Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa
File: AS396356.roa (raw, json)
Hash identifier: fC8Muug2ospoejMAVfYKxeeMJ/OCI1z3yO9rf50Rqi0=
Subject key identifier: 4A:16:99:87:A7:B2:A2:D5:58:1B:F6:6D:41:12:98:F1:49:60:3E:6A
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3A972CC441E3B7015F8CDEC32927F579CE0117CB
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa
Signing time: Wed 19 Feb 2025 12:40:44 +0000
ROA not before: Wed 19 Feb 2025 12:35:44 +0000
ROA not after: Wed 18 Feb 2026 12:40:44 +0000
asID: 396356
IP address blocks: 82.21.96.0/22 maxlen: 22
82.24.68.0/22 maxlen: 22
2a13:9500:1c::/48 maxlen: 48
2a13:9500:1d::/48 maxlen: 48
2a13:9500:1e::/48 maxlen: 48
2a13:9500:1f::/48 maxlen: 48
2a13:9500:33::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:97:2c:c4:41:e3:b7:01:5f:8c:de:c3:29:27:f5:79:ce:01:17:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 19 12:35:44 2025 GMT
Not After : Feb 18 12:40:44 2026 GMT
Subject: CN=4A169987A7B2A2D5581BF66D411298F149603E6A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:af:aa:ca:4f:48:43:03:d1:1f:f0:e2:c0:db:
c1:d4:51:b8:22:3d:f8:0b:b0:48:49:9e:c2:de:9f:
32:ce:19:f8:25:b1:06:66:63:30:bb:42:d6:f2:0f:
48:6b:59:36:35:de:51:67:40:8f:95:5e:36:ca:9c:
78:25:80:a7:e1:65:3f:99:44:7f:17:92:b6:97:a4:
db:e5:56:50:b5:69:09:2f:eb:03:d7:72:25:e1:00:
85:3b:60:8f:22:77:2e:0a:42:42:61:2e:76:4c:af:
81:2e:63:61:f1:ac:86:09:ef:df:02:a7:5c:69:8c:
27:e7:d7:4d:22:f2:93:8c:37:ba:07:98:f6:c9:0b:
68:0c:25:1b:a3:16:2d:e2:6f:e1:e3:0a:25:a9:66:
a7:c0:3f:17:7b:66:29:9b:13:0e:99:2d:37:4a:4f:
61:b8:9a:16:58:a3:f6:d7:81:21:41:38:c4:ab:d0:
35:c2:5e:de:2a:e7:a1:6f:df:b4:86:58:cc:95:fa:
65:ff:aa:d7:54:3d:ef:90:2a:2d:dc:17:8f:27:de:
b3:10:5e:56:f2:3c:97:14:91:a1:a5:6d:c4:b2:b0:
b1:1a:a3:be:8b:87:da:13:d5:12:8d:6d:34:aa:1c:
e3:2c:72:ec:d0:da:c7:db:90:7b:ab:11:15:7f:a4:
cf:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:16:99:87:A7:B2:A2:D5:58:1B:F6:6D:41:12:98:F1:49:60:3E:6A
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.96.0/22
82.24.68.0/22
IPv6:
2a13:9500:1c::/46
2a13:9500:33::/48
Signature Algorithm: sha256WithRSAEncryption
85:a3:e0:10:09:d8:f4:f3:5c:5f:e0:55:04:82:c5:0e:22:dd:
26:73:db:cd:72:c8:1e:08:20:23:87:24:8e:af:33:b3:72:9d:
95:4f:ae:1c:3f:79:e9:ff:b3:7f:d8:64:e5:e0:67:34:0f:a7:
e4:7b:24:be:0c:f0:7b:aa:53:9d:2d:38:df:2e:b0:ba:60:08:
f5:67:71:33:2b:b4:96:a7:f4:85:9b:b1:de:2a:84:30:e9:72:
c4:13:35:95:19:a3:5e:56:f5:cf:df:8b:32:e2:a6:a2:de:15:
7f:b7:68:53:e2:9a:ab:b3:40:91:41:5d:d1:11:bb:53:1d:0f:
68:e7:0a:77:81:5e:91:d6:c5:47:38:91:f6:fe:bb:55:21:7e:
9b:87:d1:ab:83:f0:bf:9f:ae:16:46:85:f9:2e:74:ce:10:25:
fc:e7:0c:52:e4:6e:c8:a5:66:ac:c8:ff:c3:9a:cb:d1:34:40:
95:e8:ed:a9:8b:c4:ce:66:8d:eb:fa:88:ed:4e:e4:7a:f5:35:
e4:c5:93:54:18:2b:49:b1:fe:8f:c0:46:29:e3:d6:ad:9a:92:
3b:b3:f3:b4:0f:63:81:9e:ce:cd:44:7f:e6:f2:0d:6a:a1:8f:
d0:62:50:d6:30:95:db:19:5a:21:61:f9:92:f5:39:af:95:fa:
3a:5d:39:f4
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIUOpcsxEHjtwFfjN7DKSf1ec4BF8swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMTkxMjM1NDRaFw0yNjAyMTgxMjQwNDRaMDMxMTAvBgNV
BAMTKDRBMTY5OTg3QTdCMkEyRDU1ODFCRjY2RDQxMTI5OEYxNDk2MDNFNkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+r6rKT0hDA9Ef8OLA28HUUbgi
PfgLsEhJnsLenzLOGfglsQZmYzC7QtbyD0hrWTY13lFnQI+VXjbKnHglgKfhZT+Z
RH8XkraXpNvlVlC1aQkv6wPXciXhAIU7YI8idy4KQkJhLnZMr4EuY2HxrIYJ798C
p1xpjCfn100i8pOMN7oHmPbJC2gMJRujFi3ib+HjCiWpZqfAPxd7ZimbEw6ZLTdK
T2G4mhZYo/bXgSFBOMSr0DXCXt4q56Fv37SGWMyV+mX/qtdUPe+QKi3cF48n3rMQ
XlbyPJcUkaGlbcSysLEao76Lh9oT1RKNbTSqHOMscuzQ2sfbkHurERV/pM9zAgMB
AAGjggIqMIICJjAdBgNVHQ4EFgQUShaZh6eyotVYG/ZtQRKY8UlgPmowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk2MzU2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQCUhVg
AwQCUhhEMBgEAgACMBIDBwIqE5UAABwDBwAqE5UAADMwDQYJKoZIhvcNAQELBQAD
ggEBAIWj4BAJ2PTzXF/gVQSCxQ4i3SZz281yyB4IICOHJI6vM7NynZVPrhw/een/
s3/YZOXgZzQPp+R7JL4M8HuqU50tON8usLpgCPVncTMrtJan9IWbsd4qhDDpcsQT
NZUZo15W9c/fizLipqLeFX+3aFPimquzQJFBXdERu1MdD2jnCneBXpHWxUc4kfb+
u1UhfpuH0auD8L+frhZGhfkudM4QJfznDFLkbsilZqzI/8Oay9E0QJXo7amLxM5m
jev6iO1O5Hr1NeTFk1QYK0mx/o/ARinj1q2akjuz87QPY4Gezs1Ef+byDWqhj9Bi
UNYwldsZWiFh+ZL1Oa+V+jpdOfQ=
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:26:19 2025 by rpki-client