:2c:70:88:7c:87:79:
81:65:40:6c:51:7f:7d:fb:9a:78:1b:8b:20:ab:95:
4c:03:ea:d9:6f:cd:ea:bf:ab:06:4f:77:20:5d:78:
55:f9:da:b6:32:c8:2b:ed:c7:da:f3:40:ab:06:62:
93:f9:b9:29:23:43:e9:43:45:27:86:95:40:bd:1a:
6b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:0A:48:73:92:7B:81:0D:99:AB:5E:82:E6:85:44:CB:F8:32:30:13
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214025.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.185.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:0a:e7:12:43:27:67:b9:fe:b8:c5:97:44:f0:ec:47:e4:70:
53:16:db:71:cb:27:19:26:e6:c8:13:f8:8a:2b:85:ad:98:74:
ef:26:68:1a:8e:0a:14:95:4d:af:71:61:84:bc:a7:33:31:55:
d6:7f:6d:7b:8f:54:06:99:62:4e:fb:56:06:b0:ec:b9:97:f2:
84:f1:3f:cc:73:ec:c6:80:6b:3a:f4:01:1e:87:7d:5e:9e:f5:
5c:30:e8:3b:f8:82:eb:c2:f2:8e:bb:41:16:cd:7f:c8:7d:a8:
03:35:6c:95:ac:1f:61:da:59:a6:85:9a:2e:05:6d:47:27:f6:
49:40:e4:c7:9c:26:1a:70:36:d8:9c:1a:a7:a1:26:b8:7c:da:
e4:78:fc:65:5e:8b:ff:24:8e:86:6e:69:df:a7:6e:86:83:7a:
b2:e9:1d:f1:03:f6:3a:6b:a3:d0:b5:32:57:e0:a2:49:c9:0f:
70:39:79:fb:f1:08:4e:d1:d2:e5:66:36:54:63:ce:ae:c3:4e:
ef:db:cb:fe:b4:23:6b:d9:e3:04:d1:1c:48:c7:47:36:0b:ad:
21:2d:c5:9f:cb:36:9f:2a:a8:cb:b4:c9:78:b2:59:09:eb:d9:
40:ec:ff:0a:e1:f5:7c:2e:78:29:0f:c6:bb:22:c6:a9:18:91:
36:71:eb:2f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUWAoda0fkx8qcpGSXqJbryLSNkXQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDEwMjgxMTI1NDJaFw0yNTEwMjcxMTMwNDJaMDMxMTAvBgNV
BAMTKDM2MEE0ODczOTI3QjgxMEQ5OUFCNUU4MkU2ODU0NENCRjgzMjMwMTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAdfgSc43Gu0F2G+03qzZ/9aQY
S4Ofb5LeS9jND765axhZdsM9wAHvFaFpaYSmCCk6lTY6J2pTqjsyw6UDOOy+pAA2
vZXDV9jaD6hdBh4flflL7bbjCRUQoZhD9yvzSb9VsYnyvEmqnKzCTGIb7Swl/6zP
zf6JkIf1SXnwJyN7OM5BhbtQy/GiuGyt41xlfXetqFoMJsLYVRMaZnpw3NRT6AYM
ACyvYMwAvEIQ9BozDqeKyzWxV8Wclp0wKCxwiHyHeYFlQGxRf337mngbiyCrlUwD
6tlvzeq/qwZPdyBdeFX52rYyyCvtx9rzQKsGYpP5uSkjQ+lDRSeGlUC9GmuLAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUNgpIc5J7gQ2Zq16C5oVEy/gyMBMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjOm5
MA0GCSqGSIb3DQEBCwUAA4IBAQC7CucSQydnuf64xZdE8OxH5HBTFttxyycZJubI
E/iKK4WtmHTvJmgajgoUlU2vcWGEvKczMVXWf217j1QGmWJO+1YGsOy5l/KE8T/M
c+zGgGs69AEeh31envVcMOg7+ILrwvKOu0EWzX/IfagDNWyVrB9h2lmmhZouBW1H
J/ZJQOTHnCYacDbYnBqnoSa4fNrkePxlXov/JI6Gbmnfp26Gg3qy6R3xA/Y6a6PQ
tTJX4KJJyQ9wOXn78QhO0dLlZjZUY86uw07v28v+tCNr2eME0RxIx0c2C60hLcWf
yzafKqjLtMl4slkJ69lA7P8K4fV8LngpD8a7IsapGJE2cesv
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:14:19 2024 by rpki-client on console-ams.rpki-client.org