Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213710.roa
File: AS213710.roa (raw, json)
Hash identifier: /gJFlPCIVVXSSVjW628Hwsz+xeIG4TOGF6r5Sc7Vj2w=
Subject key identifier: B4:35:56:D9:80:ED:36:71:44:04:4A:6A:CF:1C:01:9A:EA:A3:C6:0F
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 44DB54C927EF35792B8CAEC7C8605B8430A8E5C2
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213710.roa
Signing time: Thu 02 Jan 2025 07:43:07 +0000
ROA not before: Thu 02 Jan 2025 07:38:07 +0000
ROA not after: Thu 01 Jan 2026 07:43:07 +0000
asID: 213710
IP address blocks: 82.29.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:db:54:c9:27:ef:35:79:2b:8c:ae:c7:c8:60:5b:84:30:a8:e5:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 2 07:38:07 2025 GMT
Not After : Jan 1 07:43:07 2026 GMT
Subject: CN=B43556D980ED367144044A6ACF1C019AEAA3C60F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:17:a0:b6:07:a1:64:61:25:5e:25:37:1f:c1:
b3:dc:17:18:4e:6a:14:df:9d:3b:a1:88:86:dc:16:
72:0d:6b:f9:24:3d:f3:e6:92:5b:11:0b:6b:33:30:
d4:22:31:a6:bf:ea:6f:6e:f1:9c:86:65:df:b6:7e:
45:51:28:24:24:ac:3e:1c:b7:1d:6d:c2:bb:2a:0a:
14:a9:33:75:34:84:65:40:c9:94:df:82:83:43:66:
41:9d:af:7d:d3:b2:4e:7e:6a:e4:89:a1:cc:b8:3e:
ff:28:5c:5c:87:8b:b4:6b:86:18:df:2f:26:9e:9a:
b5:11:8b:03:4f:c0:4b:aa:bb:50:cf:55:f7:f7:0b:
56:f8:d8:a5:9f:19:83:59:2c:16:ea:74:8f:e4:d2:
84:d3:74:ba:40:af:9c:12:d7:3e:62:45:5f:99:02:
5f:d6:70:88:3c:87:cf:c2:e9:cd:0b:6b:7a:93:e9:
8a:66:7c:d8:a9:ec:ab:49:fc:b1:7d:7a:86:26:48:
dd:90:42:7f:2b:db:6c:c7:9c:cb:c9:1b:8e:06:52:
d2:92:b3:cb:dd:d1:4c:fe:45:2d:7d:bb:c2:80:ee:
c6:5e:1c:ac:ab:d3:05:df:8c:36:68:73:69:c7:6e:
3f:7b:12:e6:8e:cd:bd:5f:71:f9:dd:92:69:c9:13:
ee:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:35:56:D9:80:ED:36:71:44:04:4A:6A:CF:1C:01:9A:EA:A3:C6:0F
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213710.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.29.1.0/24
Signature Algorithm: sha256WithRSAEncryption
10:cf:b2:e3:40:eb:89:51:59:ff:32:60:86:26:d9:98:d5:98:
f2:02:e0:a0:98:71:ea:ca:e1:5f:ed:a0:82:68:19:63:34:69:
16:6e:a1:13:7b:7f:e5:62:9e:20:e9:8c:6c:4e:07:dd:10:7d:
21:88:1f:00:2f:d9:d1:ff:2e:34:ff:4b:26:2a:99:cc:bb:dd:
73:42:4f:20:37:fe:79:96:4e:79:af:bf:2d:dc:e6:a9:09:b7:
b3:1f:77:dd:a7:5b:38:91:d1:01:01:06:98:e5:4e:d2:94:1f:
4e:c8:06:2f:89:6c:62:d9:0e:90:26:27:ca:ba:d2:7d:4c:1d:
9d:13:09:33:e2:d4:f6:02:de:aa:bc:ec:32:41:c3:df:81:4f:
0a:9d:70:41:1b:5b:23:e7:fe:f3:47:dc:a2:0d:c3:49:1e:1c:
2c:8b:44:45:4f:2f:2c:de:65:ae:5a:db:e9:24:c4:d0:f7:53:
55:26:9a:d3:b4:2e:37:7d:bc:b0:44:ff:ee:21:09:49:9a:fa:
a5:93:53:0e:21:02:34:8f:64:16:ab:72:e2:b5:ac:b8:2b:89:
e1:12:c4:f7:12:bb:f6:99:9e:2b:c4:1d:2e:f3:bf:2d:3c:31:
2b:90:8e:61:2b:2d:f5:9a:90:6a:7f:35:8e:d5:2d:c7:5e:64:
5c:d5:72:da
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIURNtUySfvNXkrjK7HyGBbhDCo5cIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMDIwNzM4MDdaFw0yNjAxMDEwNzQzMDdaMDMxMTAvBgNV
BAMTKEI0MzU1NkQ5ODBFRDM2NzE0NDA0NEE2QUNGMUMwMTlBRUFBM0M2MEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2F6C2B6FkYSVeJTcfwbPcFxhO
ahTfnTuhiIbcFnINa/kkPfPmklsRC2szMNQiMaa/6m9u8ZyGZd+2fkVRKCQkrD4c
tx1twrsqChSpM3U0hGVAyZTfgoNDZkGdr33Tsk5+auSJocy4Pv8oXFyHi7Rrhhjf
LyaemrURiwNPwEuqu1DPVff3C1b42KWfGYNZLBbqdI/k0oTTdLpAr5wS1z5iRV+Z
Al/WcIg8h8/C6c0La3qT6YpmfNip7KtJ/LF9eoYmSN2QQn8r22zHnMvJG44GUtKS
s8vd0Uz+RS19u8KA7sZeHKyr0wXfjDZoc2nHbj97EuaOzb1fcfndkmnJE+4XAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUtDVW2YDtNnFEBEpqzxwBmuqjxg8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEzNzEwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUh0B
MA0GCSqGSIb3DQEBCwUAA4IBAQAQz7LjQOuJUVn/MmCGJtmY1ZjyAuCgmHHqyuFf
7aCCaBljNGkWbqETe3/lYp4g6YxsTgfdEH0hiB8AL9nR/y40/0smKpnMu91zQk8g
N/55lk55r78t3OapCbezH3fdp1s4kdEBAQaY5U7SlB9OyAYviWxi2Q6QJifKutJ9
TB2dEwkz4tT2At6qvOwyQcPfgU8KnXBBG1sj5/7zR9yiDcNJHhwsi0RFTy8s3mWu
WtvpJMTQ91NVJprTtC43fbywRP/uIQlJmvqlk1MOIQI0j2QWq3Litay4K4nhEsT3
Erv2mZ4rxB0u878tPDErkI5hKy31mpBqfzWO1S3HXmRc1XLa
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:08:00 2025 by rpki-client