Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS13213.roa
File: AS13213.roa (raw, json)
Hash identifier: JF/zWxY9JNTkoakEfkwqHwJ/goiaSCos0YFlEIvDxuI=
Subject key identifier: D2:D3:B4:F8:51:21:35:4C:C5:60:F2:0B:4E:A1:00:26:54:51:EA:B1
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 22DB3451800FC8683C6627B66E69BB5BED3A7B54
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS13213.roa
Signing time: Thu 02 Jan 2025 07:43:07 +0000
ROA not before: Thu 02 Jan 2025 07:38:07 +0000
ROA not after: Thu 01 Jan 2026 07:43:07 +0000
asID: 13213
IP address blocks: 2a13:9500:3::/48 maxlen: 48
2a13:9500:24::/48 maxlen: 48
2a13:9500:25::/48 maxlen: 48
2a13:9500:26::/48 maxlen: 48
2a13:9500:27::/48 maxlen: 48
2a13:9500:28::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:db:34:51:80:0f:c8:68:3c:66:27:b6:6e:69:bb:5b:ed:3a:7b:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 2 07:38:07 2025 GMT
Not After : Jan 1 07:43:07 2026 GMT
Subject: CN=D2D3B4F85121354CC560F20B4EA100265451EAB1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f3:2f:00:62:1f:2a:20:db:02:61:9f:56:db:
e6:7c:05:9f:20:4e:8b:89:9c:74:a9:82:fd:bf:d4:
e0:04:78:d0:6c:a5:fa:13:7f:13:ee:eb:ec:b8:93:
78:d2:80:95:e6:36:a3:ca:af:4f:ae:18:d6:42:db:
1b:45:ec:fa:25:09:ab:d7:32:3c:80:38:5b:cd:2f:
1f:d2:ad:68:c3:5a:63:0d:33:80:4a:8d:49:3c:2e:
b5:9b:b8:aa:1d:37:d6:f6:5f:bc:d3:00:5f:42:a1:
f4:24:dc:1d:d3:1c:53:4e:b2:9a:34:86:cd:55:dd:
be:66:b8:84:f7:e1:da:90:4a:a8:96:ab:ac:61:4f:
3f:71:9d:89:d7:b9:db:b9:a7:58:55:c3:1b:87:e3:
a9:2c:13:fa:ca:3c:2b:46:78:b1:72:40:99:0f:42:
f6:86:35:cb:a5:7b:75:e3:97:7d:9d:42:0b:2e:03:
f0:ec:c4:f8:74:cb:05:1c:07:cb:a8:52:46:40:e6:
b3:a6:8c:41:11:be:58:7a:84:29:f5:4b:df:c9:6e:
42:71:de:0a:85:e2:4c:a3:10:dd:44:fd:fb:65:aa:
ab:cf:b9:39:17:b0:6f:37:46:0b:ec:e2:fe:2c:4e:
3d:27:ed:24:d2:f6:ef:bd:61:5b:f2:a5:da:8a:eb:
0a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:D3:B4:F8:51:21:35:4C:C5:60:F2:0B:4E:A1:00:26:54:51:EA:B1
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS13213.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:3::/48
2a13:9500:24::-2a13:9500:28:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
40:40:14:8f:72:bf:f7:fe:84:71:5d:c9:8f:9e:18:f4:15:8e:
5c:35:5d:df:11:8d:42:b7:c5:25:a9:7a:67:42:70:8e:07:b3:
33:11:10:e6:12:72:bb:2c:40:7c:00:a3:41:ed:92:37:17:9a:
71:8f:b7:2b:a8:71:9b:50:2b:d0:82:9f:82:8d:20:1b:60:e0:
2d:7d:b7:7e:38:25:23:02:b9:27:33:bc:6f:bf:9a:50:21:52:
46:c6:0d:62:46:92:67:64:dd:76:d2:a1:92:6d:15:18:70:55:
89:1b:ea:7e:e8:97:d4:d5:cb:c5:ca:73:cc:a6:cc:0d:36:9c:
57:c3:5d:a2:8d:e9:9c:f4:b8:10:15:26:e6:ac:5d:47:7a:d3:
96:15:6d:5b:7f:9d:7f:df:06:93:0b:16:92:31:cf:1b:5f:5a:
6e:62:59:e5:54:27:10:91:33:b9:ad:f4:ca:e0:7f:6d:1d:dd:
18:28:08:7c:4a:4e:47:fd:10:79:52:ba:b6:f6:33:42:1d:aa:
bc:78:1e:cf:55:48:d2:5e:9d:4b:3b:d8:61:45:92:e9:9a:6d:
9c:58:9f:26:11:90:a4:74:bc:e5:97:79:ab:fa:73:98:b4:e0:
46:9e:2b:1b:25:74:ba:d1:9c:36:7d:b7:2e:d5:b3:fb:ef:ff:
d4:23:f9:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUIts0UYAPyGg8Zie2bmm7W+06e1QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMDIwNzM4MDdaFw0yNjAxMDEwNzQzMDdaMDMxMTAvBgNV
BAMTKEQyRDNCNEY4NTEyMTM1NENDNTYwRjIwQjRFQTEwMDI2NTQ1MUVBQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj8y8AYh8qINsCYZ9W2+Z8BZ8g
TouJnHSpgv2/1OAEeNBspfoTfxPu6+y4k3jSgJXmNqPKr0+uGNZC2xtF7PolCavX
MjyAOFvNLx/SrWjDWmMNM4BKjUk8LrWbuKodN9b2X7zTAF9CofQk3B3THFNOspo0
hs1V3b5muIT34dqQSqiWq6xhTz9xnYnXudu5p1hVwxuH46ksE/rKPCtGeLFyQJkP
QvaGNcule3Xjl32dQgsuA/DsxPh0ywUcB8uoUkZA5rOmjEERvlh6hCn1S9/JbkJx
3gqF4kyjEN1E/ftlqqvPuTkXsG83Rgvs4v4sTj0n7STS9u+9YVvypdqK6wrNAgMB
AAGjggIgMIICHDAdBgNVHQ4EFgQU0tO0+FEhNUzFYPILTqEAJlRR6rEwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTMyMTMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNgYIKwYBBQUHAQcBAf8EJzAlMCMEAgACMB0DBwAqE5UA
AAMwEgMHAioTlQAAJAMHACoTlQAAKDANBgkqhkiG9w0BAQsFAAOCAQEAQEAUj3K/
9/6EcV3Jj54Y9BWOXDVd3xGNQrfFJal6Z0JwjgezMxEQ5hJyuyxAfACjQe2SNxea
cY+3K6hxm1Ar0IKfgo0gG2DgLX23fjglIwK5JzO8b7+aUCFSRsYNYkaSZ2TddtKh
km0VGHBViRvqfuiX1NXLxcpzzKbMDTacV8Ndoo3pnPS4EBUm5qxdR3rTlhVtW3+d
f98GkwsWkjHPG19abmJZ5VQnEJEzua30yuB/bR3dGCgIfEpOR/0QeVK6tvYzQh2q
vHgez1VI0l6dSzvYYUWS6ZptnFifJhGQpHS85Zd5q/pzmLTgRp4rGyV0utGcNn23
LtWz++//1CP5pg==
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:56:25 2025 by rpki-client