Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3356.roa
File: AS3356.roa (raw, json)
Hash identifier: o0U8oT/k58o5Vjk5xC32CngSZoEbyhNbSFp23IQTxuc=
Subject key identifier: 72:47:58:CD:73:6C:4E:FD:3A:22:6A:80:F9:4B:C5:3C:F6:4C:2B:38
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 1A200AC40E0301162D7AF73AFA9EB4FEDDEE47BD
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3356.roa
Signing time: Mon 27 Jan 2025 17:20:02 +0000
ROA not before: Mon 27 Jan 2025 17:15:02 +0000
ROA not after: Mon 26 Jan 2026 17:20:02 +0000
asID: 3356
IP address blocks: 82.22.142.0/24 maxlen: 24
82.22.164.0/24 maxlen: 24
82.24.15.0/24 maxlen: 24
82.24.108.0/24 maxlen: 24
82.24.115.0/24 maxlen: 24
82.25.174.0/24 maxlen: 24
82.25.185.0/24 maxlen: 24
82.26.71.0/24 maxlen: 24
82.26.86.0/24 maxlen: 24
82.26.95.0/24 maxlen: 24
82.26.129.0/24 maxlen: 24
82.26.146.0/24 maxlen: 24
2a13:9500:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:20:0a:c4:0e:03:01:16:2d:7a:f7:3a:fa:9e:b4:fe:dd:ee:47:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 27 17:15:02 2025 GMT
Not After : Jan 26 17:20:02 2026 GMT
Subject: CN=724758CD736C4EFD3A226A80F94BC53CF64C2B38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:c8:74:ea:1a:0e:fa:2c:e8:c9:af:74:b4:57:
79:3c:ac:38:6e:71:71:9a:9b:24:eb:cb:70:6a:cb:
1d:41:09:d4:c3:9c:10:36:48:f9:48:92:e4:ed:e6:
60:e0:63:af:39:6d:6f:5f:22:3c:f4:79:c8:66:78:
d9:cb:cb:7b:10:c1:c1:7f:f2:f6:e7:69:37:77:b6:
1e:7a:3d:cf:34:dc:9e:fa:9d:5f:fe:81:8b:c5:67:
fe:d6:ca:f6:dc:a1:43:78:57:21:ec:0e:20:e5:2f:
9f:8b:a0:2d:88:29:00:31:98:df:b4:ab:36:45:3c:
1e:08:ed:3d:44:41:02:43:94:93:7b:9f:94:a4:2c:
70:77:18:35:d4:5e:5f:85:bf:4b:d4:68:3e:16:5e:
9f:37:a9:71:68:bf:88:26:87:2a:7c:65:a5:be:fb:
e4:8a:e1:b7:25:3e:a5:a9:af:b4:10:c1:bc:99:ac:
1b:34:ed:65:68:7a:d2:bf:34:0d:a4:f8:c5:8d:f9:
1d:d8:10:bf:ca:c5:98:a0:02:07:e1:30:8e:30:53:
48:1d:4e:04:b1:72:ae:8b:08:72:34:68:be:92:ac:
2e:55:9d:eb:e6:ec:4e:6c:bd:c5:72:4d:34:82:45:
27:e2:b9:17:d7:05:0b:75:bc:a8:07:5b:20:a9:e3:
db:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:47:58:CD:73:6C:4E:FD:3A:22:6A:80:F9:4B:C5:3C:F6:4C:2B:38
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.142.0/24
82.22.164.0/24
82.24.15.0/24
82.24.108.0/24
82.24.115.0/24
82.25.174.0/24
82.25.185.0/24
82.26.71.0/24
82.26.86.0/24
82.26.95.0/24
82.26.129.0/24
82.26.146.0/24
IPv6:
2a13:9500:2::/48
Signature Algorithm: sha256WithRSAEncryption
10:e3:f0:d5:d3:39:80:70:de:c1:3f:49:14:24:a3:a2:d7:54:
58:34:59:4d:a5:45:31:2c:d7:d4:95:a5:ec:6c:80:e9:82:97:
9e:b6:34:ae:b3:80:93:70:c6:a9:a5:08:4c:78:56:8e:8e:01:
c1:70:c2:af:4a:81:73:ce:29:28:8f:e3:3f:56:77:34:2c:d8:
d8:cc:70:d3:cb:b3:ed:bc:b9:13:c2:4d:fa:3e:a5:6e:58:7d:
1a:f6:78:71:c5:47:f7:36:44:83:78:2d:9a:7f:66:ae:4b:85:
bd:d8:e7:3e:5f:3d:a4:7d:a7:1c:fc:42:b6:5f:52:ab:c8:ad:
2b:dd:2f:14:00:e5:ed:3c:58:60:91:e8:73:b6:d2:4d:a2:2c:
d8:b1:61:a3:0c:46:e8:83:1c:1c:3e:a8:f9:ac:f2:92:44:67:
ab:9b:ba:c9:c9:16:19:33:e5:60:1f:14:f0:15:23:64:d2:dc:
bf:2f:8f:2e:59:f8:0c:e7:c8:0f:a7:18:57:b7:e5:9d:33:8a:
fe:3a:c4:ce:68:f8:2f:10:4e:bd:14:dd:36:79:c0:37:79:79:
6a:21:d9:a1:b1:13:67:5a:5f:a4:18:32:98:09:6e:69:22:c4:
8b:f3:bc:ca:2d:bc:d0:4e:78:04:58:06:f9:32:bf:dc:80:04:
6e:80:d3:40
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIUGiAKxA4DARYtevc6+p60/t3uR70wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMjcxNzE1MDJaFw0yNjAxMjYxNzIwMDJaMDMxMTAvBgNV
BAMTKDcyNDc1OENENzM2QzRFRkQzQTIyNkE4MEY5NEJDNTNDRjY0QzJCMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD3yHTqGg76LOjJr3S0V3k8rDhu
cXGamyTry3Bqyx1BCdTDnBA2SPlIkuTt5mDgY685bW9fIjz0echmeNnLy3sQwcF/
8vbnaTd3th56Pc803J76nV/+gYvFZ/7WyvbcoUN4VyHsDiDlL5+LoC2IKQAxmN+0
qzZFPB4I7T1EQQJDlJN7n5SkLHB3GDXUXl+Fv0vUaD4WXp83qXFov4gmhyp8ZaW+
++SK4bclPqWpr7QQwbyZrBs07WVoetK/NA2k+MWN+R3YEL/KxZigAgfhMI4wU0gd
TgSxcq6LCHI0aL6SrC5Vnevm7E5svcVyTTSCRSfiuRfXBQt1vKgHWyCp49ulAgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQUckdYzXNsTv06ImqA+UvFPPZMKzgwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzM1Ni5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjByBggrBgEFBQcBBwEB/wRjMGEwTgQCAAEwSAMEAFIWjgME
AFIWpAMEAFIYDwMEAFIYbAMEAFIYcwMEAFIZrgMEAFIZuQMEAFIaRwMEAFIaVgME
AFIaXwMEAFIagQMEAFIakjAPBAIAAjAJAwcAKhOVAAACMA0GCSqGSIb3DQEBCwUA
A4IBAQAQ4/DV0zmAcN7BP0kUJKOi11RYNFlNpUUxLNfUlaXsbIDpgpeetjSus4CT
cMappQhMeFaOjgHBcMKvSoFzzikoj+M/Vnc0LNjYzHDTy7PtvLkTwk36PqVuWH0a
9nhxxUf3NkSDeC2af2auS4W92Oc+Xz2kfacc/EK2X1KryK0r3S8UAOXtPFhgkehz
ttJNoizYsWGjDEbogxwcPqj5rPKSRGerm7rJyRYZM+VgHxTwFSNk0ty/L48uWfgM
58gPpxhXt+WdM4r+OsTOaPgvEE69FN02ecA3eXlqIdmhsRNnWl+kGDKYCW5pIsSL
87zKLbzQTngEWAb5Mr/cgARugNNA
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:09:09 2025 by rpki-client