Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7018.roa
File: AS7018.roa (raw, json)
Hash identifier: LYvF99tLJynhsXiaF7HsSxeuKMaYz4k5Rg4qtBX6bmc=
Subject key identifier: E5:05:25:D7:FF:45:C6:0A:0F:F1:F9:3A:8E:F7:77:99:56:E9:AB:79
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 627203748C1813B53F909C69BFB9718EF98330A8
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7018.roa
Signing time: Mon 18 Nov 2024 15:33:01 +0000
ROA not before: Mon 18 Nov 2024 15:28:01 +0000
ROA not after: Mon 17 Nov 2025 15:33:01 +0000
asID: 7018
IP address blocks: 140.233.192.0/18 maxlen: 24
148.135.216.0/23 maxlen: 23
148.135.218.0/23 maxlen: 23
148.135.224.0/23 maxlen: 23
148.135.226.0/23 maxlen: 23
148.135.232.0/23 maxlen: 23
148.135.234.0/23 maxlen: 23
148.135.240.0/23 maxlen: 23
148.135.242.0/23 maxlen: 23
148.135.248.0/23 maxlen: 23
148.135.250.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:72:03:74:8c:18:13:b5:3f:90:9c:69:bf:b9:71:8e:f9:83:30:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Nov 18 15:28:01 2024 GMT
Not After : Nov 17 15:33:01 2025 GMT
Subject: CN=E50525D7FF45C60A0FF1F93A8EF7779956E9AB79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:dc:03:6f:e4:c4:96:3e:f0:db:ca:1f:3e:a4:
4c:4a:ed:2c:02:29:6d:a8:c8:f8:bc:e1:cc:08:93:
22:12:2a:af:e6:57:bd:d1:c4:07:de:9b:95:2a:6e:
0b:20:88:2b:f0:5d:17:32:8d:44:e1:d8:43:40:bd:
78:05:65:0d:07:98:af:84:0b:a2:9b:6b:56:f4:4f:
d0:46:9c:46:5a:71:22:f9:0d:01:4e:62:82:b4:10:
45:b8:fc:54:a8:c3:ec:ae:7b:f6:2d:29:c7:c3:75:
ee:3b:ba:33:85:d9:64:e6:9b:60:13:62:0e:68:0c:
3f:53:c8:07:f6:84:fc:e9:6e:7e:5a:ae:45:f0:8a:
18:ab:b4:1f:f9:1b:2e:c3:3a:9a:b6:58:bc:b7:db:
36:5b:51:65:d3:68:15:d4:2c:3b:62:ce:29:41:a4:
6e:73:57:99:16:a7:ee:10:af:96:48:8a:da:52:b1:
82:28:ce:05:b7:32:f0:81:fe:5c:34:ef:e2:e4:ef:
0f:3d:87:5c:34:35:35:31:8b:44:c6:00:d4:51:54:
84:ac:71:e8:7a:6c:d7:a0:53:b6:df:ca:c2:32:05:
9f:84:ea:f2:97:45:b0:5a:ab:35:c6:0d:aa:3c:ce:
94:82:c7:f0:fc:6a:3b:79:85:53:60:76:68:54:62:
0f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:05:25:D7:FF:45:C6:0A:0F:F1:F9:3A:8E:F7:77:99:56:E9:AB:79
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7018.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.192.0/18
148.135.216.0/22
148.135.224.0/22
148.135.232.0/22
148.135.240.0/22
148.135.248.0/22
Signature Algorithm: sha256WithRSAEncryption
32:c1:00:88:0b:15:97:0e:e9:8b:66:80:a9:e1:c0:0b:62:36:
4b:52:01:6e:d4:94:47:1b:38:9b:06:bc:52:a1:90:59:62:64:
c1:0e:64:3c:62:99:4e:b0:19:42:86:95:b4:36:5b:a7:2b:ce:
3d:b1:9e:c1:d9:f5:50:f6:d9:95:c3:49:21:05:a7:da:02:f8:
c8:34:7e:45:73:2a:9d:11:60:30:70:5a:e8:71:77:3b:21:8d:
4b:a3:1b:a9:a8:ad:3a:ca:36:d5:f4:8f:db:e8:1e:15:a3:96:
b6:c4:55:4c:ab:bb:4b:b0:4e:1a:d0:cc:43:b7:72:0b:65:d9:
70:6f:d9:91:f1:94:66:12:b1:30:32:e0:5b:91:7b:4b:fb:bf:
e1:0c:76:05:2a:f3:8b:45:b7:71:20:12:c2:ac:35:e4:8d:95:
0d:bd:51:a9:e9:68:32:a2:a5:ba:59:fe:9e:62:a5:0f:18:2e:
d4:17:96:e0:af:d4:4a:a0:3f:73:61:6f:7e:8e:f4:2f:77:96:
22:d4:48:9e:c2:05:96:ae:cb:36:8c:e2:4d:64:a5:31:de:f0:
cc:e6:d4:01:ef:c5:9b:5f:27:2b:d2:2a:9d:44:3d:70:7e:60:
70:f3:e1:84:38:f9:01:a1:70:95:b8:2d:44:2a:61:56:25:3b:
56:50:51:9c
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIUYnIDdIwYE7U/kJxpv7lxjvmDMKgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDExMTgxNTI4MDFaFw0yNTExMTcxNTMzMDFaMDMxMTAvBgNV
BAMTKEU1MDUyNUQ3RkY0NUM2MEEwRkYxRjkzQThFRjc3Nzk5NTZFOUFCNzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDl3ANv5MSWPvDbyh8+pExK7SwC
KW2oyPi84cwIkyISKq/mV73RxAfem5UqbgsgiCvwXRcyjUTh2ENAvXgFZQ0HmK+E
C6Kba1b0T9BGnEZacSL5DQFOYoK0EEW4/FSow+yue/YtKcfDde47ujOF2WTmm2AT
Yg5oDD9TyAf2hPzpbn5arkXwihirtB/5Gy7DOpq2WLy32zZbUWXTaBXULDtizilB
pG5zV5kWp+4Qr5ZIitpSsYIozgW3MvCB/lw07+Lk7w89h1w0NTUxi0TGANRRVISs
ceh6bNegU7bfysIyBZ+E6vKXRbBaqzXGDao8zpSCx/D8ajt5hVNgdmhUYg/XAgMB
AAGjggImMIICIjAdBgNVHQ4EFgQU5QUl1/9FxgoP8fk6jvd3mVbpq3kwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNzAxOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEBozpwAME
ApSH2AMEApSH4AMEApSH6AMEApSH8AMEApSH+DANBgkqhkiG9w0BAQsFAAOCAQEA
MsEAiAsVlw7pi2aAqeHAC2I2S1IBbtSURxs4mwa8UqGQWWJkwQ5kPGKZTrAZQoaV
tDZbpyvOPbGewdn1UPbZlcNJIQWn2gL4yDR+RXMqnRFgMHBa6HF3OyGNS6Mbqait
Oso21fSP2+geFaOWtsRVTKu7S7BOGtDMQ7dyC2XZcG/ZkfGUZhKxMDLgW5F7S/u/
4Qx2BSrzi0W3cSASwqw15I2VDb1RqeloMqKluln+nmKlDxgu1BeW4K/USqA/c2Fv
fo70L3eWItRInsIFlq7LNoziTWSlMd7wzObUAe/Fm18nK9IqnUQ9cH5gcPPhhDj5
AaFwlbgtRCphViU7VlBRnA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:16 2024 by rpki-client on console-ams.rpki-client.org