Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS401103.roa
File: AS401103.roa (raw, json)
Hash identifier: oQ5XNq6OUtTfu/YCCTiGUYZATqIPVIhmjY4yhQigvjA=
Subject key identifier: CA:09:56:88:5A:EF:FA:81:C3:29:BF:DA:00:C7:86:E1:9C:43:0F:54
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 280BD5E5BF8DBA149A8DE74CC0E451D75B1D8581
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS401103.roa
Signing time: Thu 30 May 2024 13:40:14 +0000
ROA not before: Thu 30 May 2024 13:35:14 +0000
ROA not after: Thu 29 May 2025 13:40:14 +0000
asID: 401103
IP address blocks: 146.103.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:0b:d5:e5:bf:8d:ba:14:9a:8d:e7:4c:c0:e4:51:d7:5b:1d:85:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 30 13:35:14 2024 GMT
Not After : May 29 13:40:14 2025 GMT
Subject: CN=CA0956885AEFFA81C329BFDA00C786E19C430F54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:99:5c:d6:d4:64:20:ce:9c:93:f0:0b:a2:fe:
3f:fb:41:c6:81:5a:33:16:1a:de:6b:b5:c3:66:a2:
8d:7e:95:c1:3c:83:65:d1:ef:00:0a:73:af:57:7e:
b4:93:ca:80:46:49:60:e6:54:28:6c:ee:2e:8b:47:
71:a0:fa:96:41:24:51:3e:3d:0d:26:b3:57:72:a4:
6f:4c:04:4d:e2:d1:f7:a5:d9:83:39:f7:40:45:60:
11:db:bd:62:94:a4:0e:eb:38:f0:98:e6:b1:20:77:
56:c0:3a:8b:93:02:2b:79:a8:c5:5a:eb:2e:77:53:
1b:d8:2e:fe:d1:7e:a3:70:39:a4:5d:a5:ff:79:a6:
48:d4:b5:bc:b6:07:72:2e:76:c8:10:90:8c:1a:9c:
ad:ec:85:c6:2e:82:7c:b4:46:5b:28:69:65:c8:11:
0b:36:ed:05:a3:61:57:a9:f7:1a:f7:dd:dd:9b:c5:
1c:b0:d2:5f:1a:51:84:de:91:ea:4b:d4:04:6f:2d:
ee:02:84:7e:77:39:99:c3:5f:37:76:5c:f6:fe:59:
62:e6:98:da:58:a9:f3:5d:e4:c4:28:ce:ee:6e:8a:
78:3d:93:5f:14:b6:d3:e5:25:18:6a:6d:c6:99:09:
8b:aa:a9:d6:f1:41:9f:6a:c9:7c:87:4b:7a:02:a0:
cb:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:09:56:88:5A:EF:FA:81:C3:29:BF:DA:00:C7:86:E1:9C:43:0F:54
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS401103.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.103.58.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:ab:78:df:b9:cd:62:bb:c3:a1:a8:25:27:6e:6d:78:ff:fe:
e2:ea:4b:ff:64:3f:7b:e9:3f:82:83:39:e4:e3:08:30:cc:74:
d2:bc:dd:e7:4b:32:a3:ee:3b:ee:72:6e:d2:d1:04:d2:3e:c5:
a6:8e:51:93:db:54:4e:57:46:81:17:a2:4b:c8:08:ce:c0:e3:
c1:55:a7:15:ba:24:65:6f:fc:39:6f:6e:3c:a5:09:31:f3:b4:
53:50:09:50:85:88:c6:24:8a:26:f4:e6:fe:8d:e7:88:52:82:
af:09:29:19:bc:f6:8d:84:66:1f:0f:a1:fb:d7:d1:1b:52:af:
39:4c:34:b1:1f:d9:05:ff:e7:13:3c:ac:da:b6:dc:59:36:61:
dd:b1:9b:77:18:f9:cd:f6:e4:5b:06:33:8d:69:35:0c:d2:af:
b7:56:9b:e4:8b:e7:3f:b2:df:7b:e3:bf:45:63:94:45:44:0f:
ec:93:22:d9:fe:fa:3a:12:6d:b3:2d:34:2a:13:8b:a0:12:7b:
bc:90:24:55:06:f2:56:c7:6c:a7:5f:f0:2c:1b:76:0b:0f:26:
1c:64:9e:3e:65:26:18:78:89:03:3a:3b:03:c6:63:6f:29:81:
bf:9b:e7:03:20:ef:5c:ca:3e:a4:88:16:99:30:5a:25:1d:e0:
da:f7:fd:83
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUKAvV5b+NuhSajedMwORR11sdhYEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA1MzAxMzM1MTRaFw0yNTA1MjkxMzQwMTRaMDMxMTAvBgNV
BAMTKENBMDk1Njg4NUFFRkZBODFDMzI5QkZEQTAwQzc4NkUxOUM0MzBGNTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvmVzW1GQgzpyT8Aui/j/7QcaB
WjMWGt5rtcNmoo1+lcE8g2XR7wAKc69XfrSTyoBGSWDmVChs7i6LR3Gg+pZBJFE+
PQ0ms1dypG9MBE3i0fel2YM590BFYBHbvWKUpA7rOPCY5rEgd1bAOouTAit5qMVa
6y53UxvYLv7RfqNwOaRdpf95pkjUtby2B3IudsgQkIwanK3shcYugny0RlsoaWXI
EQs27QWjYVep9xr33d2bxRyw0l8aUYTekepL1ARvLe4ChH53OZnDXzd2XPb+WWLm
mNpYqfNd5MQozu5uing9k18UttPlJRhqbcaZCYuqqdbxQZ9qyXyHS3oCoMuRAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUyglWiFrv+oHDKb/aAMeG4ZxDD1QwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDAxMTAzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkmc6
MA0GCSqGSIb3DQEBCwUAA4IBAQBtq3jfuc1iu8OhqCUnbm14//7i6kv/ZD976T+C
gznk4wgwzHTSvN3nSzKj7jvucm7S0QTSPsWmjlGT21ROV0aBF6JLyAjOwOPBVacV
uiRlb/w5b248pQkx87RTUAlQhYjGJIom9Ob+jeeIUoKvCSkZvPaNhGYfD6H719Eb
Uq85TDSxH9kF/+cTPKzattxZNmHdsZt3GPnN9uRbBjONaTUM0q+3Vpvki+c/st97
479FY5RFRA/skyLZ/vo6Em2zLTQqE4ugEnu8kCRVBvJWx2ynX/AsG3YLDyYcZJ4+
ZSYYeIkDOjsDxmNvKYG/m+cDIO9cyj6kiBaZMFolHeDa9/2D
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:22:33 2024 by rpki-client on console-fra.rpki-client.org