Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395793.roa
File: AS395793.roa (raw, json)
Hash identifier: svpIkkuEh/LzTNydE3qmVeltXVD883t+OWi3CEfvlho=
Subject key identifier: 87:4F:4F:EF:E5:F4:D1:B5:61:E9:7A:52:7F:6A:C2:F0:13:A1:FE:C0
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3E3C979B74B541657A62CAC844AEFE4EDED551FD
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395793.roa
Signing time: Thu 16 Jan 2025 10:34:10 +0000
ROA not before: Thu 16 Jan 2025 10:29:10 +0000
ROA not after: Thu 15 Jan 2026 10:34:10 +0000
asID: 395793
IP address blocks: 82.23.128.0/24 maxlen: 24
82.23.129.0/24 maxlen: 24
82.23.130.0/24 maxlen: 24
82.23.131.0/24 maxlen: 24
82.23.132.0/24 maxlen: 24
82.23.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:3c:97:9b:74:b5:41:65:7a:62:ca:c8:44:ae:fe:4e:de:d5:51:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 16 10:29:10 2025 GMT
Not After : Jan 15 10:34:10 2026 GMT
Subject: CN=874F4FEFE5F4D1B561E97A527F6AC2F013A1FEC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d7:d3:78:ac:b4:20:25:b6:19:89:97:9f:28:
da:52:40:c0:85:5e:a2:ba:a5:87:0b:3c:1b:dd:c1:
ae:f6:78:35:26:67:41:83:65:99:6f:2d:db:46:f0:
24:33:b5:5f:31:10:0c:9f:a2:ff:7e:36:4c:02:c9:
fa:28:d3:bb:4b:13:61:d3:88:6c:6d:40:e3:11:0a:
62:b3:42:ed:99:54:f1:b4:61:8a:5d:2b:af:03:b5:
29:00:8d:9c:b9:32:71:3c:b3:d9:e5:30:09:5b:61:
9c:fd:c9:bb:ba:9f:04:1d:13:6b:5f:59:51:61:78:
eb:85:9e:90:d4:cc:3a:3b:9c:93:1c:62:49:67:4e:
a9:e4:32:f5:f4:5f:bc:e2:45:b7:5f:6d:9a:00:ad:
b2:02:f5:2d:07:fd:53:77:ff:40:05:5a:7a:13:8d:
60:e7:d3:b0:e0:ec:c1:60:af:1a:ec:0a:01:a9:30:
82:13:47:56:94:41:97:d8:f6:f2:97:fa:a4:1e:e7:
f7:76:1f:ce:a4:ed:c1:07:ef:1f:6d:25:36:c1:a3:
59:95:b1:57:96:4a:f7:2d:7d:54:65:8f:37:7d:ad:
2a:a5:82:6e:0c:13:12:d2:2b:1a:63:38:c4:ac:e5:
68:dd:25:2e:1f:1e:f1:77:ce:02:00:9f:6f:a0:ba:
3e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:4F:4F:EF:E5:F4:D1:B5:61:E9:7A:52:7F:6A:C2:F0:13:A1:FE:C0
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395793.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.128.0-82.23.133.255
Signature Algorithm: sha256WithRSAEncryption
22:17:48:4c:fe:70:6f:c5:c8:97:af:fc:6e:30:9e:f4:45:37:
33:e1:0f:84:b6:a5:4b:33:9c:90:94:19:5b:d6:dd:fa:68:18:
79:36:3a:ae:f0:51:6a:75:41:b5:85:41:db:dc:34:e9:47:e7:
d5:a0:df:45:2b:3c:9c:c4:d3:61:a0:04:82:99:18:b1:62:f1:
cd:13:97:c7:1f:10:2e:2c:07:e0:8a:ee:96:40:c6:3d:34:66:
ea:cc:47:4c:aa:44:0c:fc:04:13:b0:16:7f:5e:d9:27:06:4b:
38:09:1f:d2:31:f7:88:aa:6b:49:f7:d1:11:fb:77:7b:f7:e0:
5b:94:b5:6c:7a:f3:cd:d8:02:55:c6:7b:09:1f:67:4f:1c:b6:
e2:1e:ba:99:e8:f7:bf:e4:79:6e:a8:df:fe:a6:6a:18:08:5e:
bb:69:0b:1c:62:89:80:a9:55:8e:ef:42:b4:22:ed:67:87:ec:
e7:d0:2f:50:3f:14:32:ed:58:ad:88:6d:e0:2a:09:27:43:96:
64:3f:30:bd:4d:98:8b:1f:fb:81:83:fc:4e:c7:3c:03:b9:9b:
3c:80:d2:2c:63:1e:a3:bd:f3:1b:f6:2e:69:c4:e7:c6:4b:f5:
05:04:90:1d:0f:e1:5a:d9:df:f8:df:36:20:85:b5:1f:de:34:
27:ce:74:c4
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIUPjyXm3S1QWV6YsrIRK7+Tt7VUf0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMTYxMDI5MTBaFw0yNjAxMTUxMDM0MTBaMDMxMTAvBgNV
BAMTKDg3NEY0RkVGRTVGNEQxQjU2MUU5N0E1MjdGNkFDMkYwMTNBMUZFQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH19N4rLQgJbYZiZefKNpSQMCF
XqK6pYcLPBvdwa72eDUmZ0GDZZlvLdtG8CQztV8xEAyfov9+NkwCyfoo07tLE2HT
iGxtQOMRCmKzQu2ZVPG0YYpdK68DtSkAjZy5MnE8s9nlMAlbYZz9ybu6nwQdE2tf
WVFheOuFnpDUzDo7nJMcYklnTqnkMvX0X7ziRbdfbZoArbIC9S0H/VN3/0AFWnoT
jWDn07Dg7MFgrxrsCgGpMIITR1aUQZfY9vKX+qQe5/d2H86k7cEH7x9tJTbBo1mV
sVeWSvctfVRljzd9rSqlgm4MExLSKxpjOMSs5WjdJS4fHvF3zgIAn2+guj4pAgMB
AAGjggISMIICDjAdBgNVHQ4EFgQUh09P7+X00bVh6XpSf2rC8BOh/sAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk1NzkzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAdS
F4ADBAFSF4QwDQYJKoZIhvcNAQELBQADggEBACIXSEz+cG/FyJev/G4wnvRFNzPh
D4S2pUsznJCUGVvW3fpoGHk2Oq7wUWp1QbWFQdvcNOlH59Wg30UrPJzE02GgBIKZ
GLFi8c0Tl8cfEC4sB+CK7pZAxj00ZurMR0yqRAz8BBOwFn9e2ScGSzgJH9Ix94iq
a0n30RH7d3v34FuUtWx6883YAlXGewkfZ08ctuIeupno97/keW6o3/6mahgIXrtp
CxxiiYCpVY7vQrQi7WeH7OfQL1A/FDLtWK2IbeAqCSdDlmQ/ML1NmIsf+4GD/E7H
PAO5mzyA0ixjHqO98xv2LmnE58ZL9QUEkB0P4VrZ3/jfNiCFtR/eNCfOdMQ=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:57:51 2025 by rpki-client