Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS203020.roa
File: AS203020.roa (raw, json)
Hash identifier: Luyj5HYfrc7IZ1kp/KtiSMoI8be5lECRHWG3frnaIuY=
Subject key identifier: DB:39:FB:A2:72:9F:B2:84:2A:DB:2B:9C:DA:97:D2:17:8D:DC:64:77
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 18A64FCC4179874A660A27A4E7D6F9F600D21941
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS203020.roa
Signing time: Wed 27 Mar 2024 07:05:14 +0000
ROA not before: Wed 27 Mar 2024 07:00:14 +0000
ROA not after: Wed 26 Mar 2025 07:05:14 +0000
asID: 203020
IP address blocks: 2.57.176.0/22 maxlen: 24
45.140.236.0/22 maxlen: 24
45.157.16.0/22 maxlen: 24
193.0.234.0/23 maxlen: 24
193.5.10.0/23 maxlen: 24
193.161.206.0/24 maxlen: 24
212.80.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:a6:4f:cc:41:79:87:4a:66:0a:27:a4:e7:d6:f9:f6:00:d2:19:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Mar 27 07:00:14 2024 GMT
Not After : Mar 26 07:05:14 2025 GMT
Subject: CN=DB39FBA2729FB2842ADB2B9CDA97D2178DDC6477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:72:8f:2b:bc:ff:5e:7b:02:5d:3c:2d:f3:09:
c5:aa:2c:cb:92:ad:21:b3:01:91:ff:d5:26:39:43:
dc:ae:b5:f2:d7:a5:50:2d:d5:07:d4:33:d1:a1:5d:
57:c0:b8:f3:ad:1b:b7:e3:b5:0d:81:f4:dd:a2:c9:
ed:74:f4:a4:b3:af:63:89:76:bb:e8:9f:ca:37:5d:
af:26:6c:55:78:2e:8b:ea:b1:97:e1:c9:fb:64:45:
96:91:a5:1b:70:63:42:7a:e1:f2:eb:46:12:8a:bc:
f0:24:fb:9e:c0:cb:1e:63:53:ff:c6:d9:04:4f:f5:
fb:a2:b5:73:10:b2:9b:ec:1b:82:3b:8b:f5:b4:1f:
43:7a:a2:32:03:b2:03:95:09:d5:18:a6:f1:19:89:
18:2a:68:42:f3:52:ee:ad:98:a3:6a:93:47:8f:af:
0d:98:56:cf:7c:d0:10:ae:f4:3f:98:45:27:52:7d:
9e:a0:55:2c:b6:1c:d3:80:9d:6e:61:de:31:9b:50:
61:a3:05:7d:d8:58:94:1f:2a:63:72:b9:b6:a7:3f:
e0:3f:26:2e:c7:76:49:2a:18:d1:ab:30:f4:d5:ec:
3f:d6:3c:99:11:d5:bc:39:d2:84:ce:f2:d2:84:37:
e0:17:f8:89:54:80:af:fe:a7:b1:9f:89:45:98:4c:
6d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:39:FB:A2:72:9F:B2:84:2A:DB:2B:9C:DA:97:D2:17:8D:DC:64:77
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS203020.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.176.0/22
45.140.236.0/22
45.157.16.0/22
193.0.234.0/23
193.5.10.0/23
193.161.206.0/24
212.80.192.0/22
Signature Algorithm: sha256WithRSAEncryption
75:06:56:eb:47:fb:0a:b7:ae:c9:55:95:c9:e7:ca:82:29:ef:
9f:41:9f:fd:1c:bb:02:cb:f9:8e:cb:8b:ef:3f:63:fe:9e:e2:
4e:16:27:32:53:6f:91:58:79:b0:1c:84:c5:6a:a0:e2:f4:40:
2d:6b:97:c0:4a:1e:da:8e:e1:09:cf:c1:09:35:bf:b1:75:84:
2a:00:2c:77:0b:6c:51:e6:1d:28:60:a4:47:1d:2d:d0:d0:59:
e6:2c:bf:16:95:bd:6a:bb:93:55:1c:79:33:c5:5d:7f:51:b3:
90:87:43:45:72:87:42:9b:59:33:68:a0:67:46:b5:75:f7:44:
97:6b:17:78:14:cd:12:e5:b0:c0:33:42:81:75:f1:af:f5:4b:
e3:d3:bf:52:dc:8f:32:65:1f:ab:8c:31:35:37:46:9e:40:4c:
de:95:11:c0:61:2f:70:b2:d8:8f:ae:06:7c:9b:72:84:7f:07:
e2:25:fe:4a:e4:54:82:ae:6f:94:a0:e2:28:38:2c:e0:01:b2:
92:e9:dc:52:42:71:7b:96:cd:94:46:67:b4:e8:e3:5c:87:44:
d8:8f:4a:fa:84:97:a5:59:bb:be:73:bb:26:bb:5d:dd:24:4d:
9e:47:1a:e4:a8:bc:7f:1b:13:66:3c:04:b7:1e:24:bf:31:06:
79:7c:c0:c1
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUGKZPzEF5h0pmCiek59b59gDSGUEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNDAzMjcwNzAwMTRaFw0yNTAzMjYwNzA1MTRaMDMxMTAvBgNV
BAMTKERCMzlGQkEyNzI5RkIyODQyQURCMkI5Q0RBOTdEMjE3OEREQzY0NzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjco8rvP9eewJdPC3zCcWqLMuS
rSGzAZH/1SY5Q9yutfLXpVAt1QfUM9GhXVfAuPOtG7fjtQ2B9N2iye109KSzr2OJ
drvon8o3Xa8mbFV4LovqsZfhyftkRZaRpRtwY0J64fLrRhKKvPAk+57Ayx5jU//G
2QRP9fuitXMQspvsG4I7i/W0H0N6ojIDsgOVCdUYpvEZiRgqaELzUu6tmKNqk0eP
rw2YVs980BCu9D+YRSdSfZ6gVSy2HNOAnW5h3jGbUGGjBX3YWJQfKmNyubanP+A/
Ji7HdkkqGNGrMPTV7D/WPJkR1bw50oTO8tKEN+AX+IlUgK/+p7GfiUWYTG0fAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQU2zn7onKfsoQq2yuc2pfSF43cZHcwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjAzMDIwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCAjmw
AwQCLYzsAwQCLZ0QAwQBwQDqAwQBwQUKAwQAwaHOAwQC1FDAMA0GCSqGSIb3DQEB
CwUAA4IBAQB1BlbrR/sKt67JVZXJ58qCKe+fQZ/9HLsCy/mOy4vvP2P+nuJOFicy
U2+RWHmwHITFaqDi9EAta5fASh7ajuEJz8EJNb+xdYQqACx3C2xR5h0oYKRHHS3Q
0FnmLL8Wlb1qu5NVHHkzxV1/UbOQh0NFcodCm1kzaKBnRrV190SXaxd4FM0S5bDA
M0KBdfGv9Uvj079S3I8yZR+rjDE1N0aeQEzelRHAYS9wstiPrgZ8m3KEfwfiJf5K
5FSCrm+UoOIoOCzgAbKS6dxSQnF7ls2URme06ONch0TYj0r6hJelWbu+c7smu13d
JE2eRxrkqLx/GxNmPAS3HiS/MQZ5fMDB
-----END CERTIFICATE-----
Generated at Mon May 20 13:47:03 2024 by rpki-client on console-ams.rpki-client.org