Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS211373.roa
File: AS211373.roa (raw, json)
Hash identifier: wuP0WSqoDIC7xAU8ydnVt4r0lQ0qWWhtKSw2PI2B84M=
Subject key identifier: 15:94:C4:8B:11:F3:DC:71:32:19:B0:3B:DA:F4:5B:36:43:8F:CF:3A
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 373DF592938BBFECCC17A2DBED78A18BF1CEEA0C
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS211373.roa
Signing time: Wed 04 Sep 2024 12:05:20 +0000
ROA not before: Wed 04 Sep 2024 12:00:20 +0000
ROA not after: Wed 03 Sep 2025 12:05:20 +0000
asID: 211373
IP address blocks: 45.149.100.0/24 maxlen: 24
45.149.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Dec 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:3d:f5:92:93:8b:bf:ec:cc:17:a2:db:ed:78:a1:8b:f1:ce:ea:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Sep 4 12:00:20 2024 GMT
Not After : Sep 3 12:05:20 2025 GMT
Subject: CN=1594C48B11F3DC713219B03BDAF45B36438FCF3A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7f:fc:3d:e3:44:73:a7:3c:d9:ed:ce:f5:03:
26:ed:6d:72:56:ef:4e:88:f4:84:16:28:0f:35:94:
ae:d3:73:d8:60:02:d7:df:67:1e:2d:35:0d:36:06:
63:eb:2b:08:5d:12:d6:08:75:d5:0f:6a:0d:95:88:
e4:c1:25:d2:53:8a:a6:77:17:da:f6:cd:99:ee:fd:
3f:df:ed:3b:4c:ec:34:1e:ec:87:ef:30:f1:72:5a:
9e:a6:2f:6b:1f:4a:88:7c:32:f1:d1:bf:55:37:4f:
c4:84:f7:ac:81:ce:f1:02:be:62:c8:a7:07:d8:dc:
2a:eb:c3:36:23:51:f3:8a:56:5b:6f:b4:c8:48:3a:
4d:52:5f:ac:fb:78:ae:4a:8d:90:61:11:f7:a6:cf:
6c:c2:d0:56:98:38:40:7c:69:c4:c2:73:d8:75:15:
3b:72:c6:e4:16:13:c9:f0:c8:80:7e:8a:02:78:8c:
3d:84:78:0f:16:d7:f7:c6:67:f3:64:ad:ba:93:15:
4b:a9:67:34:2a:24:37:32:06:1d:e7:76:fa:c1:d9:
e8:cf:e8:40:86:80:de:24:72:9b:72:27:43:92:40:
1f:47:08:ff:05:90:cb:ea:45:6b:ab:f6:3c:e5:85:
11:44:61:3c:3d:3d:79:3e:c2:52:f5:5d:ee:6f:52:
60:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:94:C4:8B:11:F3:DC:71:32:19:B0:3B:DA:F4:5B:36:43:8F:CF:3A
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS211373.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.100.0/24
45.149.102.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:fc:41:5a:8b:e1:8c:50:c9:d2:ed:12:4a:5e:e8:97:69:8d:
5b:26:4d:e1:e4:94:b7:6b:40:cf:52:3a:fc:17:91:c5:c8:45:
d8:ee:2d:e1:7d:b4:e8:8b:56:c9:06:1d:dc:40:3c:07:0b:18:
2c:cf:8d:4f:e0:b1:0f:db:7c:9d:52:7f:fd:6d:e4:19:02:cf:
fc:87:75:79:47:24:53:49:cd:db:8e:5d:b3:9b:d8:36:a3:71:
34:e8:d2:47:61:08:cd:9d:13:ce:1c:87:6c:b6:8e:bd:06:f3:
6a:fb:0f:61:ff:ce:aa:9f:5a:22:af:31:1b:c5:99:3e:c7:8a:
2c:a5:c4:f3:f3:e3:3d:24:f3:d2:56:89:09:90:78:8c:e5:14:
2b:cc:85:1c:1b:3e:d3:d0:b8:89:1c:35:8e:c3:ec:15:ba:fd:
92:8c:e0:df:d2:f6:1d:e1:04:50:7c:f4:76:47:9b:6b:82:c8:
71:13:e7:d0:b1:cc:6d:43:98:7b:53:8f:3c:77:19:e1:e7:2f:
db:d8:a1:bf:93:67:c7:b5:64:d0:3f:d0:e2:be:4f:ce:2f:31:
d8:86:bb:e9:7e:34:7f:b1:2e:b2:16:fe:82:e0:f7:a2:cc:3f:
29:f9:84:7a:0d:c5:40:3a:11:61:03:b2:72:8c:41:29:89:81:
b3:13:29:89
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUNz31kpOLv+zMF6Lb7Xihi/HO6gwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNDA5MDQxMjAwMjBaFw0yNTA5MDMxMjA1MjBaMDMxMTAvBgNV
BAMTKDE1OTRDNDhCMTFGM0RDNzEzMjE5QjAzQkRBRjQ1QjM2NDM4RkNGM0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWf/w940RzpzzZ7c71AybtbXJW
706I9IQWKA81lK7Tc9hgAtffZx4tNQ02BmPrKwhdEtYIddUPag2ViOTBJdJTiqZ3
F9r2zZnu/T/f7TtM7DQe7IfvMPFyWp6mL2sfSoh8MvHRv1U3T8SE96yBzvECvmLI
pwfY3CrrwzYjUfOKVltvtMhIOk1SX6z7eK5KjZBhEfemz2zC0FaYOEB8acTCc9h1
FTtyxuQWE8nwyIB+igJ4jD2EeA8W1/fGZ/NkrbqTFUupZzQqJDcyBh3ndvrB2ejP
6ECGgN4kcptyJ0OSQB9HCP8FkMvqRWur9jzlhRFEYTw9PXk+wlL1Xe5vUmB3AgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUFZTEixHz3HEyGbA72vRbNkOPzzowHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjExMzczLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZVk
AwQALZVmMA0GCSqGSIb3DQEBCwUAA4IBAQCn/EFai+GMUMnS7RJKXuiXaY1bJk3h
5JS3a0DPUjr8F5HFyEXY7i3hfbToi1bJBh3cQDwHCxgsz41P4LEP23ydUn/9beQZ
As/8h3V5RyRTSc3bjl2zm9g2o3E06NJHYQjNnRPOHIdsto69BvNq+w9h/86qn1oi
rzEbxZk+x4ospcTz8+M9JPPSVokJkHiM5RQrzIUcGz7T0LiJHDWOw+wVuv2SjODf
0vYd4QRQfPR2R5trgshxE+fQscxtQ5h7U488dxnh5y/b2KG/k2fHtWTQP9Divk/O
LzHYhrvpfjR/sS6yFv6C4PeizD8p+YR6DcVAOhFhA7JyjEEpiYGzEymJ
-----END CERTIFICATE-----
Generated at Fri Dec 13 14:11:20 2024 by rpki-client on console-fra.rpki-client.org