Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS211439.roa
File: AS211439.roa (raw, json)
Hash identifier: Rj06j7mDJ/Iqil/EZ+UOJ2lnLIUej3lMeFiKLKTRu9w=
Subject key identifier: 9B:92:C4:16:D5:BB:03:E6:90:F9:95:90:FF:D5:09:D9:D3:5D:F5:DA
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 0B4F9DD33841BE6B2FBB12433B1D7FED58C15FF7
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS211439.roa
Signing time: Wed 24 Jan 2024 16:33:10 +0000
ROA not before: Wed 24 Jan 2024 16:28:10 +0000
ROA not after: Wed 22 Jan 2025 16:33:10 +0000
asID: 211439
IP address blocks: 194.113.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:4f:9d:d3:38:41:be:6b:2f:bb:12:43:3b:1d:7f:ed:58:c1:5f:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Jan 24 16:28:10 2024 GMT
Not After : Jan 22 16:33:10 2025 GMT
Subject: CN=9B92C416D5BB03E690F99590FFD509D9D35DF5DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:c8:39:e6:e8:61:0a:d7:45:87:4f:91:0b:6c:
1e:99:67:cf:38:ef:b1:f2:6f:d4:0b:6f:92:1f:7f:
a7:c7:ab:34:d5:4e:42:95:90:b3:b1:0b:ab:58:5c:
98:a6:c4:7c:0c:7a:ab:02:4b:3f:12:a8:c0:c1:4d:
44:61:3d:c2:04:7d:57:b1:eb:c2:33:d1:3b:57:fb:
4a:d9:09:d8:bd:37:73:2c:23:0b:41:92:1f:39:ad:
21:3a:74:e0:52:85:62:80:8c:08:e1:31:bd:e2:4a:
8b:a6:7d:78:78:b2:1c:96:0f:19:9c:32:a1:b4:e5:
0e:61:a6:ed:91:13:54:45:34:05:ea:ba:c6:bf:9b:
f3:f3:49:3b:2c:1b:ae:bd:49:18:68:e2:19:8c:13:
ec:bf:bc:02:00:a8:2c:91:85:65:d3:cc:32:c7:73:
ed:5b:83:b7:7c:f9:df:69:96:d4:83:d5:42:23:cc:
d6:a2:88:7b:68:c1:ae:92:50:04:a8:b0:b5:2a:a9:
3e:5c:13:b0:42:59:ea:31:b8:e4:c2:33:cd:43:cf:
a2:9a:97:7d:0b:91:5b:1f:eb:dc:d3:13:a2:76:c3:
60:b5:11:af:24:8f:c9:ac:c9:00:1e:ed:0a:9c:42:
35:4d:51:e7:2a:41:e1:33:17:a7:74:6f:e0:80:2e:
f5:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:92:C4:16:D5:BB:03:E6:90:F9:95:90:FF:D5:09:D9:D3:5D:F5:DA
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS211439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.113.222.0/24
Signature Algorithm: sha256WithRSAEncryption
90:f4:55:58:23:0a:3d:84:fc:4f:b9:fb:c7:f3:0d:a3:b2:24:
74:3b:97:92:54:fb:9d:2d:4b:c7:98:c5:df:a9:bf:5d:06:4f:
f8:12:d8:73:13:9f:d6:d5:23:f1:7e:2e:7a:dd:1c:86:35:3c:
0d:e7:38:10:e4:f2:dd:26:5a:b4:51:e4:42:4b:7d:3e:da:cd:
48:3e:2e:95:a5:e0:69:4a:b9:69:e9:13:f5:e8:84:d7:f1:5f:
5d:80:24:98:15:f7:a7:b5:74:24:0f:40:a8:a0:39:28:e5:06:
00:ed:0d:2b:c6:f3:d8:bb:fa:18:66:ec:94:44:02:ca:3f:d5:
04:0e:da:d1:d5:6b:51:95:ae:b9:14:ff:11:81:82:d5:0c:21:
4a:25:b5:2c:16:e3:94:6b:02:bf:1c:3b:88:c0:05:bf:19:0a:
07:02:9c:e8:70:86:15:b2:03:09:58:20:63:70:e9:3c:01:a1:
b3:87:ac:bb:d9:28:91:2f:56:70:81:c7:45:85:19:5f:ed:f6:
96:02:78:62:06:7c:2b:1c:3d:41:a7:06:e7:9b:ed:30:12:5a:
ef:db:77:d0:e3:2c:90:c9:cd:15:a6:0a:ec:6a:b2:38:48:63:
f3:b1:49:f9:76:2e:3b:24:04:a0:23:5f:18:7d:24:3f:ac:8d:
d3:fe:28:36
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUC0+d0zhBvmsvuxJDOx1/7VjBX/cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNDAxMjQxNjI4MTBaFw0yNTAxMjIxNjMzMTBaMDMxMTAvBgNV
BAMTKDlCOTJDNDE2RDVCQjAzRTY5MEY5OTU5MEZGRDUwOUQ5RDM1REY1REEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeyDnm6GEK10WHT5ELbB6ZZ884
77Hyb9QLb5Iff6fHqzTVTkKVkLOxC6tYXJimxHwMeqsCSz8SqMDBTURhPcIEfVex
68Iz0TtX+0rZCdi9N3MsIwtBkh85rSE6dOBShWKAjAjhMb3iSoumfXh4shyWDxmc
MqG05Q5hpu2RE1RFNAXqusa/m/PzSTssG669SRho4hmME+y/vAIAqCyRhWXTzDLH
c+1bg7d8+d9pltSD1UIjzNaiiHtowa6SUASosLUqqT5cE7BCWeoxuOTCM81Dz6Ka
l30LkVsf69zTE6J2w2C1Ea8kj8msyQAe7QqcQjVNUecqQeEzF6d0b+CALvW5AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUm5LEFtW7A+aQ+ZWQ/9UJ2dNd9dowHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjExNDM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnHe
MA0GCSqGSIb3DQEBCwUAA4IBAQCQ9FVYIwo9hPxPufvH8w2jsiR0O5eSVPudLUvH
mMXfqb9dBk/4EthzE5/W1SPxfi563RyGNTwN5zgQ5PLdJlq0UeRCS30+2s1IPi6V
peBpSrlp6RP16ITX8V9dgCSYFfentXQkD0CooDko5QYA7Q0rxvPYu/oYZuyURALK
P9UEDtrR1WtRla65FP8RgYLVDCFKJbUsFuOUawK/HDuIwAW/GQoHApzocIYVsgMJ
WCBjcOk8AaGzh6y72SiRL1ZwgcdFhRlf7faWAnhiBnwrHD1Bpwbnm+0wElrv23fQ
4yyQyc0VpgrsarI4SGPzsUn5di47JASgI18YfSQ/rI3T/ig2
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:14:42 2024 by rpki-client on console-fra.rpki-client.org