Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS212335.roa
File: AS212335.roa (raw, json)
Hash identifier: 38K5UMfKX+caoBchJ/O+cVzQzvvDOoOrQadGMxaIgUA=
Subject key identifier: D5:E1:76:2F:03:8E:60:9B:00:83:4E:FA:A1:12:B8:0F:E5:03:09:05
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 0BA192B8B6ECF26B09FFD6F130411BF72F113F9C
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS212335.roa
Signing time: Wed 01 Jan 2025 12:53:51 +0000
ROA not before: Wed 01 Jan 2025 12:48:51 +0000
ROA not after: Wed 31 Dec 2025 12:53:51 +0000
asID: 212335
IP address blocks: 45.142.238.0/23 maxlen: 24
45.149.102.0/24 maxlen: 24
193.176.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 16:49:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:a1:92:b8:b6:ec:f2:6b:09:ff:d6:f1:30:41:1b:f7:2f:11:3f:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Jan 1 12:48:51 2025 GMT
Not After : Dec 31 12:53:51 2025 GMT
Subject: CN=D5E1762F038E609B00834EFAA112B80FE5030905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:dc:a0:e7:ab:1e:e8:6f:0f:72:a4:18:c5:e0:
ee:ec:48:94:2d:95:0a:11:2b:9c:ba:9e:6d:b8:4f:
3d:d7:05:72:d1:de:70:80:4a:32:96:94:47:03:11:
c8:7d:01:fc:d9:71:cd:8c:73:20:af:78:d5:fc:ba:
b0:e5:01:65:3f:82:2b:55:f3:bd:f5:08:ba:d3:0f:
fc:f7:2a:b0:3e:d6:9b:15:72:f4:7f:ac:45:58:58:
66:94:d4:ba:d7:db:2d:3f:28:6d:b4:70:96:ab:31:
c3:96:36:d0:b2:42:bc:58:34:47:ef:e8:3f:cf:9b:
c5:dc:0c:c9:bc:d1:cc:f9:97:1a:53:a2:25:ce:61:
8c:8c:bc:8d:ad:05:98:fe:01:8c:d1:95:92:02:aa:
c1:09:89:20:cd:b1:2d:94:a2:3c:75:1c:a3:10:54:
45:20:a9:49:97:f8:13:44:12:3f:18:73:41:47:97:
77:85:b6:d8:e8:74:f2:c6:20:fe:fe:a1:50:5a:0a:
e7:57:a4:6f:08:68:33:6f:d4:5a:95:3a:0b:39:48:
2e:1a:c8:80:c2:3e:5b:9a:c7:de:ca:57:a2:35:6a:
75:42:6d:a0:b9:bb:67:59:0d:a7:54:44:a7:d7:61:
50:0e:06:be:ca:3b:75:93:66:f8:b5:66:fe:c0:28:
62:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E1:76:2F:03:8E:60:9B:00:83:4E:FA:A1:12:B8:0F:E5:03:09:05
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS212335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.238.0/23
45.149.102.0/24
193.176.128.0/24
Signature Algorithm: sha256WithRSAEncryption
80:5d:7d:54:28:7f:cc:25:6b:90:13:c7:0a:48:b6:60:ed:be:
7d:5d:8a:20:3a:f2:5b:c7:57:b1:fe:c1:f8:5d:5a:79:1e:a7:
37:10:6a:52:96:91:c1:24:46:20:3c:3b:10:5f:99:fc:6f:9c:
f2:38:76:2b:85:88:cd:f4:98:2e:b2:ea:7b:1a:6b:86:d1:ad:
c8:e7:54:8d:bb:ce:d2:57:94:a8:4d:ec:c2:23:2a:d3:6a:21:
30:58:bf:5c:75:18:a4:4f:36:96:1c:0a:bf:b0:a0:2f:b3:51:
b1:04:72:23:be:4d:b7:52:10:f4:3c:a5:3d:fa:5d:83:70:cb:
8d:6b:0c:fb:5e:66:c3:ca:d2:30:cb:1b:77:05:17:14:cb:9e:
01:55:ce:50:7a:2e:e0:09:ad:c6:a7:ae:70:44:59:d5:a7:e9:
00:8d:c2:ee:d7:ec:be:c9:1b:e4:fd:77:75:08:a1:4e:29:cd:
34:73:f4:88:af:57:a1:85:6f:bb:5f:f5:20:aa:c9:39:6a:6c:
a3:34:80:72:8b:29:09:75:45:c7:4d:ce:2b:38:a1:0d:66:25:
b1:5b:fd:4a:b1:45:7d:45:06:c1:59:f2:ac:fa:71:27:22:30:
3c:bf:f0:a5:90:d6:b1:55:b3:a3:e2:5d:aa:08:a8:a4:94:46:
36:a0:64:81
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUC6GSuLbs8msJ/9bxMEEb9y8RP5wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNTAxMDExMjQ4NTFaFw0yNTEyMzExMjUzNTFaMDMxMTAvBgNV
BAMTKEQ1RTE3NjJGMDM4RTYwOUIwMDgzNEVGQUExMTJCODBGRTUwMzA5MDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw3KDnqx7obw9ypBjF4O7sSJQt
lQoRK5y6nm24Tz3XBXLR3nCASjKWlEcDEch9AfzZcc2McyCveNX8urDlAWU/gitV
8731CLrTD/z3KrA+1psVcvR/rEVYWGaU1LrX2y0/KG20cJarMcOWNtCyQrxYNEfv
6D/Pm8XcDMm80cz5lxpToiXOYYyMvI2tBZj+AYzRlZICqsEJiSDNsS2Uojx1HKMQ
VEUgqUmX+BNEEj8Yc0FHl3eFttjodPLGIP7+oVBaCudXpG8IaDNv1FqVOgs5SC4a
yIDCPluax97KV6I1anVCbaC5u2dZDadURKfXYVAOBr7KO3WTZvi1Zv7AKGIFAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQU1eF2LwOOYJsAg076oRK4D+UDCQUwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjEyMzM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLY7u
AwQALZVmAwQAwbCAMA0GCSqGSIb3DQEBCwUAA4IBAQCAXX1UKH/MJWuQE8cKSLZg
7b59XYogOvJbx1ex/sH4XVp5Hqc3EGpSlpHBJEYgPDsQX5n8b5zyOHYrhYjN9Jgu
sup7GmuG0a3I51SNu87SV5SoTezCIyrTaiEwWL9cdRikTzaWHAq/sKAvs1GxBHIj
vk23UhD0PKU9+l2DcMuNawz7XmbDytIwyxt3BRcUy54BVc5Qei7gCa3Gp65wRFnV
p+kAjcLu1+y+yRvk/Xd1CKFOKc00c/SIr1ehhW+7X/Ugqsk5amyjNIByiykJdUXH
Tc4rOKENZiWxW/1KsUV9RQbBWfKs+nEnIjA8v/ClkNaxVbOj4l2qCKiklEY2oGSB
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:20:49 2025 by rpki-client