Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS203020.roa
File: AS203020.roa (raw, json)
Hash identifier: i5syEXg5y8BrGI3iCiZwgZ68TkJXbNiPrIGJPlLj/KM=
Subject key identifier: AA:A5:9F:88:D4:72:59:22:D5:F2:F2:A5:0B:41:BA:E8:91:A7:5E:85
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 4850E06D317587483F5EB8BBE577410BF7DAB143
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS203020.roa
Signing time: Thu 23 May 2024 10:29:10 +0000
ROA not before: Thu 23 May 2024 10:24:10 +0000
ROA not after: Thu 22 May 2025 10:29:10 +0000
asID: 203020
IP address blocks: 2.57.176.0/22 maxlen: 24
45.140.236.0/22 maxlen: 24
193.0.234.0/23 maxlen: 24
193.5.10.0/23 maxlen: 24
193.161.206.0/24 maxlen: 24
212.80.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:50:e0:6d:31:75:87:48:3f:5e:b8:bb:e5:77:41:0b:f7:da:b1:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: May 23 10:24:10 2024 GMT
Not After : May 22 10:29:10 2025 GMT
Subject: CN=AAA59F88D4725922D5F2F2A50B41BAE891A75E85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:43:09:93:b1:fa:b3:c8:6f:62:20:f3:01:33:
60:25:1a:89:d2:c6:fa:8c:59:7a:2d:f2:85:1d:97:
39:6b:26:79:b5:a8:74:0f:20:95:ef:3e:c7:ea:2c:
80:0d:e5:91:aa:8e:30:9e:66:12:c6:fa:bd:55:9f:
42:d6:78:e7:32:11:f1:c8:ef:54:97:55:cd:c8:c8:
bf:04:10:71:74:76:46:73:b9:db:42:34:eb:2a:c5:
b3:f8:c5:9e:8b:e9:bb:eb:b6:c0:51:9d:55:cc:d5:
ed:51:ab:85:d4:f7:75:64:2e:5e:0c:5b:2b:e6:0d:
37:c4:e8:d4:0f:97:55:01:0b:f6:cf:80:44:f2:64:
34:49:36:42:7d:8f:d5:97:e6:c8:9f:78:37:1c:3b:
74:a2:80:d6:42:75:c1:bd:c7:d0:a4:ef:c7:89:71:
9f:f0:a7:1d:af:e2:83:cc:5a:6e:62:67:10:96:d9:
c8:4d:6f:fb:bb:4c:a4:ce:a8:8a:93:79:16:50:7e:
df:9c:81:75:fd:b9:ed:2a:ce:a1:12:6b:ce:65:d1:
a1:74:1f:ba:19:18:91:f0:ca:1b:58:d5:d8:28:1a:
3c:0c:23:2f:ca:f7:21:c8:6d:e7:89:47:0f:76:57:
50:62:a2:d9:b6:e6:e3:d3:f2:91:fb:92:aa:a5:8a:
86:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:A5:9F:88:D4:72:59:22:D5:F2:F2:A5:0B:41:BA:E8:91:A7:5E:85
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS203020.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.176.0/22
45.140.236.0/22
193.0.234.0/23
193.5.10.0/23
193.161.206.0/24
212.80.192.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:18:c4:9b:82:4e:2f:58:87:87:7b:e6:1d:15:20:09:5f:be:
09:6b:c7:64:e0:92:d6:8c:bd:01:17:0b:50:27:b8:3c:dc:e4:
8a:cc:32:e9:d0:62:75:d0:96:01:ed:7a:dc:77:2b:7e:1c:fe:
6f:80:38:b8:b1:d8:e4:7d:e8:23:70:c8:a8:4c:a8:74:61:06:
33:14:0a:20:2c:d6:49:e6:97:7c:be:45:ac:fa:4a:d8:41:98:
e7:be:0a:4d:f0:71:4b:f6:67:8a:31:a4:47:dd:46:f4:d4:ff:
10:5e:20:e2:a9:96:be:9c:20:ee:c7:25:a8:fb:0a:c9:8b:48:
28:f8:21:d8:65:fb:c7:52:a3:ca:fe:e6:08:10:43:a2:da:51:
52:30:fa:ad:d7:af:5c:80:eb:7d:8d:21:69:9e:cc:3e:0d:15:
5e:4d:82:13:bb:57:c4:72:29:2a:93:77:90:f5:f0:44:35:db:
48:a0:40:e8:8e:2f:6a:19:96:1c:79:1f:3f:1d:97:87:29:73:
f8:fa:37:6b:9b:27:c3:f9:2e:4b:b2:8c:c0:f5:76:72:b6:47:
4f:a1:6f:e5:b3:38:bf:91:89:7a:9c:13:9e:df:1d:94:b1:74:
d6:17:3f:fa:10:0e:97:c1:4e:8f:56:8a:e0:43:a6:bf:b5:38:
46:aa:14:33
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUSFDgbTF1h0g/Xri75XdBC/fasUMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNDA1MjMxMDI0MTBaFw0yNTA1MjIxMDI5MTBaMDMxMTAvBgNV
BAMTKEFBQTU5Rjg4RDQ3MjU5MjJENUYyRjJBNTBCNDFCQUU4OTFBNzVFODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpQwmTsfqzyG9iIPMBM2AlGonS
xvqMWXot8oUdlzlrJnm1qHQPIJXvPsfqLIAN5ZGqjjCeZhLG+r1Vn0LWeOcyEfHI
71SXVc3IyL8EEHF0dkZzudtCNOsqxbP4xZ6L6bvrtsBRnVXM1e1Rq4XU93VkLl4M
WyvmDTfE6NQPl1UBC/bPgETyZDRJNkJ9j9WX5sifeDccO3SigNZCdcG9x9Ck78eJ
cZ/wpx2v4oPMWm5iZxCW2chNb/u7TKTOqIqTeRZQft+cgXX9ue0qzqESa85l0aF0
H7oZGJHwyhtY1dgoGjwMIy/K9yHIbeeJRw92V1Biotm25uPT8pH7kqqlioYVAgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQUqqWfiNRyWSLV8vKlC0G66JGnXoUwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjAzMDIwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCAjmw
AwQCLYzsAwQBwQDqAwQBwQUKAwQAwaHOAwQC1FDAMA0GCSqGSIb3DQEBCwUAA4IB
AQCoGMSbgk4vWIeHe+YdFSAJX74Ja8dk4JLWjL0BFwtQJ7g83OSKzDLp0GJ10JYB
7Xrcdyt+HP5vgDi4sdjkfegjcMioTKh0YQYzFAogLNZJ5pd8vkWs+krYQZjnvgpN
8HFL9meKMaRH3Ub01P8QXiDiqZa+nCDuxyWo+wrJi0go+CHYZfvHUqPK/uYIEEOi
2lFSMPqt169cgOt9jSFpnsw+DRVeTYITu1fEcikqk3eQ9fBENdtIoEDoji9qGZYc
eR8/HZeHKXP4+jdrmyfD+S5LsozA9XZytkdPoW/lszi/kYl6nBOe3x2UsXTWFz/6
EA6XwU6PVorgQ6a/tThGqhQz
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:14:42 2024 by rpki-client on console-fra.rpki-client.org