Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS211192.roa
File: AS211192.roa (raw, json)
Hash identifier: WPaCIHsZTSMUvE+JvwvhNgj34j+ZkRTT4N1KIeUBL+o=
Subject key identifier: 0B:FD:52:D3:FE:25:F3:1A:F9:A4:78:79:4A:B1:1B:C9:10:8A:59:DA
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 08E090195FECFCF094DC2EC5C74338CEF3FADA1F
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS211192.roa
Signing time: Mon 27 Jan 2025 08:23:23 +0000
ROA not before: Mon 27 Jan 2025 08:18:23 +0000
ROA not after: Mon 26 Jan 2026 08:23:23 +0000
asID: 211192
IP address blocks: 82.21.177.0/24 maxlen: 24
82.21.178.0/24 maxlen: 24
82.21.179.0/24 maxlen: 24
82.21.181.0/24 maxlen: 24
82.21.182.0/24 maxlen: 24
82.21.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:e0:90:19:5f:ec:fc:f0:94:dc:2e:c5:c7:43:38:ce:f3:fa:da:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 27 08:18:23 2025 GMT
Not After : Jan 26 08:23:23 2026 GMT
Subject: CN=0BFD52D3FE25F31AF9A478794AB11BC9108A59DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:08:56:d6:48:d3:38:da:78:9c:0c:31:20:73:
1b:61:c4:1e:b2:d6:9b:55:bd:37:ab:ec:56:4c:4b:
81:c0:54:93:2c:f1:86:fa:0a:16:1a:d9:19:8c:d3:
0b:4e:fe:df:0d:5f:21:6b:5a:e5:0a:7a:80:99:20:
56:c4:8c:df:3d:8d:ec:5b:69:c7:b3:4f:d4:59:a9:
a2:c9:91:9c:3b:bb:b9:25:79:22:17:92:f2:56:ac:
b7:50:35:bc:ad:cf:67:b6:d1:26:d0:5b:4a:1d:a3:
bc:98:bf:cf:7a:1e:a4:63:21:c0:48:d2:9a:76:11:
94:43:f5:f1:ad:d0:85:77:a3:ee:a8:96:7b:b5:56:
93:6b:b1:d2:d9:4b:99:7c:64:59:02:7e:0c:91:0a:
3e:90:90:5b:c8:77:3f:3d:73:57:a2:b8:c0:6e:06:
47:41:72:ec:25:a2:17:11:83:2c:88:42:55:78:1e:
80:2c:4a:1a:31:66:c7:29:01:6a:bc:d7:05:0a:a2:
88:4a:55:9f:22:05:18:f0:39:f1:d6:07:13:59:8b:
05:de:8a:7b:ab:27:6f:d1:ae:db:d1:56:a3:b7:f5:
38:06:31:86:c4:d0:4b:23:4b:5a:1f:12:d0:b0:f1:
7b:6a:cc:18:95:57:36:04:b7:77:14:22:44:d8:1d:
81:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:FD:52:D3:FE:25:F3:1A:F9:A4:78:79:4A:B1:1B:C9:10:8A:59:DA
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS211192.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.177.0-82.21.179.255
82.21.181.0-82.21.183.255
Signature Algorithm: sha256WithRSAEncryption
1c:e1:47:ba:e2:ff:e1:8e:60:38:6b:de:3b:30:42:93:e7:44:
9e:8f:05:c6:55:e0:84:2a:07:3b:07:9c:67:e7:16:cb:0a:b3:
dd:d2:22:cd:7e:f6:a1:df:7f:43:6d:ca:6d:fe:87:47:9f:28:
03:9a:86:b2:4b:b2:0e:36:48:1b:01:ee:42:d3:e8:31:ce:f3:
a2:87:39:a1:c0:97:b5:d7:c6:df:ba:a0:fd:f7:d4:d1:c3:92:
24:dd:c9:2c:2c:6f:47:25:0c:29:13:98:15:a2:ce:0b:ee:65:
a7:a2:2d:86:f6:e5:e0:a8:e6:bc:b2:b9:00:87:3a:3b:ae:f9:
5c:77:bd:f3:51:a5:85:c6:92:06:0e:fa:0d:85:14:b4:cf:49:
27:a5:cd:4a:ac:23:fa:54:78:1e:bc:96:bd:43:4a:76:f8:7a:
21:21:49:5c:f6:74:ec:5c:df:71:6a:be:ff:3d:49:71:5c:3a:
00:77:54:45:12:e7:f1:03:08:b8:27:ea:cb:a9:69:b1:79:3f:
e4:af:59:30:87:8d:37:82:fd:db:7a:c3:38:92:b6:a0:e1:13:
2e:1b:a6:84:de:a5:70:61:5b:e1:c4:55:4f:99:f5:02:a1:67:
e9:57:41:81:b0:62:b4:4c:b6:3f:49:38:f3:77:23:63:3e:71:
d8:b5:24:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUCOCQGV/s/PCU3C7Fx0M4zvP62h8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMjcwODE4MjNaFw0yNjAxMjYwODIzMjNaMDMxMTAvBgNV
BAMTKDBCRkQ1MkQzRkUyNUYzMUFGOUE0Nzg3OTRBQjExQkM5MTA4QTU5REEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkCFbWSNM42nicDDEgcxthxB6y
1ptVvTer7FZMS4HAVJMs8Yb6ChYa2RmM0wtO/t8NXyFrWuUKeoCZIFbEjN89jexb
acezT9RZqaLJkZw7u7kleSIXkvJWrLdQNbytz2e20SbQW0odo7yYv896HqRjIcBI
0pp2EZRD9fGt0IV3o+6olnu1VpNrsdLZS5l8ZFkCfgyRCj6QkFvIdz89c1eiuMBu
BkdBcuwlohcRgyyIQlV4HoAsShoxZscpAWq81wUKoohKVZ8iBRjwOfHWBxNZiwXe
inurJ2/RrtvRVqO39TgGMYbE0EsjS1ofEtCw8XtqzBiVVzYEt3cUIkTYHYFhAgMB
AAGjggIgMIICHDAdBgNVHQ4EFgQUC/1S0/4l8xr5pHh5SrEbyRCKWdowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjExMTkyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBABS
FbEDBAJSFbAwDAMEAFIVtQMEA1IVsDANBgkqhkiG9w0BAQsFAAOCAQEAHOFHuuL/
4Y5gOGveOzBCk+dEno8FxlXghCoHOwecZ+cWywqz3dIizX72od9/Q23Kbf6HR58o
A5qGskuyDjZIGwHuQtPoMc7zooc5ocCXtdfG37qg/ffU0cOSJN3JLCxvRyUMKROY
FaLOC+5lp6Ithvbl4KjmvLK5AIc6O675XHe981GlhcaSBg76DYUUtM9JJ6XNSqwj
+lR4HryWvUNKdvh6ISFJXPZ07FzfcWq+/z1JcVw6AHdURRLn8QMIuCfqy6lpsXk/
5K9ZMIeNN4L923rDOJK2oOETLhumhN6lcGFb4cRVT5n1AqFn6VdBgbBitEy2P0k4
83cjYz5x2LUkWQ==
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:58:00 2025 by rpki-client