Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS56322.roa
File: AS56322.roa (raw, json)
Hash identifier: 1UOrn3zspvLaJq9btMI/oS+IKcMHTVGNRwhKl9ZtH4U=
Subject key identifier: 38:11:30:5E:BD:E7:CF:F0:3D:5B:22:4A:15:2D:80:3C:9D:EB:5B:48
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7977C92C9693B4550C12EC1DDB0044D44FE7E1C3
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS56322.roa
Signing time: Wed 19 Mar 2025 13:15:03 +0000
ROA not before: Wed 19 Mar 2025 13:10:03 +0000
ROA not after: Wed 18 Mar 2026 13:15:03 +0000
asID: 56322
IP address blocks: 82.21.225.0/24 maxlen: 24
82.21.226.0/24 maxlen: 24
82.22.225.0/24 maxlen: 24
82.23.199.0/24 maxlen: 24
82.23.215.0/24 maxlen: 24
82.23.218.0/24 maxlen: 24
82.24.227.0/24 maxlen: 24
82.25.223.0/24 maxlen: 24
82.25.236.0/24 maxlen: 24
82.26.231.0/24 maxlen: 24
82.29.209.0/24 maxlen: 24
82.29.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 19:12:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:77:c9:2c:96:93:b4:55:0c:12:ec:1d:db:00:44:d4:4f:e7:e1:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 19 13:10:03 2025 GMT
Not After : Mar 18 13:15:03 2026 GMT
Subject: CN=3811305EBDE7CFF03D5B224A152D803C9DEB5B48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:de:9a:12:2c:a0:e1:36:55:c1:e2:c4:d4:62:
52:7d:7f:87:8a:e3:39:1e:2f:8b:43:c1:81:dc:69:
37:aa:15:fd:48:07:80:21:78:74:ee:e9:81:03:b1:
81:a9:c7:c4:26:55:ce:b2:0a:37:c1:40:97:b7:24:
de:1d:b4:ad:90:98:3e:a3:e2:d9:9b:f8:c3:16:1d:
07:7f:be:7a:35:5f:1a:15:d9:48:89:22:d0:a0:96:
f4:51:d4:36:d8:ab:03:a8:43:56:e3:74:ee:98:6a:
be:3b:91:9e:96:9f:78:42:b0:f1:5e:bd:62:e9:3a:
fa:a7:56:31:0a:4e:7b:f7:d6:08:f3:3b:c2:db:10:
38:49:08:65:55:e7:04:1a:17:72:14:6d:54:18:e7:
87:02:3e:c9:a2:cb:89:2c:68:8c:f4:21:1b:f3:a8:
b2:45:ce:75:24:58:e0:3c:72:e9:4d:9c:25:8a:8f:
03:78:53:dd:5f:6d:1a:b3:a6:c8:78:41:79:cc:ca:
c6:5b:51:79:ca:c2:87:b4:ef:d9:bd:9c:d9:8f:80:
9a:76:18:be:38:e9:d2:51:d9:fe:94:65:cd:0d:24:
46:be:c2:fe:79:d7:67:65:9b:fc:01:02:e4:63:0f:
e3:e6:88:c0:8b:87:77:22:10:e2:73:3c:aa:c5:27:
a0:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:11:30:5E:BD:E7:CF:F0:3D:5B:22:4A:15:2D:80:3C:9D:EB:5B:48
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS56322.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.225.0-82.21.226.255
82.22.225.0/24
82.23.199.0/24
82.23.215.0/24
82.23.218.0/24
82.24.227.0/24
82.25.223.0/24
82.25.236.0/24
82.26.231.0/24
82.29.209.0/24
82.29.236.0/24
Signature Algorithm: sha256WithRSAEncryption
64:c1:75:9e:2a:3f:0b:7a:a5:86:e1:93:47:b9:b4:5c:18:12:
8f:ec:f4:a5:20:b7:16:d0:25:fc:5e:b8:cc:3c:4e:01:b1:31:
ee:43:75:21:6e:b7:b1:a3:3e:02:b8:79:bd:07:b1:27:2c:be:
81:53:55:53:03:7c:60:d4:e9:c4:c9:fe:90:0d:06:ff:9c:c9:
46:e8:02:82:20:4f:3c:b9:40:ed:bd:d7:b9:37:ae:df:6f:71:
86:a9:7e:f2:e6:3d:23:1e:5e:19:92:21:ac:34:4e:f7:ad:5c:
6b:8f:4e:3f:fa:55:f7:19:7a:79:e9:11:c5:3f:b2:9c:3e:0b:
67:54:20:4c:cf:33:d0:46:2b:ff:ca:62:d8:6b:ce:c4:ef:13:
e0:53:2c:64:00:11:9a:1f:49:e2:59:88:da:ef:ce:0a:e8:f6:
51:d2:4f:32:0d:75:a9:fc:9c:e6:b9:a7:57:e0:64:7a:43:a3:
da:e2:1c:8f:9b:bb:58:e3:d6:7f:bc:df:90:b9:c1:20:6d:89:
5a:10:b4:aa:44:87:df:a3:70:28:ff:79:60:89:a9:ea:89:87:
4e:99:44:62:48:42:52:f1:b4:89:95:70:8c:ff:05:64:ad:95:
4f:bd:da:a7:36:8b:67:96:84:99:b0:13:49:73:a1:ad:56:be:
79:a6:0d:11
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUeXfJLJaTtFUMEuwd2wBE1E/n4cMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMTkxMzEwMDNaFw0yNjAzMTgxMzE1MDNaMDMxMTAvBgNV
BAMTKDM4MTEzMDVFQkRFN0NGRjAzRDVCMjI0QTE1MkQ4MDNDOURFQjVCNDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF3poSLKDhNlXB4sTUYlJ9f4eK
4zkeL4tDwYHcaTeqFf1IB4AheHTu6YEDsYGpx8QmVc6yCjfBQJe3JN4dtK2QmD6j
4tmb+MMWHQd/vno1XxoV2UiJItCglvRR1DbYqwOoQ1bjdO6Yar47kZ6Wn3hCsPFe
vWLpOvqnVjEKTnv31gjzO8LbEDhJCGVV5wQaF3IUbVQY54cCPsmiy4ksaIz0IRvz
qLJFznUkWOA8culNnCWKjwN4U91fbRqzpsh4QXnMysZbUXnKwoe079m9nNmPgJp2
GL446dJR2f6UZc0NJEa+wv5512dlm/wBAuRjD+PmiMCLh3ciEOJzPKrFJ6BzAgMB
AAGjggJNMIICSTAdBgNVHQ4EFgQUOBEwXr3nz/A9WyJKFS2APJ3rW0gwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTYzMjIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwYwYIKwYBBQUHAQcBAf8EVDBSMFAEAgABMEowDAMEAFIV
4QMEAFIV4gMEAFIW4QMEAFIXxwMEAFIX1wMEAFIX2gMEAFIY4wMEAFIZ3wMEAFIZ
7AMEAFIa5wMEAFId0QMEAFId7DANBgkqhkiG9w0BAQsFAAOCAQEAZMF1nio/C3ql
huGTR7m0XBgSj+z0pSC3FtAl/F64zDxOAbEx7kN1IW63saM+Arh5vQexJyy+gVNV
UwN8YNTpxMn+kA0G/5zJRugCgiBPPLlA7b3XuTeu329xhql+8uY9Ix5eGZIhrDRO
961ca49OP/pV9xl6eekRxT+ynD4LZ1QgTM8z0EYr/8pi2GvOxO8T4FMsZAARmh9J
4lmI2u/OCuj2UdJPMg11qfyc5rmnV+BkekOj2uIcj5u7WOPWf7zfkLnBIG2JWhC0
qkSH36NwKP95YImp6omHTplEYkhCUvG0iZVwjP8FZK2VT73apzaLZ5aEmbATSXOh
rVa+eaYNEQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:51:10 2025 by rpki-client