Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59432.roa
File: AS59432.roa (raw, json)
Hash identifier: OJY/P6n5slipSFHRlbcsLAwVSOwvxABWvMekPnRZW9I=
Subject key identifier: 87:F9:47:3C:56:3C:7B:2E:CC:F3:CE:05:5A:65:1C:A7:1D:3F:7D:F9
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 26DEC0CE400DBC1B1BB36095BFD01415604EFEF3
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59432.roa
Signing time: Sat 01 Feb 2025 20:37:46 +0000
ROA not before: Sat 01 Feb 2025 20:32:46 +0000
ROA not after: Sat 31 Jan 2026 20:37:46 +0000
asID: 59432
IP address blocks: 82.23.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:de:c0:ce:40:0d:bc:1b:1b:b3:60:95:bf:d0:14:15:60:4e:fe:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 1 20:32:46 2025 GMT
Not After : Jan 31 20:37:46 2026 GMT
Subject: CN=87F9473C563C7B2ECCF3CE055A651CA71D3F7DF9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:bb:8b:d0:f1:47:c5:93:d8:f2:c8:db:72:65:
1e:1f:d0:da:7d:8d:89:49:c2:fe:2c:0c:ef:a1:34:
4a:bd:4a:6f:99:45:b9:53:ef:ea:39:32:32:b1:f3:
22:26:3c:b3:a6:8b:1e:a8:2a:79:67:bc:b5:8f:15:
3d:58:f5:5a:f2:c9:2a:fc:e2:84:f8:86:d4:ba:56:
9b:c8:fe:61:ac:fb:4a:f8:1b:14:ec:f5:f2:a1:8a:
3a:a1:f8:26:72:2e:16:21:51:74:d6:99:47:6f:0a:
1b:9c:3c:75:5b:81:dd:92:b8:c7:30:d6:6e:0b:79:
48:fa:54:a4:e5:8f:d7:72:5b:c5:0d:be:40:eb:59:
68:f0:8e:8a:71:5b:42:d5:f5:3c:80:d8:80:28:9e:
17:d5:87:89:da:ed:c6:9e:1a:1f:b3:7e:68:6e:32:
9b:a2:9c:41:24:62:d2:78:b3:3a:97:95:5f:84:fa:
4f:b4:ee:fa:90:52:5f:34:20:49:b1:b9:06:c4:22:
3a:58:29:50:88:bc:5e:b2:7e:c3:f9:28:34:3d:75:
66:ad:07:7e:7d:2b:e0:9d:72:d8:20:64:0e:29:19:
55:78:fd:da:a9:bc:25:1b:b1:86:ac:e0:62:5b:de:
8e:c8:61:c5:9f:e2:7d:61:b8:86:7f:f6:f8:33:92:
70:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F9:47:3C:56:3C:7B:2E:CC:F3:CE:05:5A:65:1C:A7:1D:3F:7D:F9
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.181.0/24
Signature Algorithm: sha256WithRSAEncryption
53:cc:e2:d4:5c:d7:73:9d:b9:0a:94:fb:a2:70:08:f3:8f:2f:
1f:87:22:2f:e6:a5:25:d3:c3:32:9e:f5:f9:d5:6a:52:87:4f:
b1:16:af:5a:4a:02:6c:5e:9e:4b:f2:4b:ae:9a:8c:4c:80:21:
6d:9d:6d:22:9b:f9:db:d1:b4:a4:80:5f:6c:15:21:8c:2c:76:
82:18:5f:16:07:6e:0c:df:67:be:0c:ef:70:f3:05:f2:22:94:
cf:00:5f:9d:26:63:0f:75:9c:d4:82:59:58:9e:4b:58:a5:bd:
41:cb:ef:86:81:00:4f:57:a1:8a:84:4e:91:2c:83:9e:d4:ea:
19:01:e7:71:01:42:d2:a6:40:dc:1f:85:21:2b:b8:f1:88:d0:
23:c1:83:4f:af:36:61:e7:2f:ff:40:b8:f9:14:b5:f6:78:2e:
ad:93:8d:a5:5e:52:8b:37:1c:3e:68:df:4a:69:6d:66:fa:f4:
2b:13:16:b8:f3:60:20:8e:fa:14:00:9c:b6:3b:d8:54:20:79:
50:24:f8:9a:f1:c5:c2:ac:3e:d5:34:fc:f8:20:3a:66:e4:8f:
85:92:f6:f5:50:51:a1:3a:c7:e8:db:7f:44:e3:0f:42:17:95:
c5:05:05:41:38:96:95:40:48:4c:ef:fa:48:1d:2e:1f:29:13:
2a:bf:97:4a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUJt7AzkANvBsbs2CVv9AUFWBO/vMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMDEyMDMyNDZaFw0yNjAxMzEyMDM3NDZaMDMxMTAvBgNV
BAMTKDg3Rjk0NzNDNTYzQzdCMkVDQ0YzQ0UwNTVBNjUxQ0E3MUQzRjdERjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKu4vQ8UfFk9jyyNtyZR4f0Np9
jYlJwv4sDO+hNEq9Sm+ZRblT7+o5MjKx8yImPLOmix6oKnlnvLWPFT1Y9VryySr8
4oT4htS6VpvI/mGs+0r4GxTs9fKhijqh+CZyLhYhUXTWmUdvChucPHVbgd2SuMcw
1m4LeUj6VKTlj9dyW8UNvkDrWWjwjopxW0LV9TyA2IAonhfVh4na7caeGh+zfmhu
MpuinEEkYtJ4szqXlV+E+k+07vqQUl80IEmxuQbEIjpYKVCIvF6yfsP5KDQ9dWat
B359K+CdctggZA4pGVV4/dqpvCUbsYas4GJb3o7IYcWf4n1huIZ/9vgzknAFAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUh/lHPFY8ey7M884FWmUcpx0/ffkwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTk0MzIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABSF7Uw
DQYJKoZIhvcNAQELBQADggEBAFPM4tRc13OduQqU+6JwCPOPLx+HIi/mpSXTwzKe
9fnValKHT7EWr1pKAmxenkvyS66ajEyAIW2dbSKb+dvRtKSAX2wVIYwsdoIYXxYH
bgzfZ74M73DzBfIilM8AX50mYw91nNSCWVieS1ilvUHL74aBAE9XoYqETpEsg57U
6hkB53EBQtKmQNwfhSEruPGI0CPBg0+vNmHnL/9AuPkUtfZ4Lq2TjaVeUos3HD5o
30ppbWb69CsTFrjzYCCO+hQAnLY72FQgeVAk+JrxxcKsPtU0/PggOmbkj4WS9vVQ
UaE6x+jbf0TjD0IXlcUFBUE4lpVASEzv+kgdLh8pEyq/l0o=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:51:25 2025 by rpki-client