Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa
File: AS396356.roa (raw, json)
Hash identifier: 07VroMkgdDG8mJ4ZF6+8AzNYaRS9B3RXu4i2+DL15mc=
Subject key identifier: E6:E0:AB:3E:33:CF:98:FB:C8:43:E5:80:6D:B4:4D:5E:18:DB:9D:9C
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 41813459CF104D6EADA56726C895A9CAFB12D6F4
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa
Signing time: Mon 27 Jan 2025 07:35:15 +0000
ROA not before: Mon 27 Jan 2025 07:30:15 +0000
ROA not after: Mon 26 Jan 2026 07:35:15 +0000
asID: 396356
IP address blocks: 82.21.96.0/22 maxlen: 22
2a13:9500:1c::/48 maxlen: 48
2a13:9500:1d::/48 maxlen: 48
2a13:9500:1e::/48 maxlen: 48
2a13:9500:1f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:81:34:59:cf:10:4d:6e:ad:a5:67:26:c8:95:a9:ca:fb:12:d6:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 27 07:30:15 2025 GMT
Not After : Jan 26 07:35:15 2026 GMT
Subject: CN=E6E0AB3E33CF98FBC843E5806DB44D5E18DB9D9C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:56:cf:ee:42:df:c9:14:e0:c4:62:a8:74:4b:
60:08:c2:ad:cc:32:e7:b0:41:9b:6d:23:c5:df:c7:
24:8b:33:e7:ba:0f:06:20:4f:4e:63:de:5d:e4:74:
ce:1d:3c:10:dd:a3:d1:87:63:62:92:dc:11:51:75:
1b:4b:80:5b:01:48:e5:56:58:03:13:2a:33:b6:67:
79:08:86:17:d1:d5:c9:c0:cb:b3:b4:84:64:24:f3:
04:bf:b2:be:28:5b:cc:70:21:05:29:c4:13:ba:f9:
7f:ce:59:e5:ce:08:ba:8a:4e:ea:b6:14:90:cb:3f:
38:37:ea:47:16:d8:8d:a6:80:c3:71:5f:63:4f:23:
2d:32:6e:d7:da:46:22:8a:82:1a:bd:c6:aa:61:30:
70:aa:cf:c6:ec:e8:dd:d5:30:93:f2:f5:3f:63:36:
32:1e:81:7c:f6:dc:9b:54:73:59:19:63:54:ba:42:
21:2e:a3:27:b1:bb:fa:b8:33:d7:c7:25:06:4f:b2:
d9:58:eb:38:7f:c4:c8:ee:78:69:5f:05:ae:a9:48:
ef:5f:a8:26:eb:a1:2b:f2:b5:b2:cd:aa:cf:17:79:
1d:92:8c:0f:98:b8:3e:59:0a:2b:73:f2:1a:b6:9d:
b8:41:0a:48:75:cc:01:a3:b3:06:09:b7:08:72:1f:
1f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:E0:AB:3E:33:CF:98:FB:C8:43:E5:80:6D:B4:4D:5E:18:DB:9D:9C
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.96.0/22
IPv6:
2a13:9500:1c::/46
Signature Algorithm: sha256WithRSAEncryption
04:c4:9c:bc:f6:e1:e2:cf:48:52:7e:ab:0d:8d:ef:81:7e:3f:
fa:ee:e2:0e:9d:9d:1f:cf:62:8b:c7:7b:5b:f7:39:e3:63:df:
6f:a3:da:e5:bf:35:c7:d8:e7:c4:ed:ef:f7:20:a4:73:ba:23:
89:07:df:84:f1:0d:73:59:25:46:3c:fd:78:9d:08:d5:c3:d7:
12:87:06:62:2e:d5:ab:9c:0a:9b:d9:e4:d7:7f:12:2a:19:3c:
a8:1d:5d:e1:59:72:19:cf:0b:d4:34:ed:e5:86:96:f5:71:f6:
47:1f:ff:d3:62:4a:6e:4f:79:a2:d0:6d:d2:a3:1a:d3:80:5f:
e4:8e:c8:43:27:19:6d:03:62:7f:27:ff:2c:0f:b3:1d:b9:84:
e6:a9:76:ee:11:3a:e9:7d:3a:61:82:6c:f1:19:40:84:99:ec:
5a:75:34:2e:1a:07:c1:82:f6:86:24:01:8c:c0:c1:93:e0:99:
f5:7b:18:60:67:1b:3d:b1:ef:c6:9f:66:45:b9:42:5b:75:a6:
d0:31:60:fe:32:b0:9d:71:b7:3b:04:17:14:e0:36:61:64:74:
ed:58:0e:86:f1:f9:31:07:e3:b5:63:83:df:6f:e8:3f:bc:87:
c5:32:a2:99:5e:47:26:7d:4d:c0:8c:0d:c0:f2:1c:90:7a:74:
a0:92:03:c1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUQYE0Wc8QTW6tpWcmyJWpyvsS1vQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMjcwNzMwMTVaFw0yNjAxMjYwNzM1MTVaMDMxMTAvBgNV
BAMTKEU2RTBBQjNFMzNDRjk4RkJDODQzRTU4MDZEQjQ0RDVFMThEQjlEOUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvVs/uQt/JFODEYqh0S2AIwq3M
MuewQZttI8XfxySLM+e6DwYgT05j3l3kdM4dPBDdo9GHY2KS3BFRdRtLgFsBSOVW
WAMTKjO2Z3kIhhfR1cnAy7O0hGQk8wS/sr4oW8xwIQUpxBO6+X/OWeXOCLqKTuq2
FJDLPzg36kcW2I2mgMNxX2NPIy0ybtfaRiKKghq9xqphMHCqz8bs6N3VMJPy9T9j
NjIegXz23JtUc1kZY1S6QiEuoyexu/q4M9fHJQZPstlY6zh/xMjueGlfBa6pSO9f
qCbroSvytbLNqs8XeR2SjA+YuD5ZCitz8hq2nbhBCkh1zAGjswYJtwhyHx/rAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQU5uCrPjPPmPvIQ+WAbbRNXhjbnZwwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk2MzU2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCUhVg
MA8EAgACMAkDBwIqE5UAABwwDQYJKoZIhvcNAQELBQADggEBAATEnLz24eLPSFJ+
qw2N74F+P/ru4g6dnR/PYovHe1v3OeNj32+j2uW/NcfY58Tt7/cgpHO6I4kH34Tx
DXNZJUY8/XidCNXD1xKHBmIu1aucCpvZ5Nd/EioZPKgdXeFZchnPC9Q07eWGlvVx
9kcf/9NiSm5PeaLQbdKjGtOAX+SOyEMnGW0DYn8n/ywPsx25hOapdu4ROul9OmGC
bPEZQISZ7Fp1NC4aB8GC9oYkAYzAwZPgmfV7GGBnGz2x78afZkW5Qlt1ptAxYP4y
sJ1xtzsEFxTgNmFkdO1YDobx+TEH47Vjg99v6D+8h8UyopleRyZ9TcCMDcDyHJB6
dKCSA8E=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:45:05 2025 by rpki-client