Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: jB2S2O9wV5L3+kptDNcy0WSb7ifhJvaGh5F0RkYXEXU=
Subject key identifier: 2B:20:91:39:22:EE:AE:50:EB:3A:8C:F7:D1:30:5E:76:94:BB:E0:40
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7A468DB6CF97382606E22E01FD8FF6C6D69753A4
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
Signing time: Wed 15 Jan 2025 08:48:38 +0000
ROA not before: Wed 15 Jan 2025 08:43:38 +0000
ROA not after: Wed 14 Jan 2026 08:48:38 +0000
asID: 16509
IP address blocks: 82.29.0.0/24 maxlen: 24
82.29.2.0/24 maxlen: 24
82.29.3.0/24 maxlen: 24
82.29.4.0/24 maxlen: 24
82.29.102.0/24 maxlen: 24
82.29.104.0/24 maxlen: 24
82.29.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:46:8d:b6:cf:97:38:26:06:e2:2e:01:fd:8f:f6:c6:d6:97:53:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 15 08:43:38 2025 GMT
Not After : Jan 14 08:48:38 2026 GMT
Subject: CN=2B20913922EEAE50EB3A8CF7D1305E7694BBE040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:70:67:d3:be:ab:7b:32:b6:dd:e2:09:28:d9:
fc:2c:40:56:81:1b:a5:89:e8:55:f5:28:5f:cd:bf:
3f:bf:af:03:5a:f2:2c:ae:af:14:d3:14:4e:6f:67:
45:2b:8b:b9:b3:61:82:c7:4f:e6:84:03:0b:b5:58:
36:18:4e:f5:5e:2c:96:0a:15:57:2f:1f:1d:03:ed:
1f:9f:0a:ff:68:5c:3f:9b:46:e6:91:87:cf:0a:39:
29:c4:e0:97:72:9d:db:fc:12:18:24:67:af:fa:ce:
09:57:8e:85:d4:05:9c:34:95:42:35:22:2c:fa:4d:
3f:81:a4:1f:fb:c1:96:6a:03:3d:cd:19:e0:b8:2f:
91:4f:a8:d9:d0:90:bd:0e:61:6b:ba:44:d5:a7:44:
54:99:99:40:55:85:cd:0c:10:94:32:0d:53:7f:35:
ac:30:d5:94:c9:a3:51:93:53:83:7c:df:72:35:ee:
1a:5f:f2:ec:cc:c5:13:5c:94:33:05:88:67:b4:3f:
72:3c:a4:28:a5:70:a7:2b:c7:51:8e:4d:6d:49:15:
d6:52:62:c2:ae:8e:10:9a:6e:df:7c:69:21:11:0a:
b5:1a:8d:c3:87:4a:68:48:90:f2:e1:33:7f:75:ae:
a0:ed:05:8c:e9:cc:4a:21:58:4e:be:91:e5:f0:92:
84:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:20:91:39:22:EE:AE:50:EB:3A:8C:F7:D1:30:5E:76:94:BB:E0:40
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.29.0.0/24
82.29.2.0-82.29.4.255
82.29.102.0/24
82.29.104.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:ea:22:4d:aa:20:33:e0:98:d1:a5:d6:4f:94:ee:62:84:d9:
f6:88:89:63:52:2c:60:91:85:59:a4:bd:51:29:5d:e2:1a:a2:
15:a3:20:6e:dc:b1:fa:ab:99:9a:dd:dd:bf:da:ec:51:f9:7d:
ed:89:40:0d:d4:b1:72:ff:08:7a:c5:80:e5:b7:92:07:6c:af:
d4:35:6d:9c:db:18:2f:16:58:52:4c:c2:ff:2f:97:2b:1a:e3:
5b:64:fc:98:42:4a:67:0f:31:05:19:62:70:ac:a4:b5:8a:50:
b2:30:37:6b:69:b7:c2:90:2b:a7:d4:9f:6e:45:5d:c3:61:ef:
00:d6:14:0b:7d:f2:f3:0f:d5:ee:a8:82:f9:c6:06:5b:d4:7e:
7b:df:4a:35:1a:ea:3e:31:f1:a9:9b:c4:b7:06:b3:f6:d5:eb:
91:6a:36:2d:ed:7b:72:cf:bc:c9:c0:52:df:89:f9:6d:ff:55:
2b:e6:66:e7:cb:56:4b:ec:27:9e:96:71:ea:a2:a5:eb:bd:b8:
5b:e5:81:c8:2d:90:82:ec:da:71:fd:c1:22:46:9c:de:b3:ac:
d3:32:ca:cb:98:f4:78:ec:a3:64:a0:67:cd:a6:2d:2e:86:21:
4d:18:0a:dc:99:d0:13:f7:9e:d6:3d:0e:82:9c:3a:dc:20:0a:
72:24:7d:db
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIUekaNts+XOCYG4i4B/Y/2xtaXU6QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMTUwODQzMzhaFw0yNjAxMTQwODQ4MzhaMDMxMTAvBgNV
BAMTKDJCMjA5MTM5MjJFRUFFNTBFQjNBOENGN0QxMzA1RTc2OTRCQkUwNDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCicGfTvqt7Mrbd4gko2fwsQFaB
G6WJ6FX1KF/Nvz+/rwNa8iyurxTTFE5vZ0Uri7mzYYLHT+aEAwu1WDYYTvVeLJYK
FVcvHx0D7R+fCv9oXD+bRuaRh88KOSnE4Jdyndv8EhgkZ6/6zglXjoXUBZw0lUI1
Iiz6TT+BpB/7wZZqAz3NGeC4L5FPqNnQkL0OYWu6RNWnRFSZmUBVhc0MEJQyDVN/
Naww1ZTJo1GTU4N833I17hpf8uzMxRNclDMFiGe0P3I8pCilcKcrx1GOTW1JFdZS
YsKujhCabt98aSERCrUajcOHSmhIkPLhM391rqDtBYzpzEohWE6+keXwkoRzAgMB
AAGjggIjMIICHzAdBgNVHQ4EFgQUKyCROSLurlDrOoz30TBedpS74EAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOQYIKwYBBQUHAQcBAf8EKjAoMCYEAgABMCADBABSHQAw
DAMEAVIdAgMEAFIdBAMEAFIdZgMEAVIdaDANBgkqhkiG9w0BAQsFAAOCAQEAPeoi
TaogM+CY0aXWT5TuYoTZ9oiJY1IsYJGFWaS9USld4hqiFaMgbtyx+quZmt3dv9rs
Ufl97YlADdSxcv8IesWA5beSB2yv1DVtnNsYLxZYUkzC/y+XKxrjW2T8mEJKZw8x
BRlicKyktYpQsjA3a2m3wpArp9SfbkVdw2HvANYUC33y8w/V7qiC+cYGW9R+e99K
NRrqPjHxqZvEtwaz9tXrkWo2Le17cs+8ycBS34n5bf9VK+Zm58tWS+wnnpZx6qKl
6724W+WByC2Qguzacf3BIkac3rOs0zLKy5j0eOyjZKBnzaYtLoYhTRgK3JnQE/ee
1j0Ogpw63CAKciR92w==
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:04:15 2025 by rpki-client