Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS4766.roa
File: AS4766.roa (raw, json)
Hash identifier: aRfKFoety1VgKeaa1O/YZVcBYCUamEy6Nt5kdcnZ4No=
Subject key identifier: B2:2A:3A:50:91:62:37:7D:A8:3B:95:11:87:CB:F6:F2:AB:D2:72:14
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 521D1C76613BAF626BE71A6D409FBCED441181A0
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS4766.roa
Signing time: Thu 23 Jan 2025 16:28:54 +0000
ROA not before: Thu 23 Jan 2025 16:23:54 +0000
ROA not after: Thu 22 Jan 2026 16:28:54 +0000
asID: 4766
IP address blocks: 82.21.204.0/24 maxlen: 24
82.22.159.0/24 maxlen: 24
82.24.31.0/24 maxlen: 24
82.24.122.0/24 maxlen: 24
82.24.180.0/24 maxlen: 24
82.24.202.0/24 maxlen: 24
82.25.140.0/24 maxlen: 24
82.25.160.0/24 maxlen: 24
82.25.186.0/24 maxlen: 24
82.26.92.0/24 maxlen: 24
82.26.110.0/24 maxlen: 24
82.26.154.0/24 maxlen: 24
82.26.195.0/24 maxlen: 24
82.27.17.0/24 maxlen: 24
82.27.100.0/24 maxlen: 24
82.27.123.0/24 maxlen: 24
82.29.103.0/24 maxlen: 24
82.29.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:1d:1c:76:61:3b:af:62:6b:e7:1a:6d:40:9f:bc:ed:44:11:81:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 23 16:23:54 2025 GMT
Not After : Jan 22 16:28:54 2026 GMT
Subject: CN=B22A3A509162377DA83B951187CBF6F2ABD27214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:39:3d:45:2b:50:03:04:a9:25:6f:77:ed:2e:
fa:2e:14:10:cd:6f:16:74:83:8b:0e:8a:95:de:5a:
98:0d:cd:69:78:30:ca:d1:24:6a:4e:6c:aa:63:8b:
57:f8:eb:23:e0:12:c5:56:63:ce:8c:fa:89:77:54:
79:1f:e6:89:ef:4a:71:69:2f:98:d2:18:5d:95:5f:
7c:8d:68:80:ee:00:45:01:bd:57:da:56:d2:48:76:
e5:b1:e7:d6:e3:c9:f5:28:ee:9f:4f:82:d8:03:ac:
b3:2c:53:2a:c8:82:90:2f:1d:2c:2b:0d:81:4a:7c:
e8:7a:58:4b:60:e2:6e:3b:b5:fe:8c:f5:17:86:13:
77:10:cc:ca:ca:d6:6f:41:4a:24:92:c0:f6:5a:fb:
26:d9:a8:10:66:97:30:8a:e8:10:19:70:85:18:80:
a2:9f:95:6c:2c:45:12:12:aa:64:02:6c:e0:3e:13:
a9:81:b4:bd:f0:cf:13:b4:0e:62:13:49:14:67:af:
2f:aa:da:55:e7:35:2c:3d:23:c8:dd:9f:6d:25:f7:
00:91:31:21:f7:be:39:a9:2d:45:cf:a6:db:a4:44:
1c:63:ea:1b:1c:cd:15:55:b0:05:b5:c8:86:88:1f:
73:21:9e:06:d9:b9:23:83:08:e8:a3:58:11:a5:c5:
24:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:2A:3A:50:91:62:37:7D:A8:3B:95:11:87:CB:F6:F2:AB:D2:72:14
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS4766.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.204.0/24
82.22.159.0/24
82.24.31.0/24
82.24.122.0/24
82.24.180.0/24
82.24.202.0/24
82.25.140.0/24
82.25.160.0/24
82.25.186.0/24
82.26.92.0/24
82.26.110.0/24
82.26.154.0/24
82.26.195.0/24
82.27.17.0/24
82.27.100.0/24
82.27.123.0/24
82.29.103.0/24
82.29.107.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:0d:23:20:7a:4c:50:97:98:3a:39:8e:c2:ce:a6:71:bf:ca:
c6:f7:b6:c6:f9:d1:1f:1d:72:db:fd:e0:17:0f:3e:e5:8d:5e:
31:0b:c3:ca:f3:44:d9:f0:f8:6d:ba:98:6a:63:b5:0c:2d:e7:
10:d7:ee:62:6a:d1:a9:cc:1f:14:dd:24:ff:2e:3c:72:85:16:
66:f2:b1:a7:af:ee:95:b3:a7:29:ad:04:9d:af:a3:9b:f5:b6:
2e:db:0a:fc:8d:91:47:0d:ec:bb:4f:c4:ac:06:eb:08:b1:f9:
1d:00:43:5e:f9:63:63:73:75:ca:c3:79:54:05:03:4a:4d:87:
79:25:17:77:bd:c2:1e:7e:2e:06:51:6f:a5:35:0c:91:4e:29:
13:d7:d2:b1:b7:48:4c:dd:d5:ac:11:57:54:80:be:c4:0c:0b:
4d:06:f7:12:2c:3e:77:cd:ea:49:46:05:96:34:cc:88:0c:3e:
24:39:76:84:c0:50:a6:22:d2:45:10:6c:a6:5e:b0:ab:0c:bd:
aa:27:78:97:7b:85:39:24:7e:00:9d:48:d8:25:9e:4b:e0:71:
2b:f3:be:2b:5d:0a:7e:00:cf:72:b2:b2:4b:e8:bf:41:42:b8:
03:6f:46:9f:ea:cb:c8:85:aa:51:aa:ec:d9:08:f5:8d:57:04:
53:75:f3:09
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgIUUh0cdmE7r2Jr5xptQJ+87UQRgaAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMjMxNjIzNTRaFw0yNjAxMjIxNjI4NTRaMDMxMTAvBgNV
BAMTKEIyMkEzQTUwOTE2MjM3N0RBODNCOTUxMTg3Q0JGNkYyQUJEMjcyMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrOT1FK1ADBKklb3ftLvouFBDN
bxZ0g4sOipXeWpgNzWl4MMrRJGpObKpji1f46yPgEsVWY86M+ol3VHkf5onvSnFp
L5jSGF2VX3yNaIDuAEUBvVfaVtJIduWx59bjyfUo7p9PgtgDrLMsUyrIgpAvHSwr
DYFKfOh6WEtg4m47tf6M9ReGE3cQzMrK1m9BSiSSwPZa+ybZqBBmlzCK6BAZcIUY
gKKflWwsRRISqmQCbOA+E6mBtL3wzxO0DmITSRRnry+q2lXnNSw9I8jdn20l9wCR
MSH3vjmpLUXPptukRBxj6hsczRVVsAW1yIaIH3MhngbZuSODCOijWBGlxSSdAgMB
AAGjggJvMIICazAdBgNVHQ4EFgQUsio6UJFiN32oO5URh8v28qvSchQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDc2Ni5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBhQYIKwYBBQUHAQcBAf8EdjB0MHIEAgABMGwDBABSFcwD
BABSFp8DBABSGB8DBABSGHoDBABSGLQDBABSGMoDBABSGYwDBABSGaADBABSGboD
BABSGlwDBABSGm4DBABSGpoDBABSGsMDBABSGxEDBABSG2QDBABSG3sDBABSHWcD
BABSHWswDQYJKoZIhvcNAQELBQADggEBAKANIyB6TFCXmDo5jsLOpnG/ysb3tsb5
0R8dctv94BcPPuWNXjELw8rzRNnw+G26mGpjtQwt5xDX7mJq0anMHxTdJP8uPHKF
Fmbysaev7pWzpymtBJ2vo5v1ti7bCvyNkUcN7LtPxKwG6wix+R0AQ175Y2NzdcrD
eVQFA0pNh3klF3e9wh5+LgZRb6U1DJFOKRPX0rG3SEzd1awRV1SAvsQMC00G9xIs
PnfN6klGBZY0zIgMPiQ5doTAUKYi0kUQbKZesKsMvaoneJd7hTkkfgCdSNglnkvg
cSvzvitdCn4Az3Kyskvov0FCuANvRp/qy8iFqlGq7NkI9Y1XBFN18wk=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:08:26 2025 by rpki-client