Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS51847.roa
File: AS51847.roa (raw, json)
Hash identifier: xLtX/gELlaGRa3qHBMgCjf/w2e3BEIZq8C+N8AgUBa8=
Subject key identifier: CF:4B:38:39:83:04:F6:3D:31:71:44:BA:82:34:88:CA:AB:B7:1F:2B
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 1CD8202341BBAC00CEB6F89F3DD991F8FF0B084F
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS51847.roa
Signing time: Tue 17 Sep 2024 12:27:56 +0000
ROA not before: Tue 17 Sep 2024 12:22:56 +0000
ROA not after: Tue 16 Sep 2025 12:27:56 +0000
asID: 51847
IP address blocks: 140.233.191.0/24 maxlen: 24
147.79.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:d8:20:23:41:bb:ac:00:ce:b6:f8:9f:3d:d9:91:f8:ff:0b:08:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Sep 17 12:22:56 2024 GMT
Not After : Sep 16 12:27:56 2025 GMT
Subject: CN=CF4B38398304F63D317144BA823488CAABB71F2B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9b:a0:99:5f:0c:d3:cd:22:d4:d1:24:cf:4b:
16:b1:0a:66:e3:a2:51:75:b0:44:0c:44:08:b3:f9:
67:17:2e:0a:62:35:9d:49:b7:0e:b5:c4:f3:60:f5:
46:62:f0:52:0d:20:86:09:ba:d6:ec:fd:11:2f:57:
77:91:a0:7c:cb:cf:d7:03:6c:53:96:df:ee:12:44:
d5:45:64:a5:82:ad:b1:99:e4:c9:4b:96:4f:78:e1:
2d:23:33:e1:d2:a6:86:ac:62:e9:bf:62:46:48:e1:
20:03:a8:dd:5b:2d:0f:d0:35:03:79:7f:12:db:3f:
2b:a2:4f:ad:02:75:6a:5f:7f:a1:2d:90:63:cc:39:
6e:81:75:08:d9:b3:3e:7e:39:34:29:33:19:c7:63:
c4:3e:de:e7:53:cf:bd:e4:d8:95:11:4a:c8:83:ce:
2c:40:d3:47:c8:e1:5f:f4:a4:92:2a:76:86:f9:97:
b4:a8:07:1e:b3:5f:b8:48:67:c4:cb:46:a2:3f:ed:
dc:0f:62:44:ff:e1:f2:54:ca:d7:a6:17:c8:d8:38:
81:bb:b3:6b:38:d0:a7:7f:73:ee:0e:9e:d9:b6:d2:
9a:6e:30:d2:0b:4a:ab:7e:5a:f6:f6:45:44:ce:22:
5f:dd:b7:0e:d6:fb:cd:4a:99:bd:04:78:e0:c6:2f:
06:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:4B:38:39:83:04:F6:3D:31:71:44:BA:82:34:88:CA:AB:B7:1F:2B
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS51847.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.191.0/24
147.79.59.0/24
Signature Algorithm: sha256WithRSAEncryption
56:3b:f8:40:33:56:6b:7b:9b:f6:d0:c2:4a:7b:c3:a7:24:f7:
b5:86:d9:78:9f:44:c4:65:c4:ad:e7:ea:e6:52:e5:28:44:02:
c6:82:84:f3:f6:eb:55:81:fe:4a:29:2c:a3:44:bb:d0:64:e0:
3e:cb:5b:0e:4d:b9:e7:a7:0a:a1:32:c8:2e:eb:31:12:2d:c8:
bf:b6:92:a2:28:6d:55:55:6f:f0:18:43:a1:f1:2d:78:a6:fa:
9a:29:a4:9a:a6:0e:4b:79:e0:49:28:3b:df:82:aa:de:6f:c5:
e0:8e:51:e0:ab:25:ec:12:ce:b4:45:a2:7c:e1:35:fc:de:81:
23:96:08:d9:c3:d0:4a:1f:73:49:18:52:8b:12:dd:16:b7:f0:
c0:5e:f6:67:ac:d2:eb:72:e6:3f:9b:4c:f2:5a:5a:a9:6d:df:
23:2d:43:ba:07:b0:f9:e6:f9:f9:bb:5a:e7:9a:c6:69:aa:44:
75:05:29:da:8c:14:3a:79:c7:15:a8:27:27:45:f2:9b:7d:0e:
b5:7d:0c:00:96:64:fa:3a:1f:3e:05:56:8c:d0:31:c1:c3:51:
c8:41:93:d5:6a:e5:fe:4e:38:09:08:c2:46:0e:91:ad:39:18:
e8:30:0f:83:9f:68:ca:d5:b8:09:ce:0e:7e:94:c9:9e:25:5d:
8f:6c:4f:50
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUHNggI0G7rADOtvifPdmR+P8LCE8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA5MTcxMjIyNTZaFw0yNTA5MTYxMjI3NTZaMDMxMTAvBgNV
BAMTKENGNEIzODM5ODMwNEY2M0QzMTcxNDRCQTgyMzQ4OENBQUJCNzFGMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1m6CZXwzTzSLU0STPSxaxCmbj
olF1sEQMRAiz+WcXLgpiNZ1Jtw61xPNg9UZi8FINIIYJutbs/REvV3eRoHzLz9cD
bFOW3+4SRNVFZKWCrbGZ5MlLlk944S0jM+HSpoasYum/YkZI4SADqN1bLQ/QNQN5
fxLbPyuiT60CdWpff6EtkGPMOW6BdQjZsz5+OTQpMxnHY8Q+3udTz73k2JURSsiD
zixA00fI4V/0pJIqdob5l7SoBx6zX7hIZ8TLRqI/7dwPYkT/4fJUytemF8jYOIG7
s2s40Kd/c+4Ontm20ppuMNILSqt+Wvb2RUTOIl/dtw7W+81Kmb0EeODGLwZ3AgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUz0s4OYME9j0xcUS6gjSIyqu3HyswHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTE4NDcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBACM6b8D
BACTTzswDQYJKoZIhvcNAQELBQADggEBAFY7+EAzVmt7m/bQwkp7w6ck97WG2Xif
RMRlxK3n6uZS5ShEAsaChPP261WB/kopLKNEu9Bk4D7LWw5NueenCqEyyC7rMRIt
yL+2kqIobVVVb/AYQ6HxLXim+poppJqmDkt54EkoO9+Cqt5vxeCOUeCrJewSzrRF
onzhNfzegSOWCNnD0Eofc0kYUosS3Ra38MBe9mes0uty5j+bTPJaWqlt3yMtQ7oH
sPnm+fm7WueaxmmqRHUFKdqMFDp5xxWoJydF8pt9DrV9DACWZPo6Hz4FVozQMcHD
UchBk9Vq5f5OOAkIwkYOka05GOgwD4OfaMrVuAnODn6UyZ4lXY9sT1A=
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:14:19 2024 by rpki-client on console-ams.rpki-client.org