Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS262287.roa
File: AS262287.roa (raw, json)
Hash identifier: zbpjkkKNUzQpkyOYrT/eYEbd9jWc8gpeqdKEekUmefY=
Subject key identifier: 1C:D9:87:C1:56:1F:7E:7A:37:49:12:39:DA:C8:D6:80:E0:16:DF:6B
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 75EC3AE5663F8D4138C67312B061155A6119540A
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS262287.roa
Signing time: Tue 11 Feb 2025 11:09:21 +0000
ROA not before: Tue 11 Feb 2025 11:04:21 +0000
ROA not after: Tue 10 Feb 2026 11:09:21 +0000
asID: 262287
IP address blocks: 82.23.26.0/24 maxlen: 24
82.23.27.0/24 maxlen: 24
82.23.29.0/24 maxlen: 24
82.23.32.0/24 maxlen: 24
82.23.33.0/24 maxlen: 24
82.23.35.0/24 maxlen: 24
82.23.36.0/24 maxlen: 24
82.23.40.0/24 maxlen: 24
2a13:9500:20::/48 maxlen: 48
2a13:9500:21::/48 maxlen: 48
2a13:9500:22::/48 maxlen: 48
2a13:9500:23::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:ec:3a:e5:66:3f:8d:41:38:c6:73:12:b0:61:15:5a:61:19:54:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 11 11:04:21 2025 GMT
Not After : Feb 10 11:09:21 2026 GMT
Subject: CN=1CD987C1561F7E7A37491239DAC8D680E016DF6B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:8c:1d:61:7a:9d:85:8b:4f:a6:8d:db:be:b5:
85:9c:ba:a9:0f:35:01:15:a8:52:f5:d8:c5:68:a8:
1d:35:20:b9:51:ee:95:f4:cd:81:bc:f2:d2:74:97:
15:6f:42:38:a0:f2:aa:cd:78:59:cf:b5:51:4c:c9:
93:0f:1e:7f:ec:27:fd:26:b9:e5:d2:16:f7:a2:54:
bb:c5:29:dd:0f:44:0c:13:2d:ef:28:66:08:05:ec:
21:92:7e:26:be:60:35:b4:7f:cc:24:34:7a:1e:62:
de:34:42:3e:48:03:8b:78:24:3c:98:8c:34:b3:fd:
e5:b8:9a:50:80:54:11:68:fc:f9:22:ed:d5:7a:0c:
82:44:ff:36:c8:29:ff:ea:82:98:0b:03:8c:52:11:
70:1c:9c:60:e4:cf:03:75:df:df:a1:44:6d:09:63:
c5:5d:02:27:21:ae:5f:b8:12:d0:84:6a:f9:7b:2f:
57:4c:4e:bb:be:78:23:23:4b:26:56:6e:6f:bf:87:
fd:08:18:76:fb:06:92:b0:a9:97:a5:20:d8:df:3b:
59:c4:89:f6:6a:1e:f3:57:e0:5e:13:12:3e:a5:6f:
6c:ef:99:1b:68:dc:09:c1:86:90:74:34:b2:62:0a:
d6:ce:e4:94:52:b1:c3:dc:0f:50:c0:21:54:f8:fa:
10:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:D9:87:C1:56:1F:7E:7A:37:49:12:39:DA:C8:D6:80:E0:16:DF:6B
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS262287.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.26.0/23
82.23.29.0/24
82.23.32.0/23
82.23.35.0-82.23.36.255
82.23.40.0/24
IPv6:
2a13:9500:20::/46
Signature Algorithm: sha256WithRSAEncryption
69:2a:47:63:f1:e4:85:31:b5:b5:3f:6a:9a:13:5b:7f:01:ea:
64:0d:88:a7:89:2c:de:3c:50:a4:e5:71:91:90:27:ea:e6:19:
d2:3d:ae:14:82:e8:06:fd:9d:61:ec:c6:e5:c0:10:72:ff:d1:
4c:eb:7c:5a:c8:4d:d9:e1:76:c6:9f:ad:9f:86:1c:8f:da:20:
e1:85:30:e1:bf:25:d9:81:74:f0:02:25:e5:27:1c:29:b4:af:
1d:1f:70:bf:1b:d4:22:ca:b9:2f:d6:d8:44:7b:7a:37:84:54:
76:5b:b6:b6:51:e4:3c:74:30:a2:fe:8d:d7:a1:9e:87:35:65:
4f:47:35:4a:e6:9c:ed:81:2f:de:d0:ba:c6:08:d1:27:ff:91:
8d:45:5d:cd:dd:28:35:6b:f3:fc:12:d5:fb:10:31:2e:11:3b:
50:d3:4d:fd:d6:a0:29:ae:29:8b:f9:fe:dd:14:25:b2:aa:49:
19:2c:bc:11:b9:f5:08:6c:88:2c:4a:50:f6:69:5a:0c:f8:83:
d3:b0:28:f0:00:c2:85:8c:d6:ee:01:e5:2c:62:8c:24:f8:68:
14:6c:95:c3:9b:08:79:4e:e9:ba:55:02:f9:b0:ee:ea:b9:08:
a6:1a:1b:81:5e:8d:84:27:a5:b5:c0:8a:ea:f3:af:9c:cd:3e:
75:44:0a:08
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUdew65WY/jUE4xnMSsGEVWmEZVAowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMTExMTA0MjFaFw0yNjAyMTAxMTA5MjFaMDMxMTAvBgNV
BAMTKDFDRDk4N0MxNTYxRjdFN0EzNzQ5MTIzOURBQzhENjgwRTAxNkRGNkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwjB1hep2Fi0+mjdu+tYWcuqkP
NQEVqFL12MVoqB01ILlR7pX0zYG88tJ0lxVvQjig8qrNeFnPtVFMyZMPHn/sJ/0m
ueXSFveiVLvFKd0PRAwTLe8oZggF7CGSfia+YDW0f8wkNHoeYt40Qj5IA4t4JDyY
jDSz/eW4mlCAVBFo/Pki7dV6DIJE/zbIKf/qgpgLA4xSEXAcnGDkzwN139+hRG0J
Y8VdAichrl+4EtCEavl7L1dMTru+eCMjSyZWbm+/h/0IGHb7BpKwqZelINjfO1nE
ifZqHvNX4F4TEj6lb2zvmRto3AnBhpB0NLJiCtbO5JRSscPcD1DAIVT4+hCdAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUHNmHwVYffno3SRI52sjWgOAW32swHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjYyMjg3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAsBAIAATAmAwQBUhca
AwQAUhcdAwQBUhcgMAwDBABSFyMDBABSFyQDBABSFygwDwQCAAIwCQMHAioTlQAA
IDANBgkqhkiG9w0BAQsFAAOCAQEAaSpHY/HkhTG1tT9qmhNbfwHqZA2Ip4ks3jxQ
pOVxkZAn6uYZ0j2uFILoBv2dYezG5cAQcv/RTOt8WshN2eF2xp+tn4Ycj9og4YUw
4b8l2YF08AIl5SccKbSvHR9wvxvUIsq5L9bYRHt6N4RUdlu2tlHkPHQwov6N16Ge
hzVlT0c1Suac7YEv3tC6xgjRJ/+RjUVdzd0oNWvz/BLV+xAxLhE7UNNN/dagKa4p
i/n+3RQlsqpJGSy8Ebn1CGyILEpQ9mlaDPiD07Ao8ADChYzW7gHlLGKMJPhoFGyV
w5sIeU7pulUC+bDu6rkIphobgV6NhCeltcCK6vOvnM0+dUQKCA==
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:26:17 2025 by rpki-client