Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS43128.roa
File: AS43128.roa (raw, json)
Hash identifier: vLvi49p5x8VZ9xaYTwAIg3esdGbl2v58IaB4u35f+EM=
Subject key identifier: 17:58:86:4B:C9:68:67:49:9F:58:CF:AB:92:64:F4:31:66:C4:9E:66
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4EC72EC0696CAD5682C80B049DB0546AF870C7B8
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS43128.roa
Signing time: Mon 10 Mar 2025 11:28:39 +0000
ROA not before: Mon 10 Mar 2025 11:23:39 +0000
ROA not after: Mon 09 Mar 2026 11:28:39 +0000
asID: 43128
IP address blocks: 82.21.208.0/24 maxlen: 24
82.22.240.0/24 maxlen: 24
82.23.198.0/24 maxlen: 24
82.24.240.0/24 maxlen: 24
82.25.208.0/24 maxlen: 24
82.29.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:c7:2e:c0:69:6c:ad:56:82:c8:0b:04:9d:b0:54:6a:f8:70:c7:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 10 11:23:39 2025 GMT
Not After : Mar 9 11:28:39 2026 GMT
Subject: CN=1758864BC96867499F58CFAB9264F43166C49E66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a7:82:d5:e8:91:0b:4c:2d:35:f3:3b:5d:7e:
dc:34:14:9b:4f:50:b5:d3:0d:2f:f6:58:05:ff:0e:
e8:7d:c7:5e:c6:e4:0e:30:97:83:de:a7:81:7c:a9:
ff:1f:6d:04:75:1e:e8:11:41:86:c3:bc:29:42:a7:
37:0f:80:ba:d3:84:36:b7:26:15:bf:e2:d8:6e:bd:
b2:a9:7b:5f:0b:82:cf:b0:b9:da:b1:33:be:10:ab:
51:5a:55:83:c7:3e:b1:40:87:95:fe:20:5c:c3:4d:
ca:49:10:cb:49:21:84:e5:5c:cf:28:13:0b:6d:9b:
45:1c:ed:4c:f7:34:bd:a8:50:27:a4:d7:db:a2:9d:
3b:cb:b4:5c:18:31:6f:7e:1a:dc:db:b8:3a:90:6f:
3d:bb:b7:e1:6c:8d:90:4c:14:f6:91:a8:71:1c:d9:
cc:52:9f:b5:78:3c:bd:35:be:af:5e:1b:ef:93:cb:
f1:1d:fe:a6:aa:1d:c9:16:02:fb:c7:f9:2d:f4:d6:
d7:5f:2f:c0:f5:70:99:b5:02:63:a0:56:11:45:45:
85:cb:fc:23:5d:9b:cd:4a:8d:1d:b6:fa:cb:15:89:
57:1a:2b:1c:fd:2d:64:00:0b:d4:1e:cb:96:3a:8f:
62:9a:8c:01:6b:0a:43:ff:13:de:d1:5e:41:c5:5b:
c0:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:58:86:4B:C9:68:67:49:9F:58:CF:AB:92:64:F4:31:66:C4:9E:66
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS43128.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.208.0/24
82.22.240.0/24
82.23.198.0/24
82.24.240.0/24
82.25.208.0/24
82.29.240.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:e6:86:c6:a9:bf:15:11:2a:7d:73:76:f9:3d:95:45:c1:e8:
e4:02:b4:d1:ed:98:61:a4:50:10:32:dd:c0:5c:5a:10:2a:fe:
39:38:bd:89:4f:f1:b7:4a:6f:f0:56:af:37:13:b4:03:6d:a9:
22:60:fd:b3:1c:2d:18:1f:7d:1d:d5:37:13:79:ef:59:94:e1:
00:7c:1e:d3:ca:ae:8a:53:f4:59:83:8f:2b:d1:16:df:5b:53:
7d:a3:de:3e:19:43:c9:f5:3b:bf:df:60:37:6d:7e:bc:8a:d0:
e8:51:64:5e:df:7b:bd:d1:c1:73:92:df:c4:e4:55:7d:d5:d5:
0c:06:e3:92:a2:72:4e:fa:67:58:6c:aa:3b:05:87:37:13:39:
a7:3b:f9:99:f6:3f:0c:8f:6f:1e:e4:f8:79:fa:a1:3e:c1:46:
c4:d8:d6:cd:e1:ce:55:ea:75:02:3b:34:e2:0a:8c:46:39:8c:
72:6c:14:ba:18:1f:a5:8d:05:dc:09:f3:fc:59:7b:13:d9:54:
86:5b:b9:36:07:5a:c6:01:18:93:64:2b:4d:02:c7:79:e4:26:
ae:1e:f3:df:f6:45:6e:6d:e0:a3:77:93:4a:b8:27:f0:6b:c6:
2d:28:80:3c:8b:d7:a0:67:4e:48:ff:01:d0:13:d3:1a:d9:2a:
b9:d1:30:be
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUTscuwGlsrVaCyAsEnbBUavhwx7gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMTAxMTIzMzlaFw0yNjAzMDkxMTI4MzlaMDMxMTAvBgNV
BAMTKDE3NTg4NjRCQzk2ODY3NDk5RjU4Q0ZBQjkyNjRGNDMxNjZDNDlFNjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgp4LV6JELTC018ztdftw0FJtP
ULXTDS/2WAX/Duh9x17G5A4wl4Pep4F8qf8fbQR1HugRQYbDvClCpzcPgLrThDa3
JhW/4thuvbKpe18Lgs+wudqxM74Qq1FaVYPHPrFAh5X+IFzDTcpJEMtJIYTlXM8o
Ewttm0Uc7Uz3NL2oUCek19uinTvLtFwYMW9+GtzbuDqQbz27t+FsjZBMFPaRqHEc
2cxSn7V4PL01vq9eG++Ty/Ed/qaqHckWAvvH+S301tdfL8D1cJm1AmOgVhFFRYXL
/CNdm81KjR22+ssViVcaKxz9LWQAC9Qey5Y6j2KajAFrCkP/E97RXkHFW8BpAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUF1iGS8loZ0mfWM+rkmT0MWbEnmYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDMxMjgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBABSFdAD
BABSFvADBABSF8YDBABSGPADBABSGdADBABSHfAwDQYJKoZIhvcNAQELBQADggEB
ABrmhsapvxURKn1zdvk9lUXB6OQCtNHtmGGkUBAy3cBcWhAq/jk4vYlP8bdKb/BW
rzcTtANtqSJg/bMcLRgffR3VNxN571mU4QB8HtPKropT9FmDjyvRFt9bU32j3j4Z
Q8n1O7/fYDdtfryK0OhRZF7fe73RwXOS38TkVX3V1QwG45Kick76Z1hsqjsFhzcT
Oac7+Zn2PwyPbx7k+Hn6oT7BRsTY1s3hzlXqdQI7NOIKjEY5jHJsFLoYH6WNBdwJ
8/xZexPZVIZbuTYHWsYBGJNkK00Cx3nkJq4e89/2RW5t4KN3k0q4J/Brxi0ogDyL
16BnTkj/AdAT0xrZKrnRML4=
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:19:52 2025 by rpki-client