Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS396356.roa
File: AS396356.roa (raw, json)
Hash identifier: sy6R/KSobC1agDOUelJPsv0pWrjXO1uFnWDI1uYfUVI=
Subject key identifier: CB:57:B7:89:43:18:2D:4B:5A:61:B8:7D:35:5F:61:D4:50:6C:6C:0C
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3BE61655DC717579187DF71CC1450BE3DA5BFB1A
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS396356.roa
Signing time: Wed 16 Oct 2024 17:02:40 +0000
ROA not before: Wed 16 Oct 2024 16:57:40 +0000
ROA not after: Wed 15 Oct 2025 17:02:40 +0000
asID: 396356
IP address blocks: 145.223.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:e6:16:55:dc:71:75:79:18:7d:f7:1c:c1:45:0b:e3:da:5b:fb:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 16 16:57:40 2024 GMT
Not After : Oct 15 17:02:40 2025 GMT
Subject: CN=CB57B78943182D4B5A61B87D355F61D4506C6C0C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:fb:90:e0:97:5c:7f:89:21:f4:87:ba:cb:d7:
e2:6f:3f:ad:9f:a9:4c:06:e2:5f:c6:6f:3b:d9:f5:
33:1b:f5:67:fc:f5:68:98:b6:9f:9c:79:39:7a:ca:
7d:a8:4b:f0:20:93:b1:54:42:a5:be:96:6c:0d:2e:
d9:ea:a6:58:e1:a9:d9:90:14:5f:8c:35:27:18:aa:
02:49:47:c3:2e:f9:60:2e:7c:64:0e:e4:3b:a0:19:
d8:b7:bc:c3:5d:df:05:29:b5:41:d5:b8:5f:2e:e3:
14:9d:68:65:93:8a:1d:33:24:21:5f:4a:96:7d:5c:
ca:b2:91:13:e7:b7:50:4c:e7:92:48:28:2f:51:a4:
35:24:13:5c:03:89:2a:8a:82:43:df:6a:17:cf:7f:
19:31:a9:7d:fe:a2:05:8a:e2:95:b3:91:0b:bb:77:
d5:97:c2:2d:9b:89:d5:0b:cf:33:fd:72:48:28:bb:
8b:21:6d:84:1e:66:06:cc:ec:2d:c4:4e:1f:b1:01:
2a:a9:40:f0:aa:74:7d:eb:5e:0b:1d:2a:2b:66:1f:
5a:27:cd:a8:9c:0b:9b:46:83:40:03:2c:f9:9d:56:
ea:fd:dc:5b:94:1d:30:19:bb:d6:16:a8:08:20:55:
ce:e8:bc:52:57:5b:ad:3f:b1:a8:5a:bc:f2:5a:9c:
69:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:57:B7:89:43:18:2D:4B:5A:61:B8:7D:35:5F:61:D4:50:6C:6C:0C
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS396356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.40.0/24
Signature Algorithm: sha256WithRSAEncryption
87:a0:5e:39:e4:b6:37:e4:58:87:bf:e0:d5:4e:8c:18:e7:fd:
0e:de:44:62:1c:69:96:8f:8d:8d:78:c1:28:31:42:4f:10:0f:
7d:48:a9:d2:3a:d3:96:a0:eb:6f:e2:d3:08:23:d8:ed:32:67:
44:a3:52:fb:dd:47:a0:c4:11:8b:b1:22:27:ab:82:a6:e8:1f:
fb:d2:25:06:7b:77:94:5f:42:8c:8a:68:2d:f0:8c:04:ca:b9:
0b:6b:8a:f0:49:78:71:b8:f2:28:1c:20:ee:9c:40:8f:51:7b:
a3:32:3f:94:17:29:50:71:8e:ab:0b:fe:07:92:08:42:9c:b9:
c4:fd:cc:6f:da:6b:1a:d1:e8:c3:0b:39:ae:e9:72:8c:dd:3c:
a8:63:b7:5e:d9:cc:6b:f1:ed:8b:38:6c:d6:f0:54:f9:b9:b9:
d7:2f:1e:58:97:a3:ae:bc:9c:81:a1:a3:96:fa:77:ea:32:17:
b7:49:dc:67:0a:c5:2f:b0:e8:0b:2e:d0:4f:47:d0:b0:d9:19:
51:c2:ed:3b:2f:28:3b:90:24:cc:4f:74:9e:1a:0e:66:d0:cc:
8e:69:ae:30:b1:96:fb:65:0d:fb:cd:31:2f:4f:a4:74:35:ec:
2f:e7:4f:9d:f2:9b:ea:65:70:53:f6:a5:4d:67:0f:70:54:ad:
86:7f:aa:cb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUO+YWVdxxdXkYffccwUUL49pb+xowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDEwMTYxNjU3NDBaFw0yNTEwMTUxNzAyNDBaMDMxMTAvBgNV
BAMTKENCNTdCNzg5NDMxODJENEI1QTYxQjg3RDM1NUY2MUQ0NTA2QzZDMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD+5Dgl1x/iSH0h7rL1+JvP62f
qUwG4l/GbzvZ9TMb9Wf89WiYtp+ceTl6yn2oS/Agk7FUQqW+lmwNLtnqpljhqdmQ
FF+MNScYqgJJR8Mu+WAufGQO5DugGdi3vMNd3wUptUHVuF8u4xSdaGWTih0zJCFf
SpZ9XMqykRPnt1BM55JIKC9RpDUkE1wDiSqKgkPfahfPfxkxqX3+ogWK4pWzkQu7
d9WXwi2bidULzzP9ckgou4shbYQeZgbM7C3ETh+xASqpQPCqdH3rXgsdKitmH1on
zaicC5tGg0ADLPmdVur93FuUHTAZu9YWqAggVc7ovFJXW60/sahavPJanGmvAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUy1e3iUMYLUtaYbh9NV9h1FBsbAwwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk2MzU2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkd8o
MA0GCSqGSIb3DQEBCwUAA4IBAQCHoF455LY35FiHv+DVTowY5/0O3kRiHGmWj42N
eMEoMUJPEA99SKnSOtOWoOtv4tMII9jtMmdEo1L73UegxBGLsSInq4Km6B/70iUG
e3eUX0KMimgt8IwEyrkLa4rwSXhxuPIoHCDunECPUXujMj+UFylQcY6rC/4HkghC
nLnE/cxv2msa0ejDCzmu6XKM3TyoY7de2cxr8e2LOGzW8FT5ubnXLx5Yl6OuvJyB
oaOW+nfqMhe3SdxnCsUvsOgLLtBPR9Cw2RlRwu07Lyg7kCTMT3SeGg5m0MyOaa4w
sZb7ZQ37zTEvT6R0Newv50+d8pvqZXBT9qVNZw9wVK2Gf6rL
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:49 2024 by rpki-client on console-fra.rpki-client.org