Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395793.roa
File: AS395793.roa (raw, json)
Hash identifier: xNZVJ5/MCFaYVybuEHKPSI5aBcNuKNcyK7TkE3R3JZA=
Subject key identifier: 81:46:EC:63:82:10:9E:8E:8B:FA:EB:F8:87:59:45:4F:4D:8F:5E:C7
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 58A6BF36E7A0F4AAA5D3F43404CC55DF757FF35C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395793.roa
Signing time: Tue 25 Feb 2025 08:34:30 +0000
ROA not before: Tue 25 Feb 2025 08:29:30 +0000
ROA not after: Tue 24 Feb 2026 08:34:30 +0000
asID: 395793
IP address blocks: 82.23.128.0/24 maxlen: 24
82.23.129.0/24 maxlen: 24
82.23.130.0/24 maxlen: 24
82.23.131.0/24 maxlen: 24
82.23.132.0/24 maxlen: 24
82.23.133.0/24 maxlen: 24
82.23.146.0/24 maxlen: 24
82.23.147.0/24 maxlen: 24
82.24.42.0/24 maxlen: 24
82.24.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:a6:bf:36:e7:a0:f4:aa:a5:d3:f4:34:04:cc:55:df:75:7f:f3:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 25 08:29:30 2025 GMT
Not After : Feb 24 08:34:30 2026 GMT
Subject: CN=8146EC6382109E8E8BFAEBF88759454F4D8F5EC7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7e:b7:b5:99:bc:84:eb:cc:96:e0:ad:4e:e7:
75:29:11:ad:09:85:b7:8b:d6:04:a1:be:8f:04:8f:
80:bd:02:02:79:09:a2:ec:f4:8d:8d:13:16:34:9a:
9d:6a:95:92:1c:3d:47:d1:85:0c:62:e3:01:2f:c9:
7c:4f:b2:7e:71:62:69:85:13:f5:bc:ce:14:25:f6:
d4:0b:99:00:7e:4d:a4:3f:97:83:16:a7:10:2f:bb:
ef:92:9c:49:80:cf:3f:1f:f9:2d:89:90:10:f8:ac:
e6:bb:48:8c:28:a3:52:ba:c7:46:4b:05:41:c5:87:
b0:73:67:14:07:99:51:b9:66:68:b6:1b:96:13:b2:
e4:72:c8:1a:3a:fd:53:23:20:44:83:de:48:56:62:
b4:58:6d:77:d5:86:d2:80:41:4c:b9:b1:e2:d5:6d:
c0:cd:e1:c0:8a:04:e5:49:7e:30:c8:85:97:e4:0e:
86:a0:66:4a:5e:44:f1:ca:83:70:00:65:8c:e1:71:
bd:8e:05:13:61:9f:25:ca:55:d7:8e:af:ec:32:85:
f6:37:28:9a:6a:29:28:cd:f8:10:f2:d9:9a:7f:7b:
14:66:cd:bf:fe:be:8f:2a:84:ca:8e:49:67:20:4f:
69:96:26:fe:9c:f6:67:d7:cb:7a:98:cb:c6:7b:94:
48:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:46:EC:63:82:10:9E:8E:8B:FA:EB:F8:87:59:45:4F:4D:8F:5E:C7
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395793.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.128.0-82.23.133.255
82.23.146.0/23
82.24.42.0/24
82.24.121.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:26:bd:ed:fc:e6:60:e4:d4:15:83:1b:bd:6b:67:8d:3d:9e:
80:52:d5:71:3b:e1:90:91:41:88:79:ed:7f:b8:31:96:97:97:
1c:a3:c0:68:4d:6f:25:69:69:fa:62:7d:3e:55:31:c9:47:00:
3c:86:85:a0:e2:b4:12:97:89:7c:a8:6e:3f:d8:3d:d5:ba:33:
57:61:fb:5b:77:64:26:d8:70:11:6d:0e:90:21:d9:c6:46:0c:
88:92:0a:c0:03:04:80:2b:67:66:54:65:be:bc:33:11:c0:77:
29:80:f5:af:63:d4:9f:53:29:48:b8:1d:7a:16:41:72:9b:47:
c0:9a:18:fc:56:d1:88:6c:78:3e:b6:bd:af:32:e2:86:9a:a7:
54:c8:86:e9:52:c2:93:fe:06:8b:d3:a2:8c:25:fe:01:03:52:
f6:40:3b:d1:43:05:df:11:c9:0c:9f:b4:82:1a:f6:fe:31:43:
c3:fb:fc:b5:74:e8:6d:23:4b:5c:2e:9b:25:cc:74:c9:01:fb:
8e:ad:38:c0:50:a0:8f:be:e1:dc:d0:d5:4d:7a:91:00:60:3f:
0d:e4:47:7c:3d:97:2e:84:f7:a6:7b:8a:5b:dd:e1:53:e6:c4:
2b:37:5b:7f:ae:a7:43:c5:0b:3a:c6:da:71:76:98:1d:3b:59:
36:ef:d8:8e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIUWKa/Nueg9Kql0/Q0BMxV33V/81wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMjUwODI5MzBaFw0yNjAyMjQwODM0MzBaMDMxMTAvBgNV
BAMTKDgxNDZFQzYzODIxMDlFOEU4QkZBRUJGODg3NTk0NTRGNEQ4RjVFQzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCfre1mbyE68yW4K1O53UpEa0J
hbeL1gShvo8Ej4C9AgJ5CaLs9I2NExY0mp1qlZIcPUfRhQxi4wEvyXxPsn5xYmmF
E/W8zhQl9tQLmQB+TaQ/l4MWpxAvu++SnEmAzz8f+S2JkBD4rOa7SIwoo1K6x0ZL
BUHFh7BzZxQHmVG5Zmi2G5YTsuRyyBo6/VMjIESD3khWYrRYbXfVhtKAQUy5seLV
bcDN4cCKBOVJfjDIhZfkDoagZkpeRPHKg3AAZYzhcb2OBRNhnyXKVdeOr+wyhfY3
KJpqKSjN+BDy2Zp/exRmzb/+vo8qhMqOSWcgT2mWJv6c9mfXy3qYy8Z7lEhHAgMB
AAGjggIkMIICIDAdBgNVHQ4EFgQUgUbsY4IQno6L+uv4h1lFT02PXscwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk1NzkzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAdS
F4ADBAFSF4QDBAFSF5IDBABSGCoDBABSGHkwDQYJKoZIhvcNAQELBQADggEBAH4m
ve385mDk1BWDG71rZ409noBS1XE74ZCRQYh57X+4MZaXlxyjwGhNbyVpafpifT5V
MclHADyGhaDitBKXiXyobj/YPdW6M1dh+1t3ZCbYcBFtDpAh2cZGDIiSCsADBIAr
Z2ZUZb68MxHAdymA9a9j1J9TKUi4HXoWQXKbR8CaGPxW0YhseD62va8y4oaap1TI
hulSwpP+BovToowl/gEDUvZAO9FDBd8RyQyftIIa9v4xQ8P7/LV06G0jS1wumyXM
dMkB+46tOMBQoI++4dzQ1U16kQBgPw3kR3w9ly6E96Z7ilvd4VPmxCs3W3+up0PF
CzrG2nF2mB07WTbv2I4=
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:26:18 2025 by rpki-client