Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS400941.roa
File: AS400941.roa (raw, json)
Hash identifier: /mGQhSZspl/1X5WlO66Hq/OrKPVNvcvjHIgu8m4Fus4=
Subject key identifier: 13:BD:B0:35:24:8F:A4:C6:90:9A:0F:BA:5F:37:31:B1:B5:3B:49:31
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 13BDA259BDFB3B185430376A5B8457DC3B783429
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS400941.roa
Signing time: Thu 30 Jan 2025 16:37:49 +0000
ROA not before: Thu 30 Jan 2025 16:32:49 +0000
ROA not after: Thu 29 Jan 2026 16:37:49 +0000
asID: 400941
IP address blocks: 82.21.92.0/24 maxlen: 24
82.21.111.0/24 maxlen: 24
82.21.114.0/24 maxlen: 24
82.21.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:bd:a2:59:bd:fb:3b:18:54:30:37:6a:5b:84:57:dc:3b:78:34:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 30 16:32:49 2025 GMT
Not After : Jan 29 16:37:49 2026 GMT
Subject: CN=13BDB035248FA4C6909A0FBA5F3731B1B53B4931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fe:39:b6:f7:e7:d5:26:09:a4:74:e6:1a:56:
62:af:4d:6b:24:eb:08:c4:75:f1:e7:b1:6e:56:91:
83:30:f5:ab:fd:22:a8:d2:5a:29:8c:32:0f:f5:23:
5f:76:15:cd:69:d8:e8:f9:bc:14:d0:8e:fe:ac:90:
42:37:77:0c:1f:4b:91:24:28:d6:cf:26:98:aa:35:
75:f2:92:dc:6f:30:9d:a6:90:a4:2a:d7:6e:e2:1b:
6f:7d:ce:fd:a3:a6:ef:07:9f:e0:36:1f:e4:75:4a:
61:6a:67:2f:1c:d8:a8:c8:45:25:4b:ff:77:78:0a:
04:14:66:c5:c8:10:92:07:8b:43:84:6b:df:1b:72:
44:31:ee:b2:1c:99:26:86:a0:0d:b5:e7:ad:06:02:
fa:b3:ec:81:f8:01:ba:6f:ae:4a:b0:d1:b1:47:bc:
f0:4b:3f:ec:2b:db:ae:85:1a:66:07:f7:a3:16:a9:
6f:8d:07:ef:fe:5a:2c:f0:2b:30:f4:b1:5b:64:c1:
39:8c:35:9c:28:a7:37:5a:8f:00:5c:6e:c8:c3:c9:
93:36:73:cb:f0:eb:63:45:7e:3c:18:15:3e:eb:1b:
d4:24:96:50:e7:72:72:85:69:9c:58:00:85:77:14:
4d:2b:18:2d:87:d2:8f:4c:fd:7d:a2:5e:67:63:47:
a7:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:BD:B0:35:24:8F:A4:C6:90:9A:0F:BA:5F:37:31:B1:B5:3B:49:31
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS400941.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.92.0/24
82.21.111.0/24
82.21.114.0/24
82.21.117.0/24
Signature Algorithm: sha256WithRSAEncryption
69:b9:75:16:30:4b:f0:5d:a1:7f:bc:ff:b5:70:ce:3c:7d:14:
f9:5a:27:74:52:29:2c:1e:bd:41:99:38:c4:68:4d:e3:30:9e:
33:30:fe:4a:5e:31:a2:b6:4d:5e:74:2c:f8:1b:a0:e1:52:44:
6e:39:bc:e0:69:43:a7:2f:20:dc:4b:f1:c2:de:bb:72:f5:74:
75:1a:35:cd:b8:a4:cc:0f:2d:fe:6e:5a:0f:ad:5a:3c:02:c1:
d5:a8:06:e3:01:fa:e5:22:d8:81:20:6b:bc:54:cd:dd:15:c4:
c5:03:f9:03:c5:7d:f6:92:ba:00:4e:fa:b9:a6:a6:69:d8:4f:
c8:3a:1c:7a:57:61:e8:84:5a:41:a1:b0:c1:f0:80:63:9e:d7:
71:28:8d:ef:44:fe:f4:a9:24:70:4e:dc:f3:6d:48:81:d3:d9:
e1:99:fd:61:f9:53:29:a4:da:69:56:54:a9:1e:5b:6a:9a:37:
98:33:be:07:6b:c4:81:9a:22:d8:86:78:84:37:83:c6:2c:9b:
c6:57:3c:ea:86:ee:11:53:cd:a3:5c:55:cf:18:d8:a2:1c:81:
63:4c:c8:d3:27:b8:6f:61:3a:b9:40:99:13:fb:21:90:bd:3f:
70:8c:e6:2c:c2:51:18:9f:79:6d:1b:53:95:5e:33:6d:d7:29:
fb:7e:8f:73
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUE72iWb37OxhUMDdqW4RX3Dt4NCkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMzAxNjMyNDlaFw0yNjAxMjkxNjM3NDlaMDMxMTAvBgNV
BAMTKDEzQkRCMDM1MjQ4RkE0QzY5MDlBMEZCQTVGMzczMUIxQjUzQjQ5MzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6/jm29+fVJgmkdOYaVmKvTWsk
6wjEdfHnsW5WkYMw9av9IqjSWimMMg/1I192Fc1p2Oj5vBTQjv6skEI3dwwfS5Ek
KNbPJpiqNXXyktxvMJ2mkKQq127iG299zv2jpu8Hn+A2H+R1SmFqZy8c2KjIRSVL
/3d4CgQUZsXIEJIHi0OEa98bckQx7rIcmSaGoA21560GAvqz7IH4Abpvrkqw0bFH
vPBLP+wr266FGmYH96MWqW+NB+/+WizwKzD0sVtkwTmMNZwopzdajwBcbsjDyZM2
c8vw62NFfjwYFT7rG9QkllDncnKFaZxYAIV3FE0rGC2H0o9M/X2iXmdjR6fxAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUE72wNSSPpMaQmg+6XzcxsbU7STEwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDAwOTQxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUhVc
AwQAUhVvAwQAUhVyAwQAUhV1MA0GCSqGSIb3DQEBCwUAA4IBAQBpuXUWMEvwXaF/
vP+1cM48fRT5Wid0UiksHr1BmTjEaE3jMJ4zMP5KXjGitk1edCz4G6DhUkRuObzg
aUOnLyDcS/HC3rty9XR1GjXNuKTMDy3+bloPrVo8AsHVqAbjAfrlItiBIGu8VM3d
FcTFA/kDxX32kroATvq5pqZp2E/IOhx6V2HohFpBobDB8IBjntdxKI3vRP70qSRw
TtzzbUiB09nhmf1h+VMppNppVlSpHltqmjeYM74Ha8SBmiLYhniEN4PGLJvGVzzq
hu4RU82jXFXPGNiiHIFjTMjTJ7hvYTq5QJkT+yGQvT9wjOYswlEYn3ltG1OVXjNt
1yn7fo9z
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:04:41 2025 by rpki-client