Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9002.roa
File: AS9002.roa (raw, json)
Hash identifier: jXpESkzH0VGEg8bj/mU1Dg6J7bxZ6mSkPkBcngf9pwc=
Subject key identifier: 58:2F:91:A1:F6:D6:EE:66:65:1D:0E:62:8A:FD:35:B1:54:CF:CD:73
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 520C2CA39E81BB231E81D51D126865605D6DF244
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9002.roa
Signing time: Thu 20 Feb 2025 11:35:38 +0000
ROA not before: Thu 20 Feb 2025 11:30:38 +0000
ROA not after: Thu 19 Feb 2026 11:35:38 +0000
asID: 9002
IP address blocks: 82.23.136.0/24 maxlen: 24
82.23.137.0/24 maxlen: 24
82.23.142.0/24 maxlen: 24
82.23.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:0c:2c:a3:9e:81:bb:23:1e:81:d5:1d:12:68:65:60:5d:6d:f2:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 20 11:30:38 2025 GMT
Not After : Feb 19 11:35:38 2026 GMT
Subject: CN=582F91A1F6D6EE66651D0E628AFD35B154CFCD73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:5e:86:a7:6c:86:4a:d2:4d:7c:70:84:fe:9c:
4c:21:55:05:fb:f9:9f:b5:0e:97:d1:06:4e:7f:54:
97:b3:27:c2:14:46:1c:08:24:a1:9c:ff:a3:eb:df:
d8:2f:24:99:ff:74:93:c3:36:e8:61:00:b1:02:35:
71:f6:a9:55:a3:db:6c:a3:30:2f:dc:e4:3b:6b:20:
98:9a:69:df:ba:27:b7:18:94:7f:1b:9a:3b:5e:04:
cc:5a:5f:0b:6c:87:ce:49:c3:df:e3:ce:6f:af:80:
bc:56:97:c2:af:86:97:9a:b8:58:f2:08:cd:d2:0b:
8e:3b:84:89:89:60:16:db:33:b0:9d:ff:50:55:0a:
11:6b:d9:00:5d:cf:1d:b5:c7:e1:f7:5f:24:79:2c:
c9:7f:31:77:f7:68:6a:32:57:12:2a:bc:70:ae:25:
df:18:a9:d5:d2:04:ff:75:06:1a:da:a1:69:ea:1c:
82:c5:e9:5f:7e:40:c8:08:9c:72:05:40:87:94:f2:
a9:51:e6:14:38:45:b4:16:80:09:1c:1d:6f:38:20:
9e:e4:a0:df:d3:36:ad:15:ec:45:94:7c:ab:57:c8:
24:f2:5a:f5:64:5b:ef:70:31:e2:45:85:3a:ad:59:
29:65:a8:46:93:4c:99:54:cc:11:65:ec:0d:08:03:
4b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:2F:91:A1:F6:D6:EE:66:65:1D:0E:62:8A:FD:35:B1:54:CF:CD:73
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9002.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.136.0/23
82.23.142.0/24
82.23.151.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:ad:65:ed:37:82:75:77:73:43:0d:3e:b3:63:71:87:c4:f7:
f4:c2:17:ba:e7:06:1e:5c:09:0b:5f:72:39:d6:14:af:a5:5b:
10:03:3d:df:fd:99:cb:61:91:9e:22:fc:4a:12:84:ed:b6:a7:
ca:8f:cb:ab:09:5d:27:9a:9d:d7:10:81:a6:27:86:99:bf:4d:
3d:37:70:65:04:3b:35:db:c6:3d:0d:c0:23:a0:7a:78:84:b1:
ea:1d:6c:a4:8c:7e:08:a2:f0:05:29:b1:6e:fb:28:9a:64:cc:
3b:44:cc:4b:5a:af:3f:11:cf:fc:b6:ca:92:aa:d3:5a:4f:ef:
32:68:d0:09:6f:d4:7b:78:77:f5:f1:b1:49:84:71:83:94:41:
b6:7f:08:9d:cb:e9:a9:09:ed:11:d7:6c:0a:76:69:5c:02:c7:
96:81:71:d9:1c:41:9b:a5:f6:ee:02:b4:23:78:5a:6e:24:e2:
5d:92:82:6d:95:76:85:73:ef:b5:29:6f:80:d8:2d:29:db:31:
37:59:c9:48:52:8b:1a:8a:ec:e8:5d:ac:01:1d:24:f9:43:4f:
bb:92:ff:60:62:85:fd:82:b5:b4:90:af:8d:28:62:21:9c:03:
43:f9:5c:18:1b:cd:96:93:91:1b:6b:19:a8:d4:e0:9e:5e:e2:
71:58:0d:4d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIUUgwso56BuyMegdUdEmhlYF1t8kQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMjAxMTMwMzhaFw0yNjAyMTkxMTM1MzhaMDMxMTAvBgNV
BAMTKDU4MkY5MUExRjZENkVFNjY2NTFEMEU2MjhBRkQzNUIxNTRDRkNENzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdXoanbIZK0k18cIT+nEwhVQX7
+Z+1DpfRBk5/VJezJ8IURhwIJKGc/6Pr39gvJJn/dJPDNuhhALECNXH2qVWj22yj
MC/c5DtrIJiaad+6J7cYlH8bmjteBMxaXwtsh85Jw9/jzm+vgLxWl8KvhpeauFjy
CM3SC447hImJYBbbM7Cd/1BVChFr2QBdzx21x+H3XyR5LMl/MXf3aGoyVxIqvHCu
Jd8YqdXSBP91BhraoWnqHILF6V9+QMgInHIFQIeU8qlR5hQ4RbQWgAkcHW84IJ7k
oN/TNq0V7EWUfKtXyCTyWvVkW+9wMeJFhTqtWSllqEaTTJlUzBFl7A0IA0uTAgMB
AAGjggIUMIICEDAdBgNVHQ4EFgQUWC+RofbW7mZlHQ5iiv01sVTPzXMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTAwMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAVIXiAME
AFIXjgMEAFIXlzANBgkqhkiG9w0BAQsFAAOCAQEAKq1l7TeCdXdzQw0+s2Nxh8T3
9MIXuucGHlwJC19yOdYUr6VbEAM93/2Zy2GRniL8ShKE7banyo/LqwldJ5qd1xCB
pieGmb9NPTdwZQQ7NdvGPQ3AI6B6eISx6h1spIx+CKLwBSmxbvsommTMO0TMS1qv
PxHP/LbKkqrTWk/vMmjQCW/Ue3h39fGxSYRxg5RBtn8IncvpqQntEddsCnZpXALH
loFx2RxBm6X27gK0I3habiTiXZKCbZV2hXPvtSlvgNgtKdsxN1nJSFKLGors6F2s
AR0k+UNPu5L/YGKF/YK1tJCvjShiIZwDQ/lcGBvNlpORG2sZqNTgnl7icVgNTQ==
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:19:54 2025 by rpki-client