Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS209854.roa
File: AS209854.roa (raw, json)
Hash identifier: QsmUk0ViFWJugN9PurrEuD1sYuXcmvX5eiPn25Sp0iE=
Subject key identifier: BA:AC:5C:87:86:0D:69:82:7B:F2:5F:06:8F:0B:5F:5A:53:D2:EA:0A
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 73AE3E1593879424BCC13AB0EA8935A79AFCE454
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS209854.roa
Signing time: Tue 28 Jan 2025 12:31:39 +0000
ROA not before: Tue 28 Jan 2025 12:26:39 +0000
ROA not after: Tue 27 Jan 2026 12:31:39 +0000
asID: 209854
IP address blocks: 82.21.166.0/24 maxlen: 24
82.21.171.0/24 maxlen: 24
82.21.174.0/24 maxlen: 24
82.21.176.0/24 maxlen: 24
82.21.186.0/24 maxlen: 24
82.21.202.0/24 maxlen: 24
82.21.203.0/24 maxlen: 24
82.21.205.0/24 maxlen: 24
82.29.21.0/24 maxlen: 24
82.29.27.0/24 maxlen: 24
82.29.133.0/24 maxlen: 24
82.29.134.0/24 maxlen: 24
82.29.135.0/24 maxlen: 24
82.29.149.0/24 maxlen: 24
82.29.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:ae:3e:15:93:87:94:24:bc:c1:3a:b0:ea:89:35:a7:9a:fc:e4:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 28 12:26:39 2025 GMT
Not After : Jan 27 12:31:39 2026 GMT
Subject: CN=BAAC5C87860D69827BF25F068F0B5F5A53D2EA0A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:6a:db:e0:05:72:ab:79:e3:a8:63:d3:ee:3d:
62:ba:3d:15:ff:35:fc:6d:ae:af:5b:c9:c0:26:0e:
f7:35:e8:c7:ae:1e:b5:c5:2e:c9:d0:4c:60:ab:79:
0a:1f:03:ad:33:79:1f:95:ca:23:dd:3b:75:36:20:
22:b4:21:dc:7d:9b:8f:d5:dd:0d:9d:46:0c:58:92:
f5:70:9f:9f:c4:54:a0:cf:14:39:e4:c7:52:73:4e:
89:34:6b:2d:a6:a0:8f:59:53:57:83:e4:0d:b4:56:
c1:35:27:ea:af:5b:7e:4c:09:99:3f:f7:9b:9a:c7:
40:ea:f7:bb:91:ba:56:c5:da:79:9a:fc:f2:f8:dc:
3c:24:8b:da:f3:5f:cf:63:b1:53:f0:f8:0b:53:3d:
50:41:7d:5a:b8:02:ad:82:ef:50:1c:7a:b6:72:9a:
ac:22:ba:17:dd:11:57:25:e3:74:56:9e:dd:cb:73:
e5:6d:29:ba:c9:ba:30:e3:d7:9c:ff:e4:ed:35:f3:
90:1f:0c:32:53:e3:2a:ca:e3:62:90:8d:9a:b9:b0:
b9:58:99:e7:87:28:53:db:73:28:97:5a:40:e9:63:
52:03:bd:67:01:61:c6:09:04:ca:63:47:fc:9f:77:
0d:48:98:bd:c7:86:51:d1:5e:b2:9c:14:86:52:8b:
82:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:AC:5C:87:86:0D:69:82:7B:F2:5F:06:8F:0B:5F:5A:53:D2:EA:0A
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS209854.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.166.0/24
82.21.171.0/24
82.21.174.0/24
82.21.176.0/24
82.21.186.0/24
82.21.202.0/23
82.21.205.0/24
82.29.21.0/24
82.29.27.0/24
82.29.133.0-82.29.135.255
82.29.149.0/24
82.29.151.0/24
Signature Algorithm: sha256WithRSAEncryption
08:90:0c:b5:4f:79:6b:2f:e1:39:b5:c7:bb:b3:97:6d:4f:de:
75:1c:f4:05:4f:5c:7a:e3:a9:68:81:2c:32:ae:06:15:54:8f:
4b:5d:16:c7:3f:94:6e:b5:75:5a:b3:fe:bd:21:b0:41:9d:25:
1c:50:6d:26:7c:00:a9:93:df:b5:6d:81:b0:f6:83:90:32:48:
9a:94:23:65:d6:72:23:a4:e0:78:ce:7e:63:cf:84:51:7c:d1:
a9:af:88:93:31:9d:e3:1c:c5:58:18:32:cf:e5:ad:ad:b1:32:
1a:08:41:c0:54:e0:5c:ee:ba:39:f0:9d:61:99:ba:22:7a:24:
01:65:9c:3b:2b:23:67:31:98:cb:70:a6:d8:96:e9:a5:3a:15:
f5:a6:51:33:c1:54:e2:6a:61:5f:af:6c:82:0c:f5:d5:40:b5:
51:5a:5f:f4:41:57:14:38:66:cd:4b:67:e6:13:47:a7:91:a2:
b7:54:27:97:d6:2d:41:2f:2c:f3:79:40:8f:0e:94:38:31:b8:
39:09:8c:df:a7:29:80:7a:e0:e9:15:20:3d:cc:52:83:6e:19:
86:40:df:d3:7c:81:44:8c:65:0e:11:da:31:56:d0:67:31:8c:
30:17:72:07:76:90:c2:46:2f:48:64:e0:96:ca:ea:06:c1:5a:
3b:eb:65:48
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgIUc64+FZOHlCS8wTqw6ok1p5r85FQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMjgxMjI2MzlaFw0yNjAxMjcxMjMxMzlaMDMxMTAvBgNV
BAMTKEJBQUM1Qzg3ODYwRDY5ODI3QkYyNUYwNjhGMEI1RjVBNTNEMkVBMEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlatvgBXKreeOoY9PuPWK6PRX/
Nfxtrq9bycAmDvc16MeuHrXFLsnQTGCreQofA60zeR+VyiPdO3U2ICK0Idx9m4/V
3Q2dRgxYkvVwn5/EVKDPFDnkx1JzTok0ay2moI9ZU1eD5A20VsE1J+qvW35MCZk/
95uax0Dq97uRulbF2nma/PL43Dwki9rzX89jsVPw+AtTPVBBfVq4Aq2C71AcerZy
mqwiuhfdEVcl43RWnt3Lc+VtKbrJujDj15z/5O0185AfDDJT4yrK42KQjZq5sLlY
meeHKFPbcyiXWkDpY1IDvWcBYcYJBMpjR/yfdw1ImL3HhlHRXrKcFIZSi4LrAgMB
AAGjggJUMIICUDAdBgNVHQ4EFgQUuqxch4YNaYJ78l8GjwtfWlPS6gowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjA5ODU0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAUhWm
AwQAUhWrAwQAUhWuAwQAUhWwAwQAUhW6AwQBUhXKAwQAUhXNAwQAUh0VAwQAUh0b
MAwDBABSHYUDBANSHYADBABSHZUDBABSHZcwDQYJKoZIhvcNAQELBQADggEBAAiQ
DLVPeWsv4Tm1x7uzl21P3nUc9AVPXHrjqWiBLDKuBhVUj0tdFsc/lG61dVqz/r0h
sEGdJRxQbSZ8AKmT37VtgbD2g5AySJqUI2XWciOk4HjOfmPPhFF80amviJMxneMc
xVgYMs/lra2xMhoIQcBU4FzuujnwnWGZuiJ6JAFlnDsrI2cxmMtwptiW6aU6FfWm
UTPBVOJqYV+vbIIM9dVAtVFaX/RBVxQ4Zs1LZ+YTR6eRordUJ5fWLUEvLPN5QI8O
lDgxuDkJjN+nKYB64OkVID3MUoNuGYZA39N8gUSMZQ4R2jFW0GcxjDAXcgd2kMJG
L0hk4JbK6gbBWjvrZUg=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:57:55 2025 by rpki-client