Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS4766.roa
File: AS4766.roa (raw, json)
Hash identifier: hmUT8V9ChSbYHpfNH6hIYe6AWQjrPN3QxPyI8oBKNq0=
Subject key identifier: 6B:C6:62:59:B1:C3:6A:CF:C8:D8:9B:6B:D4:D1:F4:71:7F:D8:B3:4A
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 6FA47A038AC2D86C469B52CA827FB7CDDD2B37A7
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS4766.roa
Signing time: Sun 16 Feb 2025 17:35:07 +0000
ROA not before: Sun 16 Feb 2025 17:30:07 +0000
ROA not after: Sun 15 Feb 2026 17:35:07 +0000
asID: 4766
IP address blocks: 82.21.204.0/24 maxlen: 24
82.24.31.0/24 maxlen: 24
82.24.122.0/24 maxlen: 24
82.26.110.0/24 maxlen: 24
82.26.154.0/24 maxlen: 24
82.27.17.0/24 maxlen: 24
82.27.100.0/24 maxlen: 24
82.27.123.0/24 maxlen: 24
82.29.103.0/24 maxlen: 24
82.29.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:a4:7a:03:8a:c2:d8:6c:46:9b:52:ca:82:7f:b7:cd:dd:2b:37:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 16 17:30:07 2025 GMT
Not After : Feb 15 17:35:07 2026 GMT
Subject: CN=6BC66259B1C36ACFC8D89B6BD4D1F4717FD8B34A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:50:65:d4:8f:32:4d:e5:01:6c:26:42:fa:38:
62:85:28:29:53:e7:ad:3f:c4:c6:72:df:97:e7:cd:
ca:25:d9:a0:5d:87:74:78:e4:3e:89:d3:d1:64:dd:
61:86:1f:5a:62:75:01:83:7d:54:55:08:80:34:11:
42:33:36:0d:f9:b1:73:a2:d3:15:c0:1d:53:1d:ef:
30:6e:14:16:95:d3:7c:49:3f:94:f6:18:5c:39:fd:
b6:81:b0:f2:a5:82:d9:62:6a:30:79:db:dd:4e:e9:
bf:9f:74:61:50:e5:47:db:26:d5:67:7e:dd:a9:dd:
fd:1f:04:5e:ab:54:77:d4:e0:48:e1:3b:1e:61:fd:
33:1e:4a:13:d9:a8:1a:61:f1:37:5d:eb:e1:b2:0b:
80:d3:94:bd:66:7c:99:9b:60:03:23:b0:74:48:c0:
82:80:9b:5e:85:aa:99:83:78:19:45:e8:97:5e:ad:
aa:da:c2:4f:8e:18:a8:18:d7:52:5f:7e:9e:f8:54:
42:77:72:5e:7e:92:81:5f:7c:81:47:65:42:b6:b4:
73:a0:af:2a:d4:9e:bd:af:0d:73:c1:95:88:6c:bd:
76:85:a5:3d:ad:aa:e0:61:cd:5f:00:86:d0:9b:29:
e7:8c:da:be:ba:38:51:77:1d:df:b4:1f:4b:a1:56:
27:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:C6:62:59:B1:C3:6A:CF:C8:D8:9B:6B:D4:D1:F4:71:7F:D8:B3:4A
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS4766.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.204.0/24
82.24.31.0/24
82.24.122.0/24
82.26.110.0/24
82.26.154.0/24
82.27.17.0/24
82.27.100.0/24
82.27.123.0/24
82.29.103.0/24
82.29.107.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:96:7b:5e:49:f3:06:a7:39:1c:b0:58:2b:e1:82:b9:b2:44:
05:4e:9d:a4:50:44:c3:aa:f8:e5:42:d9:63:08:0c:82:1e:d8:
b7:2c:7c:b2:e8:f9:b1:ae:71:d6:93:9b:b2:2f:94:62:e1:08:
df:ed:1b:69:a4:cb:d7:38:66:a9:41:67:44:fa:08:ae:55:0c:
1e:10:f3:96:3d:6b:cc:67:ae:41:b0:15:93:f3:c7:92:e7:48:
33:48:76:81:69:00:08:7d:34:36:e1:7c:3d:fb:2b:68:a9:5e:
f8:c1:68:a2:41:bb:14:3f:17:9d:de:3f:45:06:b2:22:33:da:
cb:a2:d5:55:1e:c7:1b:0b:68:cb:29:9a:1e:3d:f3:2a:4e:9b:
f8:de:d6:6d:91:51:7f:91:96:77:fb:25:e2:27:07:8e:d8:56:
a1:20:c2:45:5a:80:94:b9:2a:51:69:99:b1:a4:b2:d3:77:27:
31:a8:90:77:bf:36:8f:3e:99:3c:cb:17:22:4f:7f:8e:78:d7:
3c:25:1e:14:2c:8a:17:49:5f:a7:9c:04:21:6e:8d:a5:96:b9:
a4:2c:c4:a9:ef:ea:e4:d7:eb:cd:73:36:af:c7:bf:cf:83:89:
d8:5d:3e:61:13:59:4b:23:9b:0c:d6:1e:52:04:80:92:ef:52:
70:e7:c7:d3
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUb6R6A4rC2GxGm1LKgn+3zd0rN6cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMTYxNzMwMDdaFw0yNjAyMTUxNzM1MDdaMDMxMTAvBgNV
BAMTKDZCQzY2MjU5QjFDMzZBQ0ZDOEQ4OUI2QkQ0RDFGNDcxN0ZEOEIzNEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+UGXUjzJN5QFsJkL6OGKFKClT
560/xMZy35fnzcol2aBdh3R45D6J09Fk3WGGH1pidQGDfVRVCIA0EUIzNg35sXOi
0xXAHVMd7zBuFBaV03xJP5T2GFw5/baBsPKlgtliajB5291O6b+fdGFQ5UfbJtVn
ft2p3f0fBF6rVHfU4EjhOx5h/TMeShPZqBph8Tdd6+GyC4DTlL1mfJmbYAMjsHRI
wIKAm16FqpmDeBlF6Jderarawk+OGKgY11Jffp74VEJ3cl5+koFffIFHZUK2tHOg
ryrUnr2vDXPBlYhsvXaFpT2tquBhzV8AhtCbKeeM2r66OFF3Hd+0H0uhVicFAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUa8ZiWbHDas/I2Jtr1NH0cX/Ys0owHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDc2Ni5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBVBggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAFIVzAME
AFIYHwMEAFIYegMEAFIabgMEAFIamgMEAFIbEQMEAFIbZAMEAFIbewMEAFIdZwME
AFIdazANBgkqhkiG9w0BAQsFAAOCAQEADJZ7XknzBqc5HLBYK+GCubJEBU6dpFBE
w6r45ULZYwgMgh7Ytyx8suj5sa5x1pObsi+UYuEI3+0baaTL1zhmqUFnRPoIrlUM
HhDzlj1rzGeuQbAVk/PHkudIM0h2gWkACH00NuF8PfsraKle+MFookG7FD8Xnd4/
RQayIjPay6LVVR7HGwtoyymaHj3zKk6b+N7WbZFRf5GWd/sl4icHjthWoSDCRVqA
lLkqUWmZsaSy03cnMaiQd782jz6ZPMsXIk9/jnjXPCUeFCyKF0lfp5wEIW6NpZa5
pCzEqe/q5NfrzXM2r8e/z4OJ2F0+YRNZSyObDNYeUgSAku9ScOfH0w==
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:19:54 2025 by rpki-client