Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: R5+WHg22mAjIfH9lvgKw17h02j1fRbaXTS5avKqTPSk=
Subject key identifier: 5D:C3:6C:04:FD:B3:76:94:EF:AD:CA:FB:36:64:6E:28:0E:F1:C4:99
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 587C140E90EBFF7AE32B93D99FA6E28ABF09FD2A
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
Signing time: Sun 24 Nov 2024 20:00:28 +0000
ROA not before: Sun 24 Nov 2024 19:55:28 +0000
ROA not after: Sun 23 Nov 2025 20:00:28 +0000
asID: 834
IP address blocks: 96.62.128.0/22 maxlen: 24
96.62.132.0/23 maxlen: 24
96.62.136.0/21 maxlen: 24
96.62.144.0/22 maxlen: 24
96.62.150.0/23 maxlen: 24
96.62.152.0/21 maxlen: 24
96.62.160.0/22 maxlen: 24
96.62.168.0/21 maxlen: 24
96.62.176.0/20 maxlen: 24
96.62.192.0/19 maxlen: 24
96.62.224.0/20 maxlen: 24
96.62.240.0/22 maxlen: 24
96.62.246.0/23 maxlen: 24
96.62.248.0/22 maxlen: 24
96.62.254.0/23 maxlen: 24
140.233.184.0/24 maxlen: 24
145.223.55.0/24 maxlen: 24
145.223.62.0/23 maxlen: 24
145.223.66.0/23 maxlen: 24
146.103.4.0/24 maxlen: 24
146.103.18.0/24 maxlen: 24
147.79.29.0/24 maxlen: 24
148.135.144.0/21 maxlen: 24
148.135.152.0/23 maxlen: 24
148.135.156.0/22 maxlen: 24
148.135.160.0/22 maxlen: 24
148.135.178.0/23 maxlen: 24
148.135.182.0/23 maxlen: 24
148.135.184.0/22 maxlen: 24
148.135.189.0/24 maxlen: 24
148.135.191.0/24 maxlen: 24
148.135.196.0/22 maxlen: 24
148.135.200.0/21 maxlen: 24
148.135.208.0/22 maxlen: 24
148.135.252.0/24 maxlen: 24
148.135.254.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:7c:14:0e:90:eb:ff:7a:e3:2b:93:d9:9f:a6:e2:8a:bf:09:fd:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Nov 24 19:55:28 2024 GMT
Not After : Nov 23 20:00:28 2025 GMT
Subject: CN=5DC36C04FDB37694EFADCAFB36646E280EF1C499
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:d9:c4:26:78:8f:5c:ef:c9:4b:c8:d2:d5:5b:
e7:31:50:60:f1:ef:c5:66:39:02:3c:e3:dc:76:e2:
4a:53:a4:d3:8d:e5:18:6b:d1:d2:9d:47:99:ca:80:
8a:a9:98:fd:50:8c:27:34:c5:e0:25:98:29:b4:e5:
45:e1:cd:6d:60:6f:e2:ac:33:35:ed:dd:8b:b1:cd:
d4:3e:57:ce:2e:26:1e:e0:92:4e:8d:2b:9a:02:47:
11:c1:93:92:c9:fd:e4:2a:1c:c1:19:dc:54:b2:f6:
28:ad:37:81:c8:7a:0a:5f:c4:e8:35:0b:a5:ab:3c:
94:06:b9:a6:cf:01:55:99:a0:7c:ca:8a:59:6d:b5:
54:81:39:7d:5a:3f:81:5a:f8:74:b4:e7:1c:2c:ff:
c6:31:34:ef:3f:3f:99:14:12:64:34:56:ec:a9:42:
4f:b7:89:d6:e9:cf:d4:18:e8:8a:4c:40:d2:c2:e0:
41:15:0c:8f:38:85:16:f3:a2:00:da:ee:e0:d4:5e:
32:5b:fd:07:9c:96:29:3a:a6:14:a7:24:05:a9:28:
38:5d:ec:db:b2:59:f6:21:8b:55:6e:80:16:2a:42:
e8:66:3a:14:bf:3c:91:6c:5b:97:a1:c7:c7:dc:35:
19:1b:de:8d:87:a6:d0:ac:78:4a:19:50:94:ca:c0:
a1:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:C3:6C:04:FD:B3:76:94:EF:AD:CA:FB:36:64:6E:28:0E:F1:C4:99
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.128.0-96.62.133.255
96.62.136.0-96.62.147.255
96.62.150.0-96.62.163.255
96.62.168.0-96.62.243.255
96.62.246.0-96.62.251.255
96.62.254.0/23
140.233.184.0/24
145.223.55.0/24
145.223.62.0/23
145.223.66.0/23
146.103.4.0/24
146.103.18.0/24
147.79.29.0/24
148.135.144.0-148.135.153.255
148.135.156.0-148.135.163.255
148.135.178.0/23
148.135.182.0-148.135.187.255
148.135.189.0/24
148.135.191.0/24
148.135.196.0-148.135.211.255
148.135.252.0/24
148.135.254.0/23
Signature Algorithm: sha256WithRSAEncryption
74:3f:8b:2b:d4:31:60:85:9e:32:c6:6e:a8:23:fc:b5:27:7b:
d2:49:24:65:03:12:94:4b:c1:3a:f1:de:f1:2f:0e:b7:a3:45:
6d:63:87:5b:61:b6:22:6c:74:3b:07:ba:49:2d:62:e8:33:51:
2c:5a:c5:b1:f0:56:9b:fb:17:5a:4e:46:91:c1:0f:2d:a1:fe:
fb:85:0f:25:0a:23:68:c4:58:5d:d9:aa:9a:69:08:09:ae:fe:
3f:8b:d1:c1:b0:1c:b2:44:da:d9:f5:4c:37:1f:69:b5:a7:b8:
07:5b:3a:0f:be:7b:cc:80:4a:d9:16:84:2a:25:51:66:93:42:
04:36:b1:c0:81:68:28:0e:a1:6b:f6:f0:3a:ed:27:27:f2:0a:
a4:34:a2:10:f8:b6:db:7c:e1:48:12:d7:40:63:2e:dc:d5:3f:
21:6b:1b:55:32:30:67:fd:f5:c5:eb:cb:97:77:4a:0c:e7:5c:
fa:ee:72:60:20:02:d5:19:33:42:7b:c6:59:26:a6:0b:6c:84:
24:2b:20:ed:ba:58:e3:9a:a8:3f:f7:78:bd:9a:7f:c2:34:7f:
b8:7a:d1:a7:a6:5b:3e:99:08:cc:03:b9:f6:4d:c1:1e:b9:77:
7a:e1:82:72:dc:d5:3e:69:71:0d:87:cc:04:ab:b8:58:0f:cc:
73:dc:3e:96
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgIUWHwUDpDr/3rjK5PZn6biir8J/SowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDExMjQxOTU1MjhaFw0yNTExMjMyMDAwMjhaMDMxMTAvBgNV
BAMTKDVEQzM2QzA0RkRCMzc2OTRFRkFEQ0FGQjM2NjQ2RTI4MEVGMUM0OTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDu2cQmeI9c78lLyNLVW+cxUGDx
78VmOQI849x24kpTpNON5Rhr0dKdR5nKgIqpmP1QjCc0xeAlmCm05UXhzW1gb+Ks
MzXt3YuxzdQ+V84uJh7gkk6NK5oCRxHBk5LJ/eQqHMEZ3FSy9iitN4HIegpfxOg1
C6WrPJQGuabPAVWZoHzKillttVSBOX1aP4Fa+HS05xws/8YxNO8/P5kUEmQ0Vuyp
Qk+3idbpz9QY6IpMQNLC4EEVDI84hRbzogDa7uDUXjJb/Qeclik6phSnJAWpKDhd
7NuyWfYhi1VugBYqQuhmOhS/PJFsW5ehx8fcNRkb3o2HptCseEoZUJTKwKFhAgMB
AAGjggLSMIICzjAdBgNVHQ4EFgQUXcNsBP2zdpTvrcr7NmRuKA7xxJkwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jCB0wQCAAEwgcwwDAME
B2A+gAMEAWA+hDAMAwQDYD6IAwQCYD6QMAwDBAFgPpYDBAJgPqAwDAMEA2A+qAME
AmA+8DAMAwQBYD72AwQCYD74AwQBYD7+AwQAjOm4AwQAkd83AwQBkd8+AwQBkd9C
AwQAkmcEAwQAkmcSAwQAk08dMAwDBASUh5ADBAGUh5gwDAMEApSHnAMEApSHoAME
AZSHsjAMAwQBlIe2AwQClIe4AwQAlIe9AwQAlIe/MAwDBAKUh8QDBAKUh9ADBACU
h/wDBAGUh/4wDQYJKoZIhvcNAQELBQADggEBAHQ/iyvUMWCFnjLGbqgj/LUne9JJ
JGUDEpRLwTrx3vEvDrejRW1jh1thtiJsdDsHukktYugzUSxaxbHwVpv7F1pORpHB
Dy2h/vuFDyUKI2jEWF3ZqpppCAmu/j+L0cGwHLJE2tn1TDcfabWnuAdbOg++e8yA
StkWhColUWaTQgQ2scCBaCgOoWv28DrtJyfyCqQ0ohD4ttt84UgS10BjLtzVPyFr
G1UyMGf99cXry5d3SgznXPrucmAgAtUZM0J7xlkmpgtshCQrIO26WOOaqD/3eL2a
f8I0f7h60aemWz6ZCMwDufZNwR65d3rhgnLc1T5pcQ2HzASruFgPzHPcPpY=
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:50:41 2024 by rpki-client on console-ams.rpki-client.org