Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS397423.roa
File: AS397423.roa (raw, json)
Hash identifier: 0ELO8BlGAIbhBFoXdmLzKHY+sBqBGrUmBx8ac4quiIY=
Subject key identifier: 74:95:11:EE:E6:47:46:7B:E7:E7:DE:99:62:2A:AF:5B:99:E5:0D:96
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 52E930D26C0B92697B29F582997EA7FCA532D4F4
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS397423.roa
Signing time: Mon 17 Feb 2025 06:46:00 +0000
ROA not before: Mon 17 Feb 2025 06:41:00 +0000
ROA not after: Mon 16 Feb 2026 06:46:00 +0000
asID: 397423
IP address blocks: 82.22.204.0/24 maxlen: 24
82.24.82.0/24 maxlen: 24
82.24.200.0/24 maxlen: 24
82.25.23.0/24 maxlen: 24
82.25.24.0/24 maxlen: 24
82.25.25.0/24 maxlen: 24
82.25.26.0/24 maxlen: 24
82.25.28.0/24 maxlen: 24
82.25.29.0/24 maxlen: 24
82.25.30.0/24 maxlen: 24
82.25.31.0/24 maxlen: 24
82.26.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:e9:30:d2:6c:0b:92:69:7b:29:f5:82:99:7e:a7:fc:a5:32:d4:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 17 06:41:00 2025 GMT
Not After : Feb 16 06:46:00 2026 GMT
Subject: CN=749511EEE647467BE7E7DE99622AAF5B99E50D96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9c:f3:c3:c6:3a:28:11:db:ad:48:c2:60:2c:
cc:e1:94:15:ac:18:9c:e1:3f:76:66:ec:90:6b:18:
99:2e:67:fe:0a:ee:7e:f3:3e:a3:21:55:0e:a5:25:
f2:84:fb:bc:a6:b4:03:54:b5:61:38:da:d7:be:ec:
b4:75:20:f6:cf:df:c1:10:89:36:1e:f1:b1:cc:0c:
f9:25:9e:68:f3:8c:dd:30:1a:9e:73:3c:74:41:a1:
f3:83:ba:94:43:01:e2:2f:bf:d5:1d:dc:14:83:c4:
c0:4c:ca:d4:5e:b8:26:b2:2b:94:63:cf:00:f4:ce:
4c:25:82:83:fd:df:ee:ea:cd:75:2f:9c:5e:bc:2a:
a5:f4:77:e6:58:41:b6:7f:45:8f:76:9c:7d:37:52:
d3:c8:90:df:08:a4:df:74:40:f9:9e:72:1c:a0:6a:
9c:50:88:00:d5:89:ff:25:ae:f2:32:eb:1f:9c:21:
a6:41:29:b7:3f:34:e2:36:55:4f:a0:a4:05:b1:21:
21:91:b1:6d:5b:6f:07:d0:22:49:68:d3:09:5f:7b:
04:3b:51:89:ed:6f:bf:ba:37:d4:b3:90:14:f2:d3:
bf:00:18:8d:2a:a5:25:58:39:85:93:7c:85:c6:08:
90:99:8c:1e:67:f7:5a:e7:a6:ef:be:8c:d0:42:13:
45:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:95:11:EE:E6:47:46:7B:E7:E7:DE:99:62:2A:AF:5B:99:E5:0D:96
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS397423.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.204.0/24
82.24.82.0/24
82.24.200.0/24
82.25.23.0-82.25.26.255
82.25.28.0/22
82.26.200.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:aa:a7:1e:36:f1:d5:62:71:74:c4:36:b7:54:27:51:e1:c8:
41:60:a8:ab:a2:66:c4:63:79:f0:51:38:b8:d5:fe:70:a4:6c:
89:00:1c:d8:ce:6d:25:e5:c4:86:ea:58:d8:26:fd:4f:07:ef:
50:b4:5d:66:30:d5:25:7a:76:35:d3:43:a9:f6:c8:48:27:81:
2b:db:85:af:2f:fe:77:c3:b5:13:c4:8c:f1:80:4f:b9:31:73:
06:d7:5d:8d:9f:fe:93:dd:43:ac:5f:10:ab:55:8a:70:cb:75:
61:9b:22:9a:84:1a:81:0c:90:0e:60:9c:81:10:9f:43:d7:ae:
04:65:81:5d:2b:9c:ff:f0:10:3e:e5:b9:dd:8d:77:26:6a:74:
0f:41:99:00:6e:d3:fa:81:25:65:b8:6c:c7:9d:ee:a9:fa:a2:
78:1f:c0:47:40:49:ed:2b:d3:bb:1e:40:20:60:ff:6e:d8:d2:
15:46:b1:0f:4a:1b:84:13:e3:63:ed:d5:43:8e:8b:a4:1e:94:
bc:76:f8:cb:04:3d:11:d4:1c:92:61:14:e0:06:51:7c:b7:74:
1e:7f:1c:4a:ca:d3:b3:5a:ed:2c:50:de:6f:40:57:f1:89:08:
ec:59:7d:66:e3:5e:4b:10:ca:d2:4f:00:8c:59:29:9a:2b:13:
95:66:36:68
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUUukw0mwLkml7KfWCmX6n/KUy1PQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMTcwNjQxMDBaFw0yNjAyMTYwNjQ2MDBaMDMxMTAvBgNV
BAMTKDc0OTUxMUVFRTY0NzQ2N0JFN0U3REU5OTYyMkFBRjVCOTlFNTBEOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnnPPDxjooEdutSMJgLMzhlBWs
GJzhP3Zm7JBrGJkuZ/4K7n7zPqMhVQ6lJfKE+7ymtANUtWE42te+7LR1IPbP38EQ
iTYe8bHMDPklnmjzjN0wGp5zPHRBofODupRDAeIvv9Ud3BSDxMBMytReuCayK5Rj
zwD0zkwlgoP93+7qzXUvnF68KqX0d+ZYQbZ/RY92nH03UtPIkN8IpN90QPmechyg
apxQiADVif8lrvIy6x+cIaZBKbc/NOI2VU+gpAWxISGRsW1bbwfQIklo0wlfewQ7
UYntb7+6N9SzkBTy078AGI0qpSVYOYWTfIXGCJCZjB5n91rnpu++jNBCE0VhAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUdJUR7uZHRnvn596ZYiqvW5nlDZYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk3NDIzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAUhbM
AwQAUhhSAwQAUhjIMAwDBABSGRcDBABSGRoDBAJSGRwDBABSGsgwDQYJKoZIhvcN
AQELBQADggEBAF6qpx428dVicXTENrdUJ1HhyEFgqKuiZsRjefBROLjV/nCkbIkA
HNjObSXlxIbqWNgm/U8H71C0XWYw1SV6djXTQ6n2yEgngSvbha8v/nfDtRPEjPGA
T7kxcwbXXY2f/pPdQ6xfEKtVinDLdWGbIpqEGoEMkA5gnIEQn0PXrgRlgV0rnP/w
ED7lud2NdyZqdA9BmQBu0/qBJWW4bMed7qn6ongfwEdASe0r07seQCBg/27Y0hVG
sQ9KG4QT42Pt1UOOi6QelLx2+MsEPRHUHJJhFOAGUXy3dB5/HErK07Na7SxQ3m9A
V/GJCOxZfWbjXksQytJPAIxZKZorE5VmNmg=
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:26:17 2025 by rpki-client