Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS272605.roa
File: AS272605.roa (raw, json)
Hash identifier: JBWBHpDgw467LzYd8dgusSvxAjitwR43JGFRd3XBbbI=
Subject key identifier: CA:10:0A:89:04:24:85:B0:0C:5D:87:93:39:79:5D:49:99:FD:8C:6D
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 723FD13DC9E5037DEFF64C4B3783456A67E75F52
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS272605.roa
Signing time: Thu 30 Jan 2025 14:42:52 +0000
ROA not before: Thu 30 Jan 2025 14:37:52 +0000
ROA not after: Thu 29 Jan 2026 14:42:52 +0000
asID: 272605
IP address blocks: 82.26.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:3f:d1:3d:c9:e5:03:7d:ef:f6:4c:4b:37:83:45:6a:67:e7:5f:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 30 14:37:52 2025 GMT
Not After : Jan 29 14:42:52 2026 GMT
Subject: CN=CA100A89042485B00C5D879339795D4999FD8C6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0e:2e:75:ab:8c:1c:41:c5:be:75:45:5a:f3:
b9:dc:ef:19:47:aa:d1:49:32:a6:80:e0:09:0e:14:
dd:cf:10:f9:40:42:23:31:c4:6e:9f:bd:ed:e8:da:
1d:27:45:e0:0a:5b:3c:31:9f:0a:64:d1:0a:3e:87:
e9:20:f4:ad:6e:4d:d7:66:e5:17:e1:56:de:6e:ae:
41:08:e5:96:b0:76:8b:7a:34:19:a8:1e:27:68:a5:
b1:d9:8e:68:e5:e5:5c:51:bd:a1:d3:9a:77:f6:58:
af:55:1f:83:9f:46:1c:70:74:9e:4b:c2:46:9f:15:
50:23:27:32:0e:4f:0d:0a:f3:e7:92:da:74:e9:7a:
f3:8c:58:d9:9e:e8:c0:a4:92:c8:72:67:4e:ea:05:
af:29:d6:16:1e:04:f3:cd:62:82:71:68:5e:0b:9b:
d9:e0:e6:58:d8:2f:44:48:3e:dd:9b:b0:51:50:b8:
85:1d:74:cb:49:d6:3f:13:9a:4a:7b:6b:d6:6c:9e:
3e:15:e9:c5:73:a6:45:96:b8:df:48:c4:4f:7f:76:
ea:78:0b:08:cd:f9:1d:0a:41:a0:24:af:ea:87:a2:
04:1d:e9:4d:6f:d6:d8:1f:7a:05:1a:45:60:c8:9b:
1b:a1:3d:09:43:79:19:f2:4f:ae:2b:72:0e:89:66:
1b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:10:0A:89:04:24:85:B0:0C:5D:87:93:39:79:5D:49:99:FD:8C:6D
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS272605.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.26.76.0/24
Signature Algorithm: sha256WithRSAEncryption
57:77:a8:fd:bb:3a:95:6b:71:a2:eb:ee:db:9c:b1:04:d6:cf:
72:48:9a:c1:6f:44:95:28:0a:b0:9f:2c:b2:35:4e:be:c7:35:
2e:fd:5c:d1:05:5f:97:2a:ba:dc:7a:08:ee:ce:6b:81:7c:82:
5a:0a:cf:4b:ff:6f:28:c4:41:b5:d8:05:85:7b:ac:3c:09:d6:
50:10:8c:d2:11:92:b9:e4:f8:55:b4:c3:d6:9b:4b:b3:96:3b:
db:7a:ac:a2:90:8f:60:fb:30:52:2c:0b:1a:d6:61:c1:a4:fc:
04:34:7d:80:ab:9a:28:41:16:9c:9a:3e:c5:a6:0d:b8:38:5d:
63:89:e3:51:91:f4:4a:79:6c:bd:eb:52:85:2b:7f:26:a9:2e:
a4:d9:09:7f:3c:d7:5a:19:06:e9:85:23:ab:02:59:4a:c9:41:
51:05:2c:c6:ba:3d:0d:1d:c5:32:46:f0:74:12:70:fd:ac:38:
f4:ed:4b:53:43:83:9d:cc:03:f8:da:13:23:17:88:32:54:68:
3a:1f:95:3d:72:95:51:b1:96:8f:cb:97:91:64:c9:43:a6:28:
3a:b4:bb:df:07:81:c8:39:94:04:45:12:39:22:8d:e3:f6:f4:
fa:0d:bf:ad:f0:4a:71:8c:9f:ff:96:95:2e:5c:b4:cc:43:27:
bf:7f:4c:a5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUcj/RPcnlA33v9kxLN4NFamfnX1IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMzAxNDM3NTJaFw0yNjAxMjkxNDQyNTJaMDMxMTAvBgNV
BAMTKENBMTAwQTg5MDQyNDg1QjAwQzVEODc5MzM5Nzk1RDQ5OTlGRDhDNkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkDi51q4wcQcW+dUVa87nc7xlH
qtFJMqaA4AkOFN3PEPlAQiMxxG6fve3o2h0nReAKWzwxnwpk0Qo+h+kg9K1uTddm
5RfhVt5urkEI5Zawdot6NBmoHidopbHZjmjl5VxRvaHTmnf2WK9VH4OfRhxwdJ5L
wkafFVAjJzIOTw0K8+eS2nTpevOMWNme6MCkkshyZ07qBa8p1hYeBPPNYoJxaF4L
m9ng5ljYL0RIPt2bsFFQuIUddMtJ1j8Tmkp7a9Zsnj4V6cVzpkWWuN9IxE9/dup4
CwjN+R0KQaAkr+qHogQd6U1v1tgfegUaRWDImxuhPQlDeRnyT64rcg6JZhujAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUyhAKiQQkhbAMXYeTOXldSZn9jG0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjcyNjA1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUhpM
MA0GCSqGSIb3DQEBCwUAA4IBAQBXd6j9uzqVa3Gi6+7bnLEE1s9ySJrBb0SVKAqw
nyyyNU6+xzUu/VzRBV+XKrrcegjuzmuBfIJaCs9L/28oxEG12AWFe6w8CdZQEIzS
EZK55PhVtMPWm0uzljvbeqyikI9g+zBSLAsa1mHBpPwENH2Aq5ooQRacmj7Fpg24
OF1jieNRkfRKeWy961KFK38mqS6k2Ql/PNdaGQbphSOrAllKyUFRBSzGuj0NHcUy
RvB0EnD9rDj07UtTQ4OdzAP42hMjF4gyVGg6H5U9cpVRsZaPy5eRZMlDpig6tLvf
B4HIOZQERRI5Io3j9vT6Db+t8EpxjJ//lpUuXLTMQye/f0yl
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:04:15 2025 by rpki-client