Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS397423.roa
File: AS397423.roa (raw, json)
Hash identifier: jPHev1F9l5AEJYuC5UMOuekZ5S8soCpylfqNRn38K6g=
Subject key identifier: 85:FF:1F:11:88:7F:E0:87:F0:13:9D:75:8A:37:CD:D1:8D:99:BC:0D
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 487D29DE4E94F97FE48AB65907D3F5ACC4FEB802
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS397423.roa
Signing time: Fri 24 Jan 2025 14:48:41 +0000
ROA not before: Fri 24 Jan 2025 14:43:41 +0000
ROA not after: Fri 23 Jan 2026 14:48:41 +0000
asID: 397423
IP address blocks: 82.22.204.0/24 maxlen: 24
82.24.82.0/24 maxlen: 24
82.24.200.0/24 maxlen: 24
82.26.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:7d:29:de:4e:94:f9:7f:e4:8a:b6:59:07:d3:f5:ac:c4:fe:b8:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 24 14:43:41 2025 GMT
Not After : Jan 23 14:48:41 2026 GMT
Subject: CN=85FF1F11887FE087F0139D758A37CDD18D99BC0D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:85:bc:20:83:45:a9:c6:2a:3e:f2:80:dc:a1:
f7:1f:71:c6:75:ff:0a:7d:84:3f:b6:35:78:10:66:
3c:08:f8:7c:53:e2:f6:90:b8:ba:94:ef:20:28:0c:
db:55:2c:97:e3:a4:1c:bd:e2:c1:ca:70:c5:4b:a0:
54:82:c4:64:2d:65:f5:a8:b3:01:05:6c:7b:61:81:
39:a0:9e:d1:a9:dd:8d:ab:44:3a:8e:8b:a3:c0:13:
db:29:61:47:69:5e:f0:fc:c7:6f:0c:c1:cc:1d:8f:
25:50:01:32:85:8b:28:2a:ca:31:ac:81:9b:f4:c6:
43:1e:ba:b5:fc:fa:3a:eb:8f:71:8d:eb:3e:ee:a5:
1b:ba:0c:04:bb:6c:bb:98:2d:fd:f0:5a:cf:25:b2:
fc:40:ba:68:e7:fc:86:cd:fd:f5:26:51:4f:9b:58:
3b:fe:ce:12:46:de:e0:d9:1a:c8:83:07:84:e8:8d:
b1:6e:45:3b:f8:1b:d1:04:f0:d2:30:c9:b4:60:08:
fb:89:d6:9b:fa:54:9e:70:6c:bc:c5:50:49:66:76:
e7:97:e3:cf:17:e3:47:06:9c:6d:fc:43:1e:5c:3d:
c1:5d:5e:bf:c3:c7:80:54:f3:fb:8a:07:4c:b6:87:
1f:31:ff:92:dd:78:b9:31:67:ca:63:3d:fa:f9:f6:
51:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:FF:1F:11:88:7F:E0:87:F0:13:9D:75:8A:37:CD:D1:8D:99:BC:0D
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS397423.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.204.0/24
82.24.82.0/24
82.24.200.0/24
82.26.200.0/24
Signature Algorithm: sha256WithRSAEncryption
90:38:1f:a9:ca:e4:9f:0d:d7:13:e6:f0:98:0c:0d:53:a4:32:
57:0f:2e:db:cf:a8:96:eb:44:6c:e0:3b:3c:81:f9:28:8f:e7:
d3:2a:4b:3a:d0:db:50:83:ba:c8:fe:15:1b:82:3d:ea:4c:cc:
70:29:24:3c:e0:e6:58:8c:d9:f8:f1:eb:f9:6e:43:47:00:b3:
8f:15:6e:1d:1e:28:3a:f5:80:81:73:db:d7:12:3c:5a:bd:82:
81:e4:0b:24:5e:99:a2:ad:dd:37:75:a3:17:1f:7b:65:7b:01:
4c:a7:92:c9:fa:da:38:5d:1f:75:e9:65:84:cf:ee:26:ef:94:
cd:27:17:55:41:46:df:47:a0:f4:8c:5e:69:92:b4:2c:72:b8:
37:99:74:5c:78:38:6f:eb:0c:69:2a:f1:8e:21:b5:7f:4b:b8:
ce:7d:56:c3:cf:59:a5:9f:da:28:b4:e0:d0:a9:ec:fd:93:0a:
17:96:6f:c4:9b:54:cd:b9:fc:41:7b:30:9d:c0:82:6a:69:74:
f7:54:c4:2d:d2:72:29:58:cb:54:85:37:0e:10:24:ec:41:f9:
bd:4c:3f:d4:34:30:d1:76:fc:17:d1:1b:80:d7:85:3b:f8:16:
da:e7:fb:45:cf:86:b2:aa:8d:5d:c4:0d:bf:2a:14:45:e7:03:
95:b5:80:60
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUSH0p3k6U+X/kirZZB9P1rMT+uAIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMjQxNDQzNDFaFw0yNjAxMjMxNDQ4NDFaMDMxMTAvBgNV
BAMTKDg1RkYxRjExODg3RkUwODdGMDEzOUQ3NThBMzdDREQxOEQ5OUJDMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJhbwgg0Wpxio+8oDcofcfccZ1
/wp9hD+2NXgQZjwI+HxT4vaQuLqU7yAoDNtVLJfjpBy94sHKcMVLoFSCxGQtZfWo
swEFbHthgTmgntGp3Y2rRDqOi6PAE9spYUdpXvD8x28MwcwdjyVQATKFiygqyjGs
gZv0xkMeurX8+jrrj3GN6z7upRu6DAS7bLuYLf3wWs8lsvxAumjn/IbN/fUmUU+b
WDv+zhJG3uDZGsiDB4TojbFuRTv4G9EE8NIwybRgCPuJ1pv6VJ5wbLzFUElmdueX
488X40cGnG38Qx5cPcFdXr/Dx4BU8/uKB0y2hx8x/5LdeLkxZ8pjPfr59lEfAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUhf8fEYh/4IfwE511ijfN0Y2ZvA0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk3NDIzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUhbM
AwQAUhhSAwQAUhjIAwQAUhrIMA0GCSqGSIb3DQEBCwUAA4IBAQCQOB+pyuSfDdcT
5vCYDA1TpDJXDy7bz6iW60Rs4Ds8gfkoj+fTKks60NtQg7rI/hUbgj3qTMxwKSQ8
4OZYjNn48ev5bkNHALOPFW4dHig69YCBc9vXEjxavYKB5AskXpmird03daMXH3tl
ewFMp5LJ+to4XR916WWEz+4m75TNJxdVQUbfR6D0jF5pkrQscrg3mXRceDhv6wxp
KvGOIbV/S7jOfVbDz1mln9ootODQqez9kwoXlm/Em1TNufxBezCdwIJqaXT3VMQt
0nIpWMtUhTcOECTsQfm9TD/UNDDRdvwX0RuA14U7+Bba5/tFz4ayqo1dxA2/KhRF
5wOVtYBg
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:00:08 2025 by rpki-client