Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS58212.roa
File: AS58212.roa (raw, json)
Hash identifier: Ahg2dXzJny+k1VZBXlTei/xjOuprji+Zmwjv+hNyrho=
Subject key identifier: F1:C5:6B:83:35:86:B2:79:B1:11:66:6E:5B:00:AD:74:B4:2B:08:30
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7CC829302FB2BAE860272EB27C5262F0CFF3F778
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS58212.roa
Signing time: Wed 25 Sep 2024 22:11:27 +0000
ROA not before: Wed 25 Sep 2024 22:06:27 +0000
ROA not after: Wed 24 Sep 2025 22:11:27 +0000
asID: 58212
IP address blocks: 146.103.22.0/24 maxlen: 24
146.103.24.0/24 maxlen: 24
146.103.48.0/24 maxlen: 24
147.79.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:c8:29:30:2f:b2:ba:e8:60:27:2e:b2:7c:52:62:f0:cf:f3:f7:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Sep 25 22:06:27 2024 GMT
Not After : Sep 24 22:11:27 2025 GMT
Subject: CN=F1C56B833586B279B111666E5B00AD74B42B0830
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:61:37:35:1a:32:3a:e9:a1:c5:ba:46:fd:06:
49:a9:c5:50:26:c6:a1:15:4d:68:bf:a6:86:54:f7:
c3:73:c5:a1:63:27:30:91:93:23:91:f8:c4:8c:12:
67:4f:1f:d4:24:df:a4:42:cf:69:2e:a8:54:26:89:
94:86:29:35:ff:b9:fa:34:54:74:b6:66:10:a5:79:
a2:a0:b3:2f:2f:3d:59:75:97:bf:b0:72:36:43:0d:
3f:39:c8:e3:f6:f7:b4:7b:03:70:59:7d:95:ed:61:
83:f1:40:8b:31:06:cc:ce:b0:54:08:62:2d:13:5a:
06:e7:3b:7e:97:7f:ff:61:59:a3:29:67:37:a2:fa:
eb:11:52:0e:59:02:d6:a1:74:b4:24:e0:c6:8c:9d:
f2:9e:f7:b1:3f:48:76:de:0c:44:f4:7e:5e:75:f6:
ed:ed:da:ef:c2:c0:26:8a:7a:ca:33:a7:d9:06:4a:
99:80:e6:50:42:0c:0b:d0:f1:6e:c7:5a:ea:ec:11:
46:e7:dc:77:93:a8:a2:9e:56:4b:e0:c4:86:99:64:
1c:31:90:c5:e0:4b:96:55:37:50:4f:84:06:a5:aa:
bc:97:20:16:da:41:4e:ff:04:04:ad:51:48:17:87:
97:b5:a7:17:9e:f1:cb:ee:50:61:74:49:1a:d7:92:
f0:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:C5:6B:83:35:86:B2:79:B1:11:66:6E:5B:00:AD:74:B4:2B:08:30
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS58212.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.103.22.0/24
146.103.24.0/24
146.103.48.0/24
147.79.30.0/24
Signature Algorithm: sha256WithRSAEncryption
57:aa:09:46:41:d5:f7:b2:d7:c2:53:4d:0e:60:82:1f:cd:b2:
3f:1a:d0:3b:19:4c:ff:97:d0:f2:11:da:eb:fd:48:2d:4c:fd:
da:88:70:2d:c7:c5:77:fc:e3:df:db:51:01:f1:86:59:41:6d:
04:5d:bc:ff:3b:a6:99:e3:d0:b4:e2:ec:5a:3a:da:92:23:8c:
a5:3f:f5:0a:f9:e9:e4:8b:53:15:94:35:1d:6e:57:d9:4b:08:
a4:73:7a:5a:b0:2d:df:c1:c4:51:57:e6:2c:fd:46:d7:3f:8f:
45:36:a3:52:5d:ea:0f:50:ec:6c:c0:ee:28:16:ca:fe:e3:2a:
ea:2a:38:3e:52:28:dc:7b:f9:64:96:42:47:29:0e:b9:91:62:
a8:2e:fe:14:53:23:af:49:66:8a:b6:80:3a:87:39:7f:7e:ea:
1b:9d:29:c0:d1:b9:c0:e8:db:4f:1b:15:45:27:6e:f7:36:b8:
05:cc:97:2b:9c:a3:9d:a5:75:c9:23:bd:a8:e4:3c:45:c0:0a:
59:a0:ca:07:c8:c0:f0:73:01:62:1e:c4:5a:c6:f2:c9:2c:60:
50:c7:66:15:65:7c:84:72:11:6a:3e:0f:65:71:3e:38:db:48:
3a:68:65:8d:8b:a3:18:6b:55:ea:01:76:bf:cf:bc:32:55:f2:
a1:7b:b6:16
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUfMgpMC+yuuhgJy6yfFJi8M/z93gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA5MjUyMjA2MjdaFw0yNTA5MjQyMjExMjdaMDMxMTAvBgNV
BAMTKEYxQzU2QjgzMzU4NkIyNzlCMTExNjY2RTVCMDBBRDc0QjQyQjA4MzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWYTc1GjI66aHFukb9BkmpxVAm
xqEVTWi/poZU98NzxaFjJzCRkyOR+MSMEmdPH9Qk36RCz2kuqFQmiZSGKTX/ufo0
VHS2ZhCleaKgsy8vPVl1l7+wcjZDDT85yOP297R7A3BZfZXtYYPxQIsxBszOsFQI
Yi0TWgbnO36Xf/9hWaMpZzei+usRUg5ZAtahdLQk4MaMnfKe97E/SHbeDET0fl51
9u3t2u/CwCaKesozp9kGSpmA5lBCDAvQ8W7HWursEUbn3HeTqKKeVkvgxIaZZBwx
kMXgS5ZVN1BPhAalqryXIBbaQU7/BAStUUgXh5e1pxee8cvuUGF0SRrXkvBxAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQU8cVrgzWGsnmxEWZuWwCtdLQrCDAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTgyMTIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACSZxYD
BACSZxgDBACSZzADBACTTx4wDQYJKoZIhvcNAQELBQADggEBAFeqCUZB1fey18JT
TQ5ggh/Nsj8a0DsZTP+X0PIR2uv9SC1M/dqIcC3HxXf849/bUQHxhllBbQRdvP87
ppnj0LTi7Fo62pIjjKU/9Qr56eSLUxWUNR1uV9lLCKRzelqwLd/BxFFX5iz9Rtc/
j0U2o1Jd6g9Q7GzA7igWyv7jKuoqOD5SKNx7+WSWQkcpDrmRYqgu/hRTI69JZoq2
gDqHOX9+6hudKcDRucDo208bFUUnbvc2uAXMlyuco52ldckjvajkPEXAClmgygfI
wPBzAWIexFrG8sksYFDHZhVlfIRyEWo+D2VxPjjbSDpoZY2LoxhrVeoBdr/PvDJV
8qF7thY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:14:19 2024 by rpki-client on console-ams.rpki-client.org