Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214062.roa
File: AS214062.roa (raw, json)
Hash identifier: 3tHIUirVNIKp6KZ1SYvyxOz9C7IXd9WGIuR4oabd4wE=
Subject key identifier: E6:17:94:D0:0C:72:F2:11:4B:51:CE:44:E4:5C:6A:2E:E6:F7:6D:75
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7258F5B2657A14178435A68307A01B2838F54BBD
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214062.roa
Signing time: Wed 29 Jan 2025 17:21:00 +0000
ROA not before: Wed 29 Jan 2025 17:16:00 +0000
ROA not after: Wed 28 Jan 2026 17:21:00 +0000
asID: 214062
IP address blocks: 82.23.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:58:f5:b2:65:7a:14:17:84:35:a6:83:07:a0:1b:28:38:f5:4b:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 29 17:16:00 2025 GMT
Not After : Jan 28 17:21:00 2026 GMT
Subject: CN=E61794D00C72F2114B51CE44E45C6A2EE6F76D75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3a:08:11:65:e5:65:77:73:03:f5:0e:d9:33:
ce:fb:d5:bf:4c:87:05:9d:ee:ca:f8:b4:cb:de:85:
ac:f3:13:ca:dc:f5:ee:a0:7f:3b:0b:f4:ed:c9:d8:
a8:3a:ce:15:c9:92:1b:1d:60:52:b1:09:91:6b:9f:
8b:7f:7d:e7:b4:ff:c9:4c:cf:61:a5:c2:3a:4a:44:
b4:f2:9c:05:f9:0e:07:ca:80:bd:c9:ff:6c:31:d7:
69:02:12:24:e4:be:ec:66:35:09:71:a3:29:07:e5:
b3:20:2b:f3:e1:74:9f:90:59:4f:1c:3d:d6:be:ba:
cb:b8:4a:11:6f:1a:6e:f7:2b:1b:07:76:ec:ed:a7:
cf:82:d1:4d:b0:6d:4c:42:7f:5c:ba:5f:7d:2f:9a:
1f:cb:b0:80:8f:f4:d1:2d:94:82:64:18:6d:c0:ad:
97:42:7a:74:c2:38:5c:8c:f7:1e:9d:39:83:78:3b:
21:e8:25:2a:1f:ff:cd:b1:e3:5a:c8:a6:4e:a7:44:
66:0b:bf:98:76:62:f3:c1:57:4c:eb:cb:bf:30:11:
b4:99:50:66:34:37:05:7c:cb:44:8f:92:6e:bd:91:
46:31:82:4a:06:a5:14:7a:80:0b:f4:e4:9d:81:f5:
b6:33:f0:76:8b:31:12:e6:e6:30:48:87:c5:4e:1d:
be:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:17:94:D0:0C:72:F2:11:4B:51:CE:44:E4:5C:6A:2E:E6:F7:6D:75
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214062.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.183.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:48:55:ee:98:6c:50:33:b2:05:55:49:1f:be:07:b4:b4:de:
bd:d3:57:86:77:5c:6c:e4:dd:dd:07:96:98:dd:73:91:c5:07:
c3:4f:b0:ee:12:97:f3:8c:55:16:14:67:20:86:92:19:94:bf:
cb:12:a4:89:67:32:cb:a5:a8:e8:32:36:59:02:9e:73:25:45:
4d:af:5d:0e:1b:78:fb:98:25:9e:1b:5b:f3:43:79:5b:af:1b:
d6:9f:2c:8f:95:5b:55:68:be:24:4c:2f:02:5d:b1:cd:0a:0f:
fa:f6:c3:b1:a4:aa:17:88:99:d5:13:29:57:2d:a7:4e:5a:29:
54:00:10:55:00:70:77:59:a6:b1:4a:09:37:b7:74:25:bd:ae:
f3:9b:84:b8:9b:eb:c8:d9:be:b8:12:14:bf:cf:7c:1b:bd:47:
04:4a:0f:9e:f0:22:85:5e:1b:6c:f7:a9:db:6d:fa:04:f3:a5:
8d:ba:c7:22:79:1c:f8:1a:3c:e8:43:0f:2b:8b:51:fa:ad:2a:
b9:63:e4:40:86:9b:f8:ed:46:07:c3:4a:18:b8:51:3d:4f:f8:
8f:7a:6a:63:6c:4c:ae:a2:15:8d:ed:bf:df:dd:b2:76:ec:9a:
49:70:7a:d2:4d:5c:60:a2:8b:10:77:c1:56:8b:9c:c2:f4:38:
fc:40:a4:03
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUclj1smV6FBeENaaDB6AbKDj1S70wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMjkxNzE2MDBaFw0yNjAxMjgxNzIxMDBaMDMxMTAvBgNV
BAMTKEU2MTc5NEQwMEM3MkYyMTE0QjUxQ0U0NEU0NUM2QTJFRTZGNzZENzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6OggRZeVld3MD9Q7ZM8771b9M
hwWd7sr4tMvehazzE8rc9e6gfzsL9O3J2Kg6zhXJkhsdYFKxCZFrn4t/fee0/8lM
z2GlwjpKRLTynAX5DgfKgL3J/2wx12kCEiTkvuxmNQlxoykH5bMgK/PhdJ+QWU8c
Pda+usu4ShFvGm73KxsHduztp8+C0U2wbUxCf1y6X30vmh/LsICP9NEtlIJkGG3A
rZdCenTCOFyM9x6dOYN4OyHoJSof/82x41rIpk6nRGYLv5h2YvPBV0zry78wEbSZ
UGY0NwV8y0SPkm69kUYxgkoGpRR6gAv05J2B9bYz8HaLMRLm5jBIh8VOHb7XAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU5heU0Axy8hFLUc5E5FxqLub3bXUwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0MDYyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUhe3
MA0GCSqGSIb3DQEBCwUAA4IBAQCMSFXumGxQM7IFVUkfvge0tN6901eGd1xs5N3d
B5aY3XORxQfDT7DuEpfzjFUWFGcghpIZlL/LEqSJZzLLpajoMjZZAp5zJUVNr10O
G3j7mCWeG1vzQ3lbrxvWnyyPlVtVaL4kTC8CXbHNCg/69sOxpKoXiJnVEylXLadO
WilUABBVAHB3WaaxSgk3t3Qlva7zm4S4m+vI2b64EhS/z3wbvUcESg+e8CKFXhts
96nbbfoE86WNuscieRz4GjzoQw8ri1H6rSq5Y+RAhpv47UYHw0oYuFE9T/iPempj
bEyuohWN7b/f3bJ27JpJcHrSTVxgoosQd8FWi5zC9Dj8QKQD
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:44:42 2025 by rpki-client