Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa
File: AS397423.roa (raw, json)
Hash identifier: yfuDy8eiM0q8qn7DrpkwmkE4lvieAXe66dFjyvHxaqQ=
Subject key identifier: 81:53:44:CB:1D:58:4F:19:8F:DD:C0:15:F6:8F:13:D7:DC:8B:27:E0
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 525CE0E03900254C4A9EF78FB009D5822934A11D
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa
Signing time: Wed 16 Oct 2024 08:57:35 +0000
ROA not before: Wed 16 Oct 2024 08:52:35 +0000
ROA not after: Wed 15 Oct 2025 08:57:35 +0000
asID: 397423
IP address blocks: 145.223.44.0/24 maxlen: 24
145.223.54.0/24 maxlen: 24
145.223.58.0/24 maxlen: 24
146.103.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:5c:e0:e0:39:00:25:4c:4a:9e:f7:8f:b0:09:d5:82:29:34:a1:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 16 08:52:35 2024 GMT
Not After : Oct 15 08:57:35 2025 GMT
Subject: CN=815344CB1D584F198FDDC015F68F13D7DC8B27E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:50:b7:63:27:f6:b4:f9:75:55:32:2f:65:b6:
d0:25:9b:a0:97:85:25:92:33:62:5e:a4:c2:dc:f6:
54:c6:0e:48:61:03:e4:f5:65:6d:e4:15:3b:ff:ee:
05:0c:e1:15:bb:26:58:96:93:05:fd:7f:cb:7a:83:
ba:a4:79:b4:4e:91:34:56:46:fb:12:fc:81:d2:d1:
1a:60:06:84:fe:ab:46:af:22:10:6d:28:ef:31:02:
46:c8:75:18:f3:1a:8f:e7:90:55:e7:44:c4:54:35:
75:a5:02:eb:9e:69:90:8a:5e:a4:2d:7a:da:cf:25:
b2:81:1b:dd:ed:62:92:14:d8:b0:1f:29:83:a5:f0:
e2:ad:8d:cc:19:38:c2:02:95:14:22:7d:bb:5c:62:
61:f0:cd:4d:c9:a4:53:6d:da:05:cb:d4:b2:10:2d:
8c:fe:8e:98:27:4a:e6:46:a0:8f:6b:1b:d6:e9:ff:
e0:32:97:ae:20:c6:d7:a1:14:55:8f:48:00:7e:2f:
23:5b:5f:c5:5d:0d:3e:4a:27:2b:a5:97:50:75:a5:
74:6d:56:e1:15:b7:55:df:3b:dc:03:b8:1c:08:de:
da:25:c3:53:81:d9:33:a2:a3:7b:24:1a:ba:18:93:
70:a8:80:2a:46:fd:6e:17:dd:97:94:84:fc:4c:86:
63:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:53:44:CB:1D:58:4F:19:8F:DD:C0:15:F6:8F:13:D7:DC:8B:27:E0
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.44.0/24
145.223.54.0/24
145.223.58.0/24
146.103.5.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:63:4f:68:e9:ac:a1:6f:c6:6d:7a:9a:a5:01:ab:4a:de:25:
8c:24:5e:a8:ca:44:e6:94:2f:5c:af:66:31:47:3e:da:b6:45:
d0:28:8a:2a:1d:45:4f:64:35:20:50:b9:7e:65:90:f3:fc:ab:
1e:a8:7d:45:ba:b4:02:2e:e2:23:49:40:5c:3d:b2:62:ac:13:
1c:eb:22:d6:ee:6a:84:6b:b7:e7:1a:c0:26:89:db:dc:d9:de:
1e:eb:ed:f8:5f:48:cc:43:69:80:1b:47:0f:41:73:f0:42:2e:
30:c0:1c:0c:2c:e5:98:e6:24:8a:99:31:ec:0e:aa:5e:94:a8:
d5:6d:e5:bc:a7:1b:7c:9e:59:8f:87:cb:40:22:b4:8b:af:56:
79:37:de:d3:18:95:fb:37:cb:6c:df:2f:e4:eb:ce:9c:fc:d0:
51:96:f7:c5:24:b3:e7:c4:9f:6b:fb:a3:bb:03:9b:dd:7f:7c:
ba:7a:7d:6a:f8:be:e4:21:b6:4b:e6:9e:9f:cc:1f:4b:30:fa:
51:b9:04:9c:f4:9a:47:63:52:5d:21:09:58:9c:8e:20:dd:35:
f2:60:14:b7:4a:d5:52:17:a5:dc:b1:42:09:26:20:14:ef:aa:
f6:03:6d:5e:1e:ab:72:20:3e:68:f2:c4:22:5d:63:d4:00:38:
7e:2b:54:b0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUUlzg4DkAJUxKnvePsAnVgik0oR0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDEwMTYwODUyMzVaFw0yNTEwMTUwODU3MzVaMDMxMTAvBgNV
BAMTKDgxNTM0NENCMUQ1ODRGMTk4RkREQzAxNUY2OEYxM0Q3REM4QjI3RTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTULdjJ/a0+XVVMi9lttAlm6CX
hSWSM2JepMLc9lTGDkhhA+T1ZW3kFTv/7gUM4RW7JliWkwX9f8t6g7qkebROkTRW
RvsS/IHS0RpgBoT+q0avIhBtKO8xAkbIdRjzGo/nkFXnRMRUNXWlAuueaZCKXqQt
etrPJbKBG93tYpIU2LAfKYOl8OKtjcwZOMIClRQifbtcYmHwzU3JpFNt2gXL1LIQ
LYz+jpgnSuZGoI9rG9bp/+Ayl64gxtehFFWPSAB+LyNbX8VdDT5KJyull1B1pXRt
VuEVt1XfO9wDuBwI3tolw1OB2TOio3skGroYk3CogCpG/W4X3ZeUhPxMhmNbAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUgVNEyx1YTxmP3cAV9o8T19yLJ+AwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk3NDIzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAkd8s
AwQAkd82AwQAkd86AwQAkmcFMA0GCSqGSIb3DQEBCwUAA4IBAQCnY09o6ayhb8Zt
epqlAatK3iWMJF6oykTmlC9cr2YxRz7atkXQKIoqHUVPZDUgULl+ZZDz/KseqH1F
urQCLuIjSUBcPbJirBMc6yLW7mqEa7fnGsAmidvc2d4e6+34X0jMQ2mAG0cPQXPw
Qi4wwBwMLOWY5iSKmTHsDqpelKjVbeW8pxt8nlmPh8tAIrSLr1Z5N97TGJX7N8ts
3y/k686c/NBRlvfFJLPnxJ9r+6O7A5vdf3y6en1q+L7kIbZL5p6fzB9LMPpRuQSc
9JpHY1JdIQlYnI4g3TXyYBS3StVSF6XcsUIJJiAU76r2A21eHqtyID5o8sQiXWPU
ADh+K1Sw
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:49 2024 by rpki-client on console-fra.rpki-client.org