Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: DdEy1IqkItsI+N7OMq/YQ3+UkuQrwJGIuZeHzHAGDM4=
Subject key identifier: 87:5C:D8:4C:A3:71:59:80:73:5C:4D:BE:74:07:3C:30:20:FE:99:1A
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 59F0B3A1DFB1E240BF6ACF6E7CCE41D73433B446
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS212238.roa
Signing time: Thu 13 Feb 2025 10:41:55 +0000
ROA not before: Thu 13 Feb 2025 10:36:55 +0000
ROA not after: Thu 12 Feb 2026 10:41:55 +0000
asID: 212238
IP address blocks: 45.151.46.0/24 maxlen: 24
45.157.18.0/24 maxlen: 24
147.78.123.0/24 maxlen: 24
193.5.10.0/24 maxlen: 24
193.5.11.0/24 maxlen: 24
193.29.98.0/24 maxlen: 24
193.111.116.0/24 maxlen: 24
193.142.22.0/24 maxlen: 24
194.5.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 16:49:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:f0:b3:a1:df:b1:e2:40:bf:6a:cf:6e:7c:ce:41:d7:34:33:b4:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Feb 13 10:36:55 2025 GMT
Not After : Feb 12 10:41:55 2026 GMT
Subject: CN=875CD84CA3715980735C4DBE74073C3020FE991A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:af:4e:94:55:56:7c:bc:8a:d1:c3:28:d6:26:
3a:fb:71:2e:4e:7f:85:3a:71:02:8d:0f:14:5b:da:
b9:ef:28:89:94:25:6e:fc:0b:03:98:a6:af:a3:95:
a0:b1:96:3e:0e:60:1d:64:3b:3a:04:a2:d1:ec:c6:
c5:ee:51:49:5d:fb:a0:4a:d2:a4:e2:b2:99:9b:c5:
94:91:a9:aa:59:a7:db:43:65:e2:df:b2:36:6d:e7:
ed:c9:88:d3:79:dd:af:12:1a:19:b9:34:ad:92:a3:
dd:1a:18:79:64:23:99:a7:3c:ef:97:69:5d:1e:8c:
64:2b:a1:06:c1:b5:3e:55:28:95:c5:5d:af:6f:28:
5e:da:02:1d:63:31:0f:36:f4:e8:c6:00:6f:af:67:
9d:3f:89:c7:d7:c7:43:86:60:79:c1:71:63:d5:5b:
4c:45:72:84:d2:6e:9a:f9:7c:a0:6e:fb:75:79:2f:
9d:f4:80:80:9b:de:72:ce:db:59:bd:c9:8e:14:25:
37:6f:9c:b5:c2:b7:c5:48:f3:cd:3b:68:fd:ac:2d:
8a:d3:00:04:e1:50:ff:79:7e:ef:53:b9:19:37:5b:
7e:68:0a:c6:0e:67:8b:16:7c:f3:a3:d6:ec:cc:6c:
12:bd:c3:86:4a:13:fd:73:7a:72:80:a8:31:b5:87:
1c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:5C:D8:4C:A3:71:59:80:73:5C:4D:BE:74:07:3C:30:20:FE:99:1A
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.46.0/24
45.157.18.0/24
147.78.123.0/24
193.5.10.0/23
193.29.98.0/24
193.111.116.0/24
193.142.22.0/24
194.5.148.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:9c:45:5d:bf:f1:6b:65:94:d4:9e:eb:1d:20:8e:55:00:f4:
9f:ed:9d:08:91:ea:5d:eb:5b:17:ac:24:13:e0:c6:74:f8:1c:
5e:0e:57:76:6a:27:a4:4e:d0:3d:cd:6e:1f:12:70:5c:4d:f4:
6d:5c:f3:c2:7e:3f:54:89:02:f0:4c:d8:10:7d:92:37:aa:f4:
e5:0e:74:21:7d:11:08:e6:92:8a:b1:0c:68:a6:62:a6:6b:01:
0f:fb:fa:40:f7:d2:50:c9:1e:64:45:f9:ef:5e:3e:43:4b:d4:
c2:04:29:4f:c4:04:1b:3e:28:2f:47:ec:73:4f:b4:5e:dd:8d:
97:02:8b:7f:7a:26:f2:35:58:5b:93:8f:c6:df:ea:b7:24:c4:
3b:e0:bf:08:f1:a7:38:44:4e:ba:cc:4a:77:4a:e9:9d:ec:f1:
30:9b:35:e8:a6:2a:de:74:20:81:9a:86:90:b2:f1:31:e6:3e:
24:63:30:6e:aa:26:02:5f:3d:08:f0:f1:c1:fa:06:90:1d:0f:
eb:31:34:0c:ea:e1:d8:9c:49:e6:0b:d3:d2:90:eb:af:21:8f:
a9:51:b0:72:16:34:05:08:60:26:d9:6a:80:9c:ed:57:e7:f2:
e1:ff:8f:91:6d:51:80:6b:a3:54:2b:53:ee:0a:9d:64:49:dd:
1c:1c:dd:09
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUWfCzod+x4kC/as9ufM5B1zQztEYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNTAyMTMxMDM2NTVaFw0yNjAyMTIxMDQxNTVaMDMxMTAvBgNV
BAMTKDg3NUNEODRDQTM3MTU5ODA3MzVDNERCRTc0MDczQzMwMjBGRTk5MUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTr06UVVZ8vIrRwyjWJjr7cS5O
f4U6cQKNDxRb2rnvKImUJW78CwOYpq+jlaCxlj4OYB1kOzoEotHsxsXuUUld+6BK
0qTispmbxZSRqapZp9tDZeLfsjZt5+3JiNN53a8SGhm5NK2So90aGHlkI5mnPO+X
aV0ejGQroQbBtT5VKJXFXa9vKF7aAh1jMQ829OjGAG+vZ50/icfXx0OGYHnBcWPV
W0xFcoTSbpr5fKBu+3V5L530gICb3nLO21m9yY4UJTdvnLXCt8VI8807aP2sLYrT
AAThUP95fu9TuRk3W35oCsYOZ4sWfPOj1uzMbBK9w4ZKE/1zenKAqDG1hxytAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUh1zYTKNxWYBzXE2+dAc8MCD+mRowHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALZcu
AwQALZ0SAwQAk057AwQBwQUKAwQAwR1iAwQAwW90AwQAwY4WAwQAwgWUMA0GCSqG
SIb3DQEBCwUAA4IBAQDNnEVdv/FrZZTUnusdII5VAPSf7Z0Ikepd61sXrCQT4MZ0
+BxeDld2aiekTtA9zW4fEnBcTfRtXPPCfj9UiQLwTNgQfZI3qvTlDnQhfREI5pKK
sQxopmKmawEP+/pA99JQyR5kRfnvXj5DS9TCBClPxAQbPigvR+xzT7Re3Y2XAot/
eibyNVhbk4/G3+q3JMQ74L8I8ac4RE66zEp3Sumd7PEwmzXopiredCCBmoaQsvEx
5j4kYzBuqiYCXz0I8PHB+gaQHQ/rMTQM6uHYnEnmC9PSkOuvIY+pUbByFjQFCGAm
2WqAnO1X5/Lh/4+RbVGAa6NUK1PuCp1kSd0cHN0J
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:20:29 2025 by rpki-client