Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS47583.roa
File: AS47583.roa (raw, json)
Hash identifier: napqZE851MCbq1AReEk2m426Nnp+QxLRBtF3FEcav4Q=
Subject key identifier: 71:45:D5:FD:27:FE:BE:C3:C8:19:8C:AD:B2:68:23:15:D1:0F:C4:BC
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 13382E60CA0C9FCEB9D394FF559437C20C45BA2A
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS47583.roa
Signing time: Tue 14 Jan 2025 07:11:47 +0000
ROA not before: Tue 14 Jan 2025 07:06:47 +0000
ROA not after: Tue 13 Jan 2026 07:11:47 +0000
asID: 47583
IP address blocks: 82.29.56.0/21 maxlen: 24
82.29.80.0/21 maxlen: 24
82.29.152.0/21 maxlen: 24
82.29.160.0/21 maxlen: 24
82.29.168.0/21 maxlen: 24
82.29.176.0/21 maxlen: 24
82.29.184.0/21 maxlen: 24
82.29.192.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:38:2e:60:ca:0c:9f:ce:b9:d3:94:ff:55:94:37:c2:0c:45:ba:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 14 07:06:47 2025 GMT
Not After : Jan 13 07:11:47 2026 GMT
Subject: CN=7145D5FD27FEBEC3C8198CADB2682315D10FC4BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:48:9a:50:7f:f5:6a:eb:50:e4:21:38:f6:6a:
3d:c2:56:59:7f:e7:cd:89:23:f3:c2:76:a3:7d:1a:
63:dd:ab:c0:8c:b1:94:29:a9:4e:82:9c:4a:bc:07:
56:6a:1a:a8:70:a1:d9:ce:1d:53:e1:04:00:2a:7c:
c0:c9:47:b3:ee:c4:43:49:5f:ad:9e:70:c6:30:3d:
d5:a5:5c:32:9a:60:4a:8c:68:86:41:e6:e4:98:22:
96:2f:a7:60:3a:c8:9c:48:32:2d:cf:4a:c9:0e:ad:
e8:77:a6:49:e7:87:73:ea:c1:a1:5a:a9:e8:d1:41:
6a:ad:cf:26:53:8e:08:f9:5f:f3:62:69:28:6e:c0:
0c:a1:7a:dc:f8:9a:4d:e5:00:09:8b:b5:f2:6a:57:
f7:5a:db:48:03:d5:82:b6:dc:64:06:8a:42:03:3b:
f0:d8:20:4c:0b:f4:7d:4b:4e:a4:c8:99:78:8e:ea:
f5:b7:0d:cc:76:60:9d:82:c9:82:bb:f6:3c:3d:8f:
d4:72:fd:29:2d:0d:97:d1:3f:fe:d4:0b:3e:3c:06:
d3:ca:a5:9a:42:c5:43:0c:ae:72:90:0e:98:11:bd:
44:5c:8c:4f:93:17:8f:39:9b:6e:8c:e6:1a:d5:44:
1f:28:25:ff:99:d0:34:a4:d9:c8:35:59:77:c1:f0:
c8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:45:D5:FD:27:FE:BE:C3:C8:19:8C:AD:B2:68:23:15:D1:0F:C4:BC
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS47583.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.29.56.0/21
82.29.80.0/21
82.29.152.0-82.29.199.255
Signature Algorithm: sha256WithRSAEncryption
27:97:83:29:7a:14:84:4b:19:f6:c3:b3:a7:96:e1:49:03:6b:
79:bf:39:56:b6:37:3a:2f:15:55:06:d6:31:a4:78:e2:8f:e7:
c1:9e:36:b4:df:c6:c6:79:94:0f:03:4f:97:7f:70:9c:0e:5c:
7b:a0:3d:5e:06:cf:23:73:dd:0f:5a:9f:b0:d4:70:e0:fa:0c:
1a:1f:22:72:c7:84:a4:e4:90:61:a7:11:55:d0:00:91:cd:e0:
6b:4f:4e:2e:41:a6:3b:9a:ca:9b:97:17:42:31:e0:f6:dd:fa:
23:ba:2a:ca:5c:f1:f7:d9:86:60:c2:1a:b2:f3:cc:54:cb:ac:
e2:c6:5d:2f:0b:b1:00:84:a4:e9:ca:78:be:37:fc:04:14:e2:
e4:f4:b4:f5:11:57:7b:b8:44:a4:52:8c:ca:ae:2a:39:31:de:
24:eb:f3:8d:33:73:27:db:5d:b0:44:51:5c:98:5a:b4:6f:fa:
5d:8b:b8:ed:09:90:89:52:c4:99:43:f4:66:4a:5c:e0:14:e0:
f8:c7:71:20:6c:71:e1:3f:9f:99:d7:77:97:f4:a7:7d:02:f3:
ba:9b:91:97:d8:8b:99:8c:7a:11:50:87:a3:f0:4b:c0:57:cc:
1e:0c:32:2f:8f:45:47:d6:18:bd:d1:40:62:81:52:4c:6e:5e:
ab:78:85:29
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIUEzguYMoMn86505T/VZQ3wgxFuiowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMTQwNzA2NDdaFw0yNjAxMTMwNzExNDdaMDMxMTAvBgNV
BAMTKDcxNDVENUZEMjdGRUJFQzNDODE5OENBREIyNjgyMzE1RDEwRkM0QkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDASJpQf/Vq61DkITj2aj3CVll/
582JI/PCdqN9GmPdq8CMsZQpqU6CnEq8B1ZqGqhwodnOHVPhBAAqfMDJR7PuxENJ
X62ecMYwPdWlXDKaYEqMaIZB5uSYIpYvp2A6yJxIMi3PSskOreh3pknnh3PqwaFa
qejRQWqtzyZTjgj5X/NiaShuwAyhetz4mk3lAAmLtfJqV/da20gD1YK23GQGikID
O/DYIEwL9H1LTqTImXiO6vW3Dcx2YJ2CyYK79jw9j9Ry/SktDZfRP/7UCz48BtPK
pZpCxUMMrnKQDpgRvURcjE+TF485m26M5hrVRB8oJf+Z0DSk2cg1WXfB8MjpAgMB
AAGjggIdMIICGTAdBgNVHQ4EFgQUcUXV/Sf+vsPIGYytsmgjFdEPxLwwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDc1ODMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMwYIKwYBBQUHAQcBAf8EJDAiMCAEAgABMBoDBANSHTgD
BANSHVAwDAMEA1IdmAMEA1IdwDANBgkqhkiG9w0BAQsFAAOCAQEAJ5eDKXoUhEsZ
9sOzp5bhSQNreb85VrY3Oi8VVQbWMaR44o/nwZ42tN/GxnmUDwNPl39wnA5ce6A9
XgbPI3PdD1qfsNRw4PoMGh8icseEpOSQYacRVdAAkc3ga09OLkGmO5rKm5cXQjHg
9t36I7oqylzx99mGYMIasvPMVMus4sZdLwuxAISk6cp4vjf8BBTi5PS09RFXe7hE
pFKMyq4qOTHeJOvzjTNzJ9tdsERRXJhatG/6XYu47QmQiVLEmUP0Zkpc4BTg+Mdx
IGxx4T+fmdd3l/SnfQLzupuRl9iLmYx6EVCHo/BLwFfMHgwyL49FR9YYvdFAYoFS
TG5eq3iFKQ==
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:53:00 2025 by rpki-client