Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: Jkt6vI/wLoggll7pq32AUFhJ4y3YByz5ZhnmFqP4pjo=
Subject key identifier: F4:34:62:52:9F:34:21:D6:33:7C:A1:1A:81:28:45:2A:AD:E6:EA:3C
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 527055A47CF9B9D996D2B1058427AAEE7FB81DEA
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS212238.roa
Signing time: Mon 11 Nov 2024 00:01:08 +0000
ROA not before: Sun 10 Nov 2024 23:56:08 +0000
ROA not after: Mon 10 Nov 2025 00:01:08 +0000
asID: 212238
IP address blocks: 45.151.46.0/24 maxlen: 24
193.111.116.0/24 maxlen: 24
193.142.22.0/24 maxlen: 24
194.5.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:70:55:a4:7c:f9:b9:d9:96:d2:b1:05:84:27:aa:ee:7f:b8:1d:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Nov 10 23:56:08 2024 GMT
Not After : Nov 10 00:01:08 2025 GMT
Subject: CN=F43462529F3421D6337CA11A8128452AADE6EA3C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:96:36:ad:70:62:ec:be:31:58:96:d3:8a:10:
b0:5d:f8:b3:6f:99:c2:a2:95:76:f8:c2:b2:26:7d:
32:b2:6b:f9:b8:bb:a3:38:90:86:53:70:d5:ab:56:
27:93:81:e5:65:4c:14:26:6c:2a:44:8a:fe:c3:5b:
ff:62:b9:2d:c5:c2:3f:57:72:5d:58:d1:c1:37:0e:
70:97:78:09:a8:51:d2:9b:8b:6f:4b:ce:a4:b9:3e:
63:c8:f0:28:c6:11:b8:35:e7:80:d5:aa:f8:83:b5:
51:e8:a3:a2:4c:f1:57:b3:3f:e9:d5:97:4a:a9:06:
be:0c:36:58:3e:40:e2:f2:44:e2:62:40:d0:5a:f4:
fd:33:3e:70:67:ea:ca:c7:ed:13:b8:f2:0f:b9:87:
cd:3d:e0:c4:9a:8f:2a:9b:6b:fb:bf:62:04:5a:48:
b6:e4:8e:eb:db:9f:bc:fd:40:25:a1:a7:3e:0b:86:
21:9a:5b:c2:da:6d:98:b7:db:81:24:ad:33:ed:63:
9e:f2:0b:f9:57:35:d2:58:7e:03:49:18:26:95:93:
80:3e:91:1a:53:b4:ae:f0:59:c4:91:fb:a5:45:3b:
05:cd:ff:74:e8:5f:df:ba:3a:83:dc:c5:49:5a:b3:
66:a4:0a:55:72:c4:8a:0c:d6:ae:de:a0:37:a7:8b:
a9:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:34:62:52:9F:34:21:D6:33:7C:A1:1A:81:28:45:2A:AD:E6:EA:3C
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.46.0/24
193.111.116.0/24
193.142.22.0/24
194.5.148.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:79:fe:4a:84:ad:00:90:3c:47:cd:f4:d9:86:0a:30:03:1f:
f0:2a:2f:9e:e8:0c:18:46:f7:b3:3d:2d:2d:9f:84:ce:48:bb:
d2:35:f5:a8:9c:aa:a6:56:f1:cb:f4:d7:9f:d4:c3:f8:3d:b5:
d2:ad:de:cb:1d:9b:15:a7:4e:a9:c9:36:bd:25:3f:dd:bf:c4:
da:38:ae:34:d2:a4:e1:28:3c:97:cf:3b:02:9a:3d:b4:9d:3e:
f9:56:8f:3f:59:01:ee:fe:fb:d5:e5:c8:8a:45:19:7f:8b:bc:
e6:25:49:46:8f:fa:94:bf:50:57:15:83:5c:48:49:72:73:d4:
c3:e1:b3:6e:fe:97:c1:8f:c9:e4:68:c0:6d:bf:26:82:32:dd:
46:b4:ec:b1:0f:5d:7e:ea:79:eb:3d:33:9f:50:ce:b3:82:b7:
ce:c4:8d:05:89:67:69:c3:6e:b5:fb:91:06:36:de:b7:20:bb:
83:7e:21:1e:d0:61:8c:9f:7b:ea:18:94:f6:8b:89:6f:68:2f:
69:54:75:9d:94:a7:49:60:b9:a9:ae:3a:d4:4c:41:63:15:f5:
44:46:61:c6:08:39:51:1b:5d:7c:8e:7a:de:5e:15:86:64:8e:
dd:2f:6f:12:ca:47:49:15:28:89:31:95:5b:16:dd:b3:13:90:
07:99:1b:74
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUUnBVpHz5udmW0rEFhCeq7n+4HeowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNDExMTAyMzU2MDhaFw0yNTExMTAwMDAxMDhaMDMxMTAvBgNV
BAMTKEY0MzQ2MjUyOUYzNDIxRDYzMzdDQTExQTgxMjg0NTJBQURFNkVBM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGljatcGLsvjFYltOKELBd+LNv
mcKilXb4wrImfTKya/m4u6M4kIZTcNWrVieTgeVlTBQmbCpEiv7DW/9iuS3Fwj9X
cl1Y0cE3DnCXeAmoUdKbi29LzqS5PmPI8CjGEbg154DVqviDtVHoo6JM8VezP+nV
l0qpBr4MNlg+QOLyROJiQNBa9P0zPnBn6srH7RO48g+5h8094MSajyqba/u/YgRa
SLbkjuvbn7z9QCWhpz4LhiGaW8LabZi324EkrTPtY57yC/lXNdJYfgNJGCaVk4A+
kRpTtK7wWcSR+6VFOwXN/3ToX9+6OoPcxUlas2akClVyxIoM1q7eoDeni6kTAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQU9DRiUp80IdYzfKEagShFKq3m6jwwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZcu
AwQAwW90AwQAwY4WAwQAwgWUMA0GCSqGSIb3DQEBCwUAA4IBAQA/ef5KhK0AkDxH
zfTZhgowAx/wKi+e6AwYRvezPS0tn4TOSLvSNfWonKqmVvHL9Nef1MP4PbXSrd7L
HZsVp06pyTa9JT/dv8TaOK400qThKDyXzzsCmj20nT75Vo8/WQHu/vvV5ciKRRl/
i7zmJUlGj/qUv1BXFYNcSElyc9TD4bNu/pfBj8nkaMBtvyaCMt1GtOyxD11+6nnr
PTOfUM6zgrfOxI0FiWdpw261+5EGNt63ILuDfiEe0GGMn3vqGJT2i4lvaC9pVHWd
lKdJYLmprjrUTEFjFfVERmHGCDlRG118jnreXhWGZI7dL28SykdJFSiJMZVbFt2z
E5AHmRt0
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:15:23 2024 by rpki-client on console-ams.rpki-client.org