Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9232.roa
File: AS9232.roa (raw, json)
Hash identifier: 5VbYCDjKl0Fm/HhyLP/krA2g7ukSwZgQlVf73h/Mi30=
Subject key identifier: B6:CA:26:9A:8F:1A:D6:8D:63:35:D4:F4:DA:9B:1A:16:E2:A6:44:8F
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 081D56A16C3499A5FD5BA9699C52415E5FC6EB5F
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9232.roa
Signing time: Tue 19 Nov 2024 11:32:16 +0000
ROA not before: Tue 19 Nov 2024 11:27:16 +0000
ROA not after: Tue 18 Nov 2025 11:32:16 +0000
asID: 9232
IP address blocks: 150.241.132.0/24 maxlen: 24
150.241.133.0/24 maxlen: 24
150.241.134.0/24 maxlen: 24
150.241.135.0/24 maxlen: 24
150.241.144.0/24 maxlen: 24
150.241.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:1d:56:a1:6c:34:99:a5:fd:5b:a9:69:9c:52:41:5e:5f:c6:eb:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Nov 19 11:27:16 2024 GMT
Not After : Nov 18 11:32:16 2025 GMT
Subject: CN=B6CA269A8F1AD68D6335D4F4DA9B1A16E2A6448F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c0:f9:e0:82:8c:8b:c7:fa:5c:61:f8:7b:82:
ad:2e:12:51:ab:c1:b2:6b:c8:97:71:b2:0e:a2:eb:
10:3c:f7:e2:5f:f3:b4:03:ae:d5:d0:b1:2a:a4:6c:
55:a1:2f:c0:de:dd:d4:b7:c9:88:ee:fd:12:8c:54:
b6:4d:5f:4e:75:5f:86:ef:fa:0b:bb:ca:95:ee:fd:
37:ff:f5:20:16:7d:31:17:61:6a:16:ab:90:18:6c:
78:b6:e3:74:b2:b0:e8:73:77:fc:15:3d:ea:37:fe:
d8:24:b8:5a:35:7f:d4:47:9a:3b:ac:f2:86:7f:ea:
86:13:8b:a3:e1:24:32:82:d9:e5:00:fb:ff:65:7d:
9e:56:c4:77:a0:62:a1:dd:c1:ce:44:4a:d9:6a:18:
b3:a7:0e:a1:55:23:34:1b:9e:3a:05:e2:fc:a3:61:
65:9a:85:a3:70:31:d4:12:65:ce:d4:96:f8:33:73:
d6:9d:66:b3:e4:ed:0d:36:d2:f7:50:80:95:60:22:
5d:62:0a:12:8f:10:cb:9d:49:8f:11:21:fb:2d:e7:
6d:4d:15:c7:06:9c:8a:2f:b6:d7:f4:c1:c9:87:09:
f9:57:46:97:11:15:c8:c9:21:3d:bc:9b:0d:ab:0d:
62:3c:83:f4:e6:fd:17:d0:28:97:2c:8b:7f:a4:69:
5c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:CA:26:9A:8F:1A:D6:8D:63:35:D4:F4:DA:9B:1A:16:E2:A6:44:8F
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9232.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.241.132.0/22
150.241.144.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:01:45:23:b6:3a:c3:a2:46:8e:e8:89:27:3e:ef:6e:96:e5:
21:49:18:0d:a7:b7:52:5f:ba:ab:23:85:88:1f:44:a0:52:9d:
e5:36:7d:dd:60:64:a3:50:17:57:17:24:94:28:6e:e9:86:f1:
44:d4:5c:a6:ef:93:92:4e:44:9d:92:a6:76:4e:e6:8b:bd:4e:
22:38:60:37:f3:80:2a:24:38:ff:49:1b:a1:35:6d:77:54:52:
7c:77:30:7f:e0:3b:4f:13:b4:f1:dc:95:50:7d:14:c8:9b:91:
a0:be:3b:42:79:20:ca:89:68:75:75:2d:27:fc:b6:f3:c0:fc:
a2:94:0e:85:40:86:dc:11:a8:fe:fd:a0:b1:ab:57:6e:8f:be:
61:09:4e:6d:d0:ec:25:22:b0:69:b9:35:ad:7b:b5:b3:c0:a0:
df:81:d8:cb:37:0b:5f:02:8a:40:d6:ce:1b:2c:96:d3:24:a4:
c8:d4:cc:3c:0e:ba:d0:79:3b:d7:49:78:97:5b:d8:eb:f6:28:
46:75:0a:11:9c:b0:28:df:d6:15:ad:ab:4e:b6:0f:c5:f5:fb:
88:95:bd:82:b3:c0:7c:1d:07:60:98:0e:dd:03:41:91:17:75:
0b:25:d5:1f:3c:dc:b5:32:53:e2:b1:cb:83:35:b7:e4:b4:e7:
d0:f0:60:b6
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIUCB1WoWw0maX9W6lpnFJBXl/G618wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDExMTkxMTI3MTZaFw0yNTExMTgxMTMyMTZaMDMxMTAvBgNV
BAMTKEI2Q0EyNjlBOEYxQUQ2OEQ2MzM1RDRGNERBOUIxQTE2RTJBNjQ0OEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkwPnggoyLx/pcYfh7gq0uElGr
wbJryJdxsg6i6xA89+Jf87QDrtXQsSqkbFWhL8De3dS3yYju/RKMVLZNX051X4bv
+gu7ypXu/Tf/9SAWfTEXYWoWq5AYbHi243SysOhzd/wVPeo3/tgkuFo1f9RHmjus
8oZ/6oYTi6PhJDKC2eUA+/9lfZ5WxHegYqHdwc5EStlqGLOnDqFVIzQbnjoF4vyj
YWWahaNwMdQSZc7Ulvgzc9adZrPk7Q020vdQgJVgIl1iChKPEMudSY8RIfst521N
FccGnIovttf0wcmHCflXRpcRFcjJIT28mw2rDWI8g/Tm/RfQKJcsi3+kaVybAgMB
AAGjggIOMIICCjAdBgNVHQ4EFgQUtsommo8a1o1jNdT02psaFuKmRI8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTOTIzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEApbxhAME
AZbxkDANBgkqhkiG9w0BAQsFAAOCAQEAfAFFI7Y6w6JGjuiJJz7vbpblIUkYDae3
Ul+6qyOFiB9EoFKd5TZ93WBko1AXVxcklChu6YbxRNRcpu+Tkk5EnZKmdk7mi71O
IjhgN/OAKiQ4/0kboTVtd1RSfHcwf+A7TxO08dyVUH0UyJuRoL47QnkgyolodXUt
J/y288D8opQOhUCG3BGo/v2gsatXbo++YQlObdDsJSKwabk1rXu1s8Cg34HYyzcL
XwKKQNbOGyyW0ySkyNTMPA660Hk710l4l1vY6/YoRnUKEZywKN/WFa2rTrYPxfX7
iJW9grPAfB0HYJgO3QNBkRd1CyXVHzzctTJT4rHLgzW35LTn0PBgtg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:22:33 2024 by rpki-client on console-fra.rpki-client.org