Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: YoRRkLj+4mk1QGA6V7clMqfgYwWQt6MbWWW3ak9kH8I=
Subject key identifier: 32:9E:FA:6C:0F:C5:4A:7D:F7:93:78:75:9C:53:BF:55:8A:04:E2:34
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 7205AFD6B47ABDBCB2E52C943F293D10BC7AB547
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS20473.roa
Signing time: Mon 14 Oct 2024 16:10:21 +0000
ROA not before: Mon 14 Oct 2024 16:05:21 +0000
ROA not after: Mon 13 Oct 2025 16:10:21 +0000
asID: 20473
IP address blocks: 45.146.80.0/24 maxlen: 24
45.152.242.0/24 maxlen: 24
45.154.106.0/24 maxlen: 24
45.155.17.0/24 maxlen: 24
91.199.172.0/24 maxlen: 24
147.78.123.0/24 maxlen: 24
193.25.207.0/24 maxlen: 24
193.164.1.0/24 maxlen: 24
194.104.158.0/24 maxlen: 24
194.147.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:05:af:d6:b4:7a:bd:bc:b2:e5:2c:94:3f:29:3d:10:bc:7a:b5:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Oct 14 16:05:21 2024 GMT
Not After : Oct 13 16:10:21 2025 GMT
Subject: CN=329EFA6C0FC54A7DF79378759C53BF558A04E234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ec:66:48:70:50:6f:32:e6:99:20:29:a4:f1:
3b:de:55:90:30:76:e7:a6:85:b4:79:24:1a:66:a0:
60:86:19:74:09:e1:4f:8c:29:69:31:40:58:b1:73:
86:39:9e:14:84:06:25:00:6e:11:e3:f9:3c:04:17:
31:3d:60:af:36:a1:9f:5c:a7:11:9f:39:04:1d:3a:
c0:10:ce:fd:25:c8:48:50:4e:e8:65:b0:fd:7a:ee:
71:50:1c:26:d8:69:d7:a1:b6:3e:ac:d3:42:b2:3c:
94:bf:f3:98:a8:96:03:d4:e8:11:dc:9c:aa:fd:19:
0b:58:26:6f:7e:45:97:52:b2:f2:dd:df:0a:5b:23:
98:8d:48:a7:ef:c9:e3:f3:1f:e8:26:db:0e:84:f2:
73:28:58:39:d5:a8:64:35:fb:df:74:f0:9f:1e:d2:
e4:1c:0b:d2:57:f5:e0:8b:e6:37:d6:5e:c6:fb:11:
64:cd:9e:a0:5b:90:0f:ce:92:a3:cd:c4:e1:f2:ef:
90:41:49:f0:08:7d:5d:0b:8e:d0:98:91:ab:cd:00:
2e:d8:06:f4:68:ce:39:df:3e:71:d4:7c:4b:b9:ba:
a3:f3:51:76:48:a3:e5:79:4b:7f:64:ca:93:cc:63:
80:a3:29:94:11:5f:5b:6b:78:53:f6:66:26:ec:ab:
87:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:9E:FA:6C:0F:C5:4A:7D:F7:93:78:75:9C:53:BF:55:8A:04:E2:34
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.80.0/24
45.152.242.0/24
45.154.106.0/24
45.155.17.0/24
91.199.172.0/24
147.78.123.0/24
193.25.207.0/24
193.164.1.0/24
194.104.158.0/24
194.147.4.0/24
Signature Algorithm: sha256WithRSAEncryption
83:b3:c1:a5:5c:09:3b:87:bc:f9:c8:db:d9:af:d6:e9:53:4f:
84:71:eb:0f:1d:f4:38:4a:32:81:fd:df:1a:73:d7:7d:b1:f6:
5d:cc:cc:74:65:c5:48:dd:00:cb:96:2b:fa:c4:e3:1f:28:cf:
91:26:b5:56:1b:49:48:e9:11:b0:bd:c4:33:27:ae:8c:75:08:
17:1b:68:4c:e7:dc:91:31:c3:3a:f9:44:77:44:38:b5:d9:47:
be:8f:34:91:4d:f3:c0:5d:ea:39:1a:c1:2f:93:14:43:a6:28:
48:57:54:40:bd:b6:6b:ef:d1:c4:66:a5:7f:e3:74:03:d0:cf:
57:29:3a:88:30:2c:d9:88:da:ba:8b:3c:d4:4f:3d:12:f4:1b:
79:ef:69:56:f8:45:00:ff:44:25:59:a7:6f:94:b0:6c:ac:b4:
d1:5a:6f:e0:97:84:c1:77:0a:2f:21:05:61:e9:87:59:4d:a2:
62:41:f4:ab:9b:2f:ea:43:1c:c6:b8:0d:d2:fb:16:a8:c7:c4:
2f:65:c1:56:74:f2:6a:df:49:67:76:36:d1:3b:e8:23:53:b8:
04:2d:39:e7:ea:01:a7:1c:56:89:9d:dc:dc:dd:f8:f5:5d:f0:
2c:8e:d6:11:96:d9:9a:d2:a7:75:6a:9e:a4:24:e3:14:3e:fc:
99:7c:bc:22
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcgWv1rR6vbyy5SyUPyk9ELx6tUcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNDEwMTQxNjA1MjFaFw0yNTEwMTMxNjEwMjFaMDMxMTAvBgNV
BAMTKDMyOUVGQTZDMEZDNTRBN0RGNzkzNzg3NTlDNTNCRjU1OEEwNEUyMzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCd7GZIcFBvMuaZICmk8TveVZAw
duemhbR5JBpmoGCGGXQJ4U+MKWkxQFixc4Y5nhSEBiUAbhHj+TwEFzE9YK82oZ9c
pxGfOQQdOsAQzv0lyEhQTuhlsP167nFQHCbYadehtj6s00KyPJS/85iolgPU6BHc
nKr9GQtYJm9+RZdSsvLd3wpbI5iNSKfvyePzH+gm2w6E8nMoWDnVqGQ1+9908J8e
0uQcC9JX9eCL5jfWXsb7EWTNnqBbkA/OkqPNxOHy75BBSfAIfV0LjtCYkavNAC7Y
BvRozjnfPnHUfEu5uqPzUXZIo+V5S39kypPMY4CjKZQRX1treFP2Zibsq4dDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUMp76bA/FSn33k3h1nFO/VYoE4jQwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVQYIKwYBBQUHAQcBAf8ERjBEMEIEAgABMDwDBAAtklAD
BAAtmPIDBAAtmmoDBAAtmxEDBABbx6wDBACTTnsDBADBGc8DBADBpAEDBADCaJ4D
BADCkwQwDQYJKoZIhvcNAQELBQADggEBAIOzwaVcCTuHvPnI29mv1ulTT4Rx6w8d
9DhKMoH93xpz132x9l3MzHRlxUjdAMuWK/rE4x8oz5EmtVYbSUjpEbC9xDMnrox1
CBcbaEzn3JExwzr5RHdEOLXZR76PNJFN88Bd6jkawS+TFEOmKEhXVEC9tmvv0cRm
pX/jdAPQz1cpOogwLNmI2rqLPNRPPRL0G3nvaVb4RQD/RCVZp2+UsGystNFab+CX
hMF3Ci8hBWHph1lNomJB9KubL+pDHMa4DdL7FqjHxC9lwVZ08mrfSWd2NtE76CNT
uAQtOefqAaccVomd3Nzd+PVd8CyO1hGW2ZrSp3VqnqQk4xQ+/Jl8vCI=
-----END CERTIFICATE-----
Generated at Sun Nov 24 08:39:48 2024 by rpki-client on console-ams.rpki-client.org