Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS398355.roa
File: AS398355.roa (raw, json)
Hash identifier: tg6qSliKof+W8BwG75UTEPvvaTQwcpnmRhBRxeT9v/A=
Subject key identifier: EF:CD:E0:25:84:85:02:06:96:2F:44:B1:CA:D9:A3:60:57:C7:C5:20
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 149F974E079B2064E8350A3D168BB9C33A4FB0D5
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS398355.roa
Signing time: Sat 06 Apr 2024 11:09:30 +0000
ROA not before: Sat 06 Apr 2024 11:04:30 +0000
ROA not after: Sat 05 Apr 2025 11:09:30 +0000
asID: 398355
IP address blocks: 146.103.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:9f:97:4e:07:9b:20:64:e8:35:0a:3d:16:8b:b9:c3:3a:4f:b0:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 6 11:04:30 2024 GMT
Not After : Apr 5 11:09:30 2025 GMT
Subject: CN=EFCDE02584850206962F44B1CAD9A36057C7C520
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:56:2e:fe:47:fe:7e:9b:7a:50:cd:a9:6c:6b:
09:7c:7e:69:dc:2b:b7:c2:ff:0c:41:99:e9:fe:30:
94:ee:d8:2f:39:07:c7:d8:0f:be:a2:71:6c:54:04:
56:47:0f:f0:80:f6:0e:58:6f:9c:bd:0f:0b:df:a1:
93:07:52:bf:06:3a:13:1d:08:ea:9e:7d:a1:42:01:
6c:4a:cd:2c:82:31:f7:0c:b1:00:7b:aa:2b:eb:61:
54:d9:61:01:87:b4:8a:98:bd:9d:04:ed:f1:54:20:
d1:ed:3e:07:85:89:7a:ce:26:d2:2d:7b:20:2e:bf:
e1:2c:de:52:24:98:ce:44:e8:75:dd:5b:ca:cd:15:
2b:1d:00:17:26:e7:9b:3f:1e:bf:52:6f:da:1a:cb:
a2:97:9f:65:db:14:e5:fa:3c:07:dc:ea:e2:c5:b1:
5d:12:8e:b4:bd:48:f0:63:30:8c:35:46:e7:e2:d5:
03:31:6f:e0:3c:89:6a:95:da:93:9a:4f:c8:c4:02:
51:74:a4:0f:24:c7:fb:81:a4:5d:5d:a4:ad:bb:5b:
40:40:01:72:da:46:28:e2:78:fc:8d:13:19:5a:42:
82:0b:08:12:20:05:10:41:a3:6c:48:4d:78:19:75:
ee:6b:18:29:31:fe:ac:eb:d4:76:46:9d:6c:a7:92:
aa:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:CD:E0:25:84:85:02:06:96:2F:44:B1:CA:D9:A3:60:57:C7:C5:20
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS398355.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.103.22.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:46:57:59:5b:42:04:b8:5a:25:16:ce:4c:cf:38:d7:0d:48:
85:2a:a8:2f:d2:53:88:f3:79:44:2e:c9:ea:bc:be:18:d5:7b:
d7:f9:c4:bb:8e:bf:33:3e:c1:42:68:f2:f8:47:9e:2e:07:98:
b1:a6:17:29:1c:84:a6:27:ab:ae:70:21:86:e9:b2:48:2a:d7:
c1:de:3d:c3:74:20:c0:a6:7d:80:6c:f3:5b:e2:c6:eb:20:8f:
26:46:da:49:18:79:4c:d4:65:53:20:6e:20:89:eb:82:ac:70:
c9:10:7b:2a:3e:ec:5e:8d:d3:42:ef:21:56:ae:05:e7:30:be:
11:1b:79:26:67:5d:6a:4f:44:1f:89:d6:e0:cb:08:6c:12:cf:
4b:54:7b:00:47:99:1c:4d:41:7e:d2:47:f7:2c:82:ff:f1:25:
19:17:fb:0f:63:81:51:cc:96:9c:b9:8e:57:d7:d9:68:ea:99:
8d:77:21:3b:53:7b:7e:6b:82:da:80:85:61:af:60:df:d3:6b:
02:99:4f:17:39:0e:df:a5:4d:88:1e:cf:ce:19:2e:49:29:d1:
49:f3:62:5b:31:5c:93:06:b2:00:42:9a:c8:73:15:fe:37:50:
d0:2a:18:49:23:fe:75:96:57:54:a8:8d:d6:e8:6c:d0:fe:f3:
42:25:58:5a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUFJ+XTgebIGToNQo9Fou5wzpPsNUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA0MDYxMTA0MzBaFw0yNTA0MDUxMTA5MzBaMDMxMTAvBgNV
BAMTKEVGQ0RFMDI1ODQ4NTAyMDY5NjJGNDRCMUNBRDlBMzYwNTdDN0M1MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJVi7+R/5+m3pQzalsawl8fmnc
K7fC/wxBmen+MJTu2C85B8fYD76icWxUBFZHD/CA9g5Yb5y9DwvfoZMHUr8GOhMd
COqefaFCAWxKzSyCMfcMsQB7qivrYVTZYQGHtIqYvZ0E7fFUINHtPgeFiXrOJtIt
eyAuv+Es3lIkmM5E6HXdW8rNFSsdABcm55s/Hr9Sb9oay6KXn2XbFOX6PAfc6uLF
sV0SjrS9SPBjMIw1Rufi1QMxb+A8iWqV2pOaT8jEAlF0pA8kx/uBpF1dpK27W0BA
AXLaRijiePyNExlaQoILCBIgBRBBo2xITXgZde5rGCkx/qzr1HZGnWynkqp1AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU783gJYSFAgaWL0SxytmjYFfHxSAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk4MzU1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkmcW
MA0GCSqGSIb3DQEBCwUAA4IBAQANRldZW0IEuFolFs5MzzjXDUiFKqgv0lOI83lE
LsnqvL4Y1XvX+cS7jr8zPsFCaPL4R54uB5ixphcpHISmJ6uucCGG6bJIKtfB3j3D
dCDApn2AbPNb4sbrII8mRtpJGHlM1GVTIG4gieuCrHDJEHsqPuxejdNC7yFWrgXn
ML4RG3kmZ11qT0QfidbgywhsEs9LVHsAR5kcTUF+0kf3LIL/8SUZF/sPY4FRzJac
uY5X19lo6pmNdyE7U3t+a4LagIVhr2Df02sCmU8XOQ7fpU2IHs/OGS5JKdFJ82Jb
MVyTBrIAQprIcxX+N1DQKhhJI/51lldUqI3W6GzQ/vNCJVha
-----END CERTIFICATE-----
Generated at Sat May 4 21:21:27 2024 by rpki-client on console-ams.rpki-client.org