Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: SvKvljg0H5As89kd3W6iKydYpr6U6rvp1OOcuVbcKIE=
Subject key identifier: E4:C3:13:0E:37:7F:B2:7E:73:52:F5:AA:2F:B0:82:62:A3:80:B6:03
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 1FB86E325BF39C1FC27AFB03D3A9A86C1FE81766
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
Signing time: Mon 21 Oct 2024 06:36:57 +0000
ROA not before: Mon 21 Oct 2024 06:31:57 +0000
ROA not after: Mon 20 Oct 2025 06:36:57 +0000
asID: 40676
IP address blocks: 145.223.52.0/24 maxlen: 24
145.223.56.0/24 maxlen: 24
146.103.44.0/24 maxlen: 24
146.103.55.0/24 maxlen: 24
146.103.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:b8:6e:32:5b:f3:9c:1f:c2:7a:fb:03:d3:a9:a8:6c:1f:e8:17:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 21 06:31:57 2024 GMT
Not After : Oct 20 06:36:57 2025 GMT
Subject: CN=E4C3130E377FB27E7352F5AA2FB08262A380B603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f8:7a:7a:27:cb:4f:43:7c:30:82:33:3d:a3:
5a:e4:d7:59:6f:bf:21:4d:da:fa:ed:08:89:55:80:
4b:43:2b:70:8e:78:89:c5:b1:41:3c:ce:53:c2:5e:
f1:29:82:de:c9:1e:63:d5:1d:df:70:90:fd:06:fe:
eb:f8:b0:7c:f3:46:ee:47:a9:8b:f4:c5:4d:d1:eb:
78:80:dd:5c:11:be:47:32:ff:27:12:54:0b:f3:60:
b9:c2:71:64:a0:a1:ac:b3:cc:fa:93:43:f7:e0:9d:
39:90:9d:ca:ba:0b:57:e4:a7:ca:39:9f:69:bf:e1:
58:c0:94:42:91:28:47:ff:08:90:67:b7:02:74:92:
38:6f:3c:70:66:6a:0f:bd:54:6d:14:be:cd:f6:4d:
ec:f0:c1:b0:cb:57:c4:ed:48:a7:6e:5b:5c:35:04:
20:aa:a8:0b:e8:b2:87:32:de:f9:a1:60:43:5c:72:
b9:29:60:1c:45:79:e5:e3:63:48:ee:46:9d:c4:86:
61:ac:de:3e:76:de:5c:e7:44:09:2d:42:6b:e3:c9:
15:49:80:6e:ad:d6:47:d1:39:46:48:14:fe:ed:58:
70:99:3a:63:4e:50:4f:c5:f8:0e:8c:37:21:61:c1:
3a:79:bf:d4:2f:27:5a:36:33:45:04:f8:b0:ec:76:
e1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:C3:13:0E:37:7F:B2:7E:73:52:F5:AA:2F:B0:82:62:A3:80:B6:03
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.52.0/24
145.223.56.0/24
146.103.44.0/24
146.103.55.0/24
146.103.59.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:99:55:e1:d8:4b:bf:aa:39:e5:b9:43:ed:cf:c7:c5:6d:5a:
09:1c:9a:4f:c9:b8:bf:43:53:41:cf:d5:8d:6b:b4:c9:b0:ed:
f6:ee:8d:bd:52:8f:11:2c:c1:11:19:fe:8b:9a:fc:7c:83:a1:
9d:29:0e:34:b2:80:40:fb:72:21:83:8c:a1:1d:63:ec:8c:92:
8b:23:2f:5a:77:c6:5b:2c:af:3c:fe:f8:a4:26:19:88:22:4b:
bd:28:a5:ae:f8:39:8b:c5:36:61:91:b3:9a:d1:ba:85:7f:90:
0b:37:f6:fe:ef:04:c0:21:39:12:e8:28:a7:12:35:a9:45:4d:
4c:28:ca:35:ff:9c:ca:74:d5:8f:5b:32:87:14:03:41:23:0d:
83:75:d8:38:87:89:2e:cf:e5:b1:2d:27:34:8d:27:43:1a:12:
8f:82:c4:dd:8b:ce:22:b2:bf:4c:d7:f2:b2:7a:85:97:a2:f4:
65:73:83:18:3c:1e:f5:0d:ec:61:77:d8:4c:8e:62:51:49:db:
7b:f0:32:9a:2e:ad:84:89:c9:84:43:68:31:94:10:6f:31:84:
0a:a3:0e:b4:c2:8d:8f:9e:f4:bd:f2:e2:f2:3c:a5:fe:41:6f:
9c:ce:fe:7b:e3:1a:76:b3:e1:2e:bd:06:0c:47:98:67:2e:0f:
fd:1e:79:f4
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUH7huMlvznB/CevsD06mobB/oF2YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDEwMjEwNjMxNTdaFw0yNTEwMjAwNjM2NTdaMDMxMTAvBgNV
BAMTKEU0QzMxMzBFMzc3RkIyN0U3MzUyRjVBQTJGQjA4MjYyQTM4MEI2MDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQ+Hp6J8tPQ3wwgjM9o1rk11lv
vyFN2vrtCIlVgEtDK3COeInFsUE8zlPCXvEpgt7JHmPVHd9wkP0G/uv4sHzzRu5H
qYv0xU3R63iA3VwRvkcy/ycSVAvzYLnCcWSgoayzzPqTQ/fgnTmQncq6C1fkp8o5
n2m/4VjAlEKRKEf/CJBntwJ0kjhvPHBmag+9VG0Uvs32TezwwbDLV8TtSKduW1w1
BCCqqAvosocy3vmhYENccrkpYBxFeeXjY0juRp3EhmGs3j523lznRAktQmvjyRVJ
gG6t1kfROUZIFP7tWHCZOmNOUE/F+A6MNyFhwTp5v9QvJ1o2M0UE+LDsduEvAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQU5MMTDjd/sn5zUvWqL7CCYqOAtgMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBACR3zQD
BACR3zgDBACSZywDBACSZzcDBACSZzswDQYJKoZIhvcNAQELBQADggEBAI+ZVeHY
S7+qOeW5Q+3Px8VtWgkcmk/JuL9DU0HP1Y1rtMmw7fbujb1SjxEswREZ/oua/HyD
oZ0pDjSygED7ciGDjKEdY+yMkosjL1p3xlssrzz++KQmGYgiS70opa74OYvFNmGR
s5rRuoV/kAs39v7vBMAhORLoKKcSNalFTUwoyjX/nMp01Y9bMocUA0EjDYN12DiH
iS7P5bEtJzSNJ0MaEo+CxN2LziKyv0zX8rJ6hZei9GVzgxg8HvUN7GF32EyOYlFJ
23vwMpourYSJyYRDaDGUEG8xhAqjDrTCjY+e9L3y4vI8pf5Bb5zO/nvjGnaz4S69
BgxHmGcuD/0eefQ=
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:49 2024 by rpki-client on console-fra.rpki-client.org