Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5089.roa
File: AS5089.roa (raw, json)
Hash identifier: yP7d6CCUEHDSlYG/CrBPBFmvf42evl6uIFLZ+SylCMY=
Subject key identifier: CA:2D:F4:E8:98:0A:B2:D8:6B:7B:FF:F0:59:BA:28:FC:14:FE:CC:42
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 03B87DE7B0DF5D57AA376DC2691FBF4E4AC9873C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5089.roa
Signing time: Fri 24 Jan 2025 16:33:18 +0000
ROA not before: Fri 24 Jan 2025 16:28:18 +0000
ROA not after: Fri 23 Jan 2026 16:33:18 +0000
asID: 5089
IP address blocks: 82.21.66.0/24 maxlen: 24
82.21.76.0/24 maxlen: 24
82.21.127.0/24 maxlen: 24
82.21.136.0/24 maxlen: 24
82.23.149.0/24 maxlen: 24
82.23.150.0/24 maxlen: 24
82.23.165.0/24 maxlen: 24
82.23.184.0/24 maxlen: 24
82.24.48.0/24 maxlen: 24
82.24.101.0/24 maxlen: 24
82.25.132.0/24 maxlen: 24
82.25.199.0/24 maxlen: 24
82.25.204.0/24 maxlen: 24
82.26.0.0/18 maxlen: 24
82.26.80.0/24 maxlen: 24
82.26.84.0/24 maxlen: 24
82.26.112.0/24 maxlen: 24
82.26.119.0/24 maxlen: 24
82.26.124.0/24 maxlen: 24
82.26.127.0/24 maxlen: 24
82.27.108.0/24 maxlen: 24
82.27.110.0/24 maxlen: 24
82.27.122.0/24 maxlen: 24
82.27.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:b8:7d:e7:b0:df:5d:57:aa:37:6d:c2:69:1f:bf:4e:4a:c9:87:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 24 16:28:18 2025 GMT
Not After : Jan 23 16:33:18 2026 GMT
Subject: CN=CA2DF4E8980AB2D86B7BFFF059BA28FC14FECC42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:37:ea:d4:db:83:ab:5c:a9:00:28:13:07:79:
5b:e7:77:65:1f:d9:2e:1e:f7:05:e2:cd:11:b5:b5:
c3:bb:cd:6a:61:f8:19:f0:11:94:39:f7:85:d7:57:
e0:0b:e2:ef:d8:23:f7:a4:76:55:b3:1e:80:00:a4:
3b:86:50:79:35:43:43:7f:de:45:19:ab:e3:b7:74:
1a:01:e7:18:f0:49:c7:eb:3d:97:0e:19:a7:6b:af:
33:36:60:8f:5d:3d:aa:fe:14:d6:2d:62:39:4d:62:
e3:48:33:0f:a6:c8:5b:fa:00:98:a3:34:09:21:d3:
1e:bc:7b:0f:69:55:ce:6c:cc:b4:e0:48:3f:11:f2:
2f:15:f0:b2:3c:4d:1a:87:1c:87:6e:94:78:60:41:
07:30:1c:3e:57:e6:d4:36:4c:f7:41:6b:06:3e:7b:
45:fc:55:13:27:35:2b:87:70:29:0a:81:a6:29:49:
9e:f1:3d:fa:9c:43:92:ec:ad:60:1d:90:8d:de:07:
88:71:c1:e0:39:8b:d3:9e:3f:f2:c2:ad:34:3e:19:
67:78:91:03:83:c9:d4:52:d2:a8:11:42:10:44:f8:
ed:e4:69:6f:de:ed:5d:9f:5a:34:51:2f:98:b5:a6:
b6:9e:a8:7b:b8:f1:88:8a:ac:82:95:93:1a:ec:55:
3a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:2D:F4:E8:98:0A:B2:D8:6B:7B:FF:F0:59:BA:28:FC:14:FE:CC:42
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5089.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.66.0/24
82.21.76.0/24
82.21.127.0/24
82.21.136.0/24
82.23.149.0-82.23.150.255
82.23.165.0/24
82.23.184.0/24
82.24.48.0/24
82.24.101.0/24
82.25.132.0/24
82.25.199.0/24
82.25.204.0/24
82.26.0.0/18
82.26.80.0/24
82.26.84.0/24
82.26.112.0/24
82.26.119.0/24
82.26.124.0/24
82.26.127.0/24
82.27.108.0/24
82.27.110.0/24
82.27.122.0/24
82.27.124.0/24
Signature Algorithm: sha256WithRSAEncryption
89:0a:24:53:c9:54:02:3a:04:99:8e:ea:2f:3c:7a:87:46:4e:
4e:da:8c:81:84:a5:ac:a1:fa:78:39:88:d2:01:7c:37:d2:ee:
bb:ca:7b:ea:4c:d1:16:6c:fa:06:13:c5:43:dd:37:b4:b6:71:
90:d4:97:62:67:6d:95:d6:d1:e6:01:e0:de:8c:5e:be:69:d6:
04:f0:e5:6c:07:e6:a2:e7:c8:4e:18:7d:79:ac:85:87:99:88:
4c:5d:0e:b8:ba:30:43:64:17:79:bc:1f:bf:21:d7:c7:50:e3:
d1:d7:75:ff:83:3d:3f:fa:85:5a:22:54:ed:f7:f3:b6:45:3b:
77:df:cc:1a:d2:3e:ea:f6:b3:9f:fa:4d:05:fa:dc:fe:0a:c2:
f4:2f:0a:ce:e0:b1:a9:5e:f6:7b:fa:11:b3:b3:da:7e:25:68:
62:b7:f2:7b:7e:f1:57:17:92:1b:b7:d0:59:b7:90:42:37:fd:
08:11:c2:24:e6:4e:2f:7a:61:b1:ab:4f:f4:ca:be:98:97:71:
e9:12:70:10:19:c8:ff:1c:6c:b3:ad:bd:83:5a:d5:88:2e:b2:
d1:f3:89:fc:10:3c:98:6c:06:b3:16:ce:89:70:b7:b1:67:b5:
b6:60:26:9a:05:a7:d7:48:00:45:52:c7:d0:77:9f:75:ba:e1:
6a:dd:a9:ee
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIUA7h957DfXVeqN23CaR+/TkrJhzwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMjQxNjI4MThaFw0yNjAxMjMxNjMzMThaMDMxMTAvBgNV
BAMTKENBMkRGNEU4OTgwQUIyRDg2QjdCRkZGMDU5QkEyOEZDMTRGRUNDNDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEN+rU24OrXKkAKBMHeVvnd2Uf
2S4e9wXizRG1tcO7zWph+BnwEZQ594XXV+AL4u/YI/ekdlWzHoAApDuGUHk1Q0N/
3kUZq+O3dBoB5xjwScfrPZcOGadrrzM2YI9dPar+FNYtYjlNYuNIMw+myFv6AJij
NAkh0x68ew9pVc5szLTgSD8R8i8V8LI8TRqHHIdulHhgQQcwHD5X5tQ2TPdBawY+
e0X8VRMnNSuHcCkKgaYpSZ7xPfqcQ5LsrWAdkI3eB4hxweA5i9OeP/LCrTQ+GWd4
kQODydRS0qgRQhBE+O3kaW/e7V2fWjRRL5i1praeqHu48YiKrIKVkxrsVTplAgMB
AAGjggKZMIIClTAdBgNVHQ4EFgQUyi306JgKsthre//wWboo/BT+zEIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTA4OS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBrwYIKwYBBQUHAQcBAf8EgZ8wgZwwgZkEAgABMIGSAwQA
UhVCAwQAUhVMAwQAUhV/AwQAUhWIMAwDBABSF5UDBABSF5YDBABSF6UDBABSF7gD
BABSGDADBABSGGUDBABSGYQDBABSGccDBABSGcwDBAZSGgADBABSGlADBABSGlQD
BABSGnADBABSGncDBABSGnwDBABSGn8DBABSG2wDBABSG24DBABSG3oDBABSG3ww
DQYJKoZIhvcNAQELBQADggEBAIkKJFPJVAI6BJmO6i88eodGTk7ajIGEpayh+ng5
iNIBfDfS7rvKe+pM0RZs+gYTxUPdN7S2cZDUl2JnbZXW0eYB4N6MXr5p1gTw5WwH
5qLnyE4YfXmshYeZiExdDri6MENkF3m8H78h18dQ49HXdf+DPT/6hVoiVO3387ZF
O3ffzBrSPur2s5/6TQX63P4KwvQvCs7gsale9nv6EbOz2n4laGK38nt+8VcXkhu3
0Fm3kEI3/QgRwiTmTi96YbGrT/TKvpiXcekScBAZyP8cbLOtvYNa1YgustHzifwQ
PJhsBrMWzolwt7FntbZgJpoFp9dIAEVSx9B3n3W64Wrdqe4=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:07:06 2025 by rpki-client