Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: ZxsHSsBJYRzoWp5WBMErYhM2NECCANlTIRDSck+5ZXM=
Subject key identifier: 21:2B:33:23:41:75:EB:22:9E:D0:69:1D:5C:E9:1B:F5:D1:5C:EE:EF
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2C1D851112A3626CF10E9C5C5859767EF50D98DA
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa
Signing time: Tue 14 Jan 2025 13:57:00 +0000
ROA not before: Tue 14 Jan 2025 13:52:00 +0000
ROA not after: Tue 13 Jan 2026 13:57:00 +0000
asID: 9009
IP address blocks: 82.29.113.0/24 maxlen: 24
82.29.114.0/24 maxlen: 24
82.29.116.0/24 maxlen: 24
82.29.117.0/24 maxlen: 24
2a13:9500:4::/48 maxlen: 48
2a13:9500:5::/48 maxlen: 48
2a13:9500:6::/48 maxlen: 48
2a13:9500:7::/48 maxlen: 48
2a13:9500:8::/48 maxlen: 48
2a13:9500:9::/48 maxlen: 48
2a13:9500:a::/48 maxlen: 48
2a13:9500:b::/48 maxlen: 48
2a13:9500:c::/48 maxlen: 48
2a13:9500:d::/48 maxlen: 48
2a13:9500:e::/48 maxlen: 48
2a13:9500:f::/48 maxlen: 48
2a13:9500:10::/48 maxlen: 48
2a13:9500:11::/48 maxlen: 48
2a13:9500:12::/48 maxlen: 48
2a13:9500:13::/48 maxlen: 48
2a13:9500:14::/48 maxlen: 48
2a13:9500:15::/48 maxlen: 48
2a13:9500:16::/48 maxlen: 48
2a13:9500:17::/48 maxlen: 48
2a13:9500:18::/48 maxlen: 48
2a13:9500:19::/48 maxlen: 48
2a13:9500:1a::/48 maxlen: 48
2a13:9500:1b::/48 maxlen: 48
2a13:9500:29::/48 maxlen: 48
2a13:9500:2a::/48 maxlen: 48
2a13:9500:2b::/48 maxlen: 48
2a13:9500:2c::/48 maxlen: 48
2a13:9500:2e::/48 maxlen: 48
2a13:9500:2f::/48 maxlen: 48
2a13:9500:30::/48 maxlen: 48
2a13:9500:31::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:1d:85:11:12:a3:62:6c:f1:0e:9c:5c:58:59:76:7e:f5:0d:98:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 14 13:52:00 2025 GMT
Not After : Jan 13 13:57:00 2026 GMT
Subject: CN=212B33234175EB229ED0691D5CE91BF5D15CEEEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:72:1a:33:74:cb:c6:ce:27:89:74:89:67:42:
d9:d7:b1:d1:a3:9f:e5:92:ac:dd:2a:51:fb:a2:fb:
33:f2:21:b2:d0:59:f6:ee:69:17:75:b4:b9:b4:c7:
d8:3b:63:6f:af:d5:88:e3:90:95:7c:ad:c2:3f:3f:
89:b1:58:18:15:91:7d:53:f8:e4:a4:28:4c:25:fc:
6d:36:3c:c6:32:77:d6:17:72:03:75:32:35:f5:e2:
e1:0f:fd:28:3d:f9:fa:34:3a:40:4f:da:4f:dc:2d:
31:5b:fa:bf:d1:52:cf:2f:b1:76:be:ac:90:05:57:
7a:4d:c2:00:d6:82:a5:4f:4f:e1:64:66:8d:77:ac:
29:2c:ec:84:47:16:ec:6e:b2:e9:f7:b3:dc:28:b5:
00:d9:08:78:ba:c6:ea:ac:b9:f3:ac:3d:34:1f:d6:
87:9c:17:30:86:2e:a8:bf:6e:dc:72:2e:cc:d4:a9:
35:26:4d:f7:05:af:60:8d:2f:d9:c5:1c:1f:1c:69:
d6:cf:24:93:d4:d6:54:68:41:c3:ab:19:c7:30:3b:
0d:43:fd:42:36:4b:ef:48:b5:79:1d:89:e3:4d:f7:
78:da:ba:28:d4:0e:4e:2d:76:27:e9:cd:b6:5e:3a:
e7:1b:a1:86:3e:9a:ea:85:fe:77:2a:17:7d:1b:7d:
f6:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:2B:33:23:41:75:EB:22:9E:D0:69:1D:5C:E9:1B:F5:D1:5C:EE:EF
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.29.113.0-82.29.114.255
82.29.116.0/23
IPv6:
2a13:9500:4::-2a13:9500:1b:ffff:ffff:ffff:ffff:ffff
2a13:9500:29::-2a13:9500:2c:ffff:ffff:ffff:ffff:ffff
2a13:9500:2e::-2a13:9500:31:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
54:44:56:87:14:d2:1a:1e:23:ba:76:c4:26:17:84:cf:15:f1:
e8:60:71:ed:09:18:5c:0c:fe:cc:b4:11:55:8a:b3:97:79:74:
40:06:33:5a:02:be:d1:0b:a1:75:d9:cb:4a:17:32:d4:a3:3b:
38:e7:1b:05:47:70:92:20:a3:e6:21:50:db:a5:cf:2d:4d:5f:
06:9f:0b:5a:82:92:fa:99:c4:16:23:2f:09:7d:ae:25:fd:7e:
f5:bd:af:5c:e6:09:a7:99:2b:37:ca:3c:b6:09:7c:09:39:e4:
99:d2:67:42:84:f5:44:0f:91:46:b8:49:cb:65:d5:eb:8c:6a:
d8:cb:3c:77:e4:a7:42:f0:f9:fe:4c:71:5d:e2:d5:a7:59:86:
d8:4f:1d:c5:5b:71:0c:5b:17:5f:90:cb:8c:1f:96:b7:83:b1:
62:db:bd:9b:b5:b5:b3:12:fc:18:d3:fc:80:14:e0:41:24:86:
1b:02:39:6e:ae:e2:dc:e8:23:96:57:5b:69:6c:3b:f2:e6:94:
2c:59:de:e9:00:8b:c2:31:82:26:2e:f5:bb:13:57:d0:8f:ea:
54:f0:1c:b6:ce:c6:32:84:ee:1c:14:48:c4:5b:b1:9b:49:64:
ee:1a:3a:18:f3:c4:e6:97:09:55:e5:80:1e:3a:2e:04:5f:51:
2f:5b:80:27
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgIULB2FERKjYmzxDpxcWFl2fvUNmNowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMTQxMzUyMDBaFw0yNjAxMTMxMzU3MDBaMDMxMTAvBgNV
BAMTKDIxMkIzMzIzNDE3NUVCMjI5RUQwNjkxRDVDRTkxQkY1RDE1Q0VFRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCachozdMvGzieJdIlnQtnXsdGj
n+WSrN0qUfui+zPyIbLQWfbuaRd1tLm0x9g7Y2+v1YjjkJV8rcI/P4mxWBgVkX1T
+OSkKEwl/G02PMYyd9YXcgN1MjX14uEP/Sg9+fo0OkBP2k/cLTFb+r/RUs8vsXa+
rJAFV3pNwgDWgqVPT+FkZo13rCks7IRHFuxusun3s9wotQDZCHi6xuqsufOsPTQf
1oecFzCGLqi/btxyLszUqTUmTfcFr2CNL9nFHB8cadbPJJPU1lRoQcOrGccwOw1D
/UI2S+9ItXkdieNN93jauijUDk4tdifpzbZeOucboYY+muqF/ncqF30bffZBAgMB
AAGjggJaMIICVjAdBgNVHQ4EFgQUISszI0F16yKe0GkdXOkb9dFc7u8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBxBggrBgEFBQcBBwEB/wRiMGAwGgQCAAEwFDAMAwQAUh1x
AwQAUh1yAwQBUh10MEIEAgACMDwwEgMHAioTlQAABAMHAioTlQAAGDASAwcAKhOV
AAApAwcAKhOVAAAsMBIDBwEqE5UAAC4DBwEqE5UAADAwDQYJKoZIhvcNAQELBQAD
ggEBAFREVocU0hoeI7p2xCYXhM8V8ehgce0JGFwM/sy0EVWKs5d5dEAGM1oCvtEL
oXXZy0oXMtSjOzjnGwVHcJIgo+YhUNulzy1NXwafC1qCkvqZxBYjLwl9riX9fvW9
r1zmCaeZKzfKPLYJfAk55JnSZ0KE9UQPkUa4Sctl1euMatjLPHfkp0Lw+f5McV3i
1adZhthPHcVbcQxbF1+Qy4wflreDsWLbvZu1tbMS/BjT/IAU4EEkhhsCOW6u4tzo
I5ZXW2lsO/LmlCxZ3ukAi8IxgiYu9bsTV9CP6lTwHLbOxjKE7hwUSMRbsZtJZO4a
OhjzxOaXCVXlgB46LgRfUS9bgCc=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:05:32 2025 by rpki-client