Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS212384.roa
File: AS212384.roa (raw, json)
Hash identifier: cCLA29UTpf5h9Cuti9sMXrIzJ6XYMQUls0uTK+V4FO4=
Subject key identifier: AC:36:74:18:4C:6F:1D:BA:C1:30:1E:7E:4D:8E:39:5C:F2:67:20:F7
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 0404C06A80EA9060B29A5CFDBD84E680339262B2
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS212384.roa
Signing time: Tue 07 Nov 2023 00:00:06 +0000
ROA not before: Mon 06 Nov 2023 23:55:06 +0000
ROA not after: Tue 05 Nov 2024 00:00:06 +0000
asID: 212384
IP address blocks: 45.142.238.0/23 maxlen: 24
45.146.83.0/24 maxlen: 24
45.154.107.0/24 maxlen: 24
152.89.248.0/24 maxlen: 24
176.105.224.0/24 maxlen: 24
176.105.225.0/24 maxlen: 24
193.29.96.0/24 maxlen: 24
194.5.149.0/24 maxlen: 24
194.113.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:04:c0:6a:80:ea:90:60:b2:9a:5c:fd:bd:84:e6:80:33:92:62:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Nov 6 23:55:06 2023 GMT
Not After : Nov 5 00:00:06 2024 GMT
Subject: CN=AC3674184C6F1DBAC1301E7E4D8E395CF26720F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:45:6f:26:64:f4:28:18:c5:e3:0e:7f:8e:a5:
13:12:bf:c8:1d:26:9a:1b:81:fc:59:c6:93:0d:c1:
86:5a:2a:df:4a:6f:08:ba:a5:02:ac:55:18:7b:7e:
7c:52:f5:b3:4f:c7:dd:7e:bc:b4:73:a6:d7:8e:bb:
ff:f3:05:23:28:57:63:64:b2:3f:a6:04:1a:e5:4f:
63:6e:3a:91:a9:8b:c9:1a:3a:bc:aa:4e:ab:fe:67:
ea:d5:96:b5:23:22:18:51:04:56:12:7c:b5:3d:0d:
99:da:fd:8a:f8:e5:90:96:c2:e2:01:d3:64:a1:87:
b4:62:d7:cb:8f:6c:47:80:fc:f9:a6:9c:e7:80:dc:
8f:6e:c0:e4:7c:f7:5f:2a:5e:34:ed:0a:89:5f:b1:
99:26:e1:c4:5f:68:f7:7a:dc:bc:c4:d4:60:1c:bc:
43:9a:e5:54:dc:69:0e:68:60:46:ab:62:ac:9e:0b:
d1:f8:72:27:70:04:44:81:26:23:48:54:51:0c:97:
a2:db:58:a5:b7:fd:c2:9d:31:18:5d:8e:56:a6:8c:
d3:df:78:ea:0e:31:a7:29:27:b6:03:cc:cf:e3:d3:
65:dc:60:46:e9:45:a3:12:01:2a:50:91:72:09:0f:
1b:56:e1:16:fd:e7:64:1a:cc:21:ba:f6:8d:d5:d8:
70:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:36:74:18:4C:6F:1D:BA:C1:30:1E:7E:4D:8E:39:5C:F2:67:20:F7
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS212384.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.238.0/23
45.146.83.0/24
45.154.107.0/24
152.89.248.0/24
176.105.224.0/23
193.29.96.0/24
194.5.149.0/24
194.113.227.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:2b:ca:35:5f:38:2c:1f:d9:90:50:86:6b:7e:a0:00:0b:f5:
82:07:82:4e:6e:5f:b7:41:97:b5:e2:b7:7f:9c:44:0e:44:62:
49:6d:ef:8a:53:24:b7:40:64:ea:4a:45:9e:a0:91:bb:f3:1f:
c8:28:0a:c0:97:a4:14:c3:26:f0:a3:9c:b7:26:24:28:5e:c6:
7e:fe:e4:ad:e2:4b:ba:4f:a7:ed:51:d2:86:b9:11:60:ff:c4:
35:05:d6:94:2a:dd:66:5f:a3:5b:d5:99:1f:ba:7c:c3:06:49:
5c:f2:3e:78:dc:d1:31:51:e3:95:2f:13:12:4c:04:ff:23:4d:
e7:0a:fe:7d:2b:b0:36:f5:f1:de:7b:c3:8b:3b:56:2a:db:29:
f1:24:d6:64:ce:a5:0d:45:de:76:60:46:d9:95:64:96:34:80:
8e:64:f4:de:2f:6e:52:f7:49:89:cc:74:0f:d6:3a:c3:6b:6a:
75:eb:87:b7:8b:35:dc:f4:79:db:84:f5:d2:6b:32:b6:dd:69:
d4:e8:6b:8c:ce:1c:83:ed:91:7b:7e:8e:c6:3d:13:13:78:de:
3a:21:08:e3:b6:6c:a1:93:62:ea:fd:c0:67:04:14:ac:8b:ef:
16:72:63:0c:93:e7:bc:fc:92:47:6e:f9:ba:5d:9b:28:e3:f4:
59:3a:6f:a7
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUBATAaoDqkGCymlz9vYTmgDOSYrIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yMzExMDYyMzU1MDZaFw0yNDExMDUwMDAwMDZaMDMxMTAvBgNV
BAMTKEFDMzY3NDE4NEM2RjFEQkFDMTMwMUU3RTREOEUzOTVDRjI2NzIwRjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmRW8mZPQoGMXjDn+OpRMSv8gd
JpobgfxZxpMNwYZaKt9Kbwi6pQKsVRh7fnxS9bNPx91+vLRzpteOu//zBSMoV2Nk
sj+mBBrlT2NuOpGpi8kaOryqTqv+Z+rVlrUjIhhRBFYSfLU9DZna/Yr45ZCWwuIB
02Shh7Ri18uPbEeA/PmmnOeA3I9uwOR8918qXjTtColfsZkm4cRfaPd63LzE1GAc
vEOa5VTcaQ5oYEarYqyeC9H4cidwBESBJiNIVFEMl6LbWKW3/cKdMRhdjlamjNPf
eOoOMacpJ7YDzM/j02XcYEbpRaMSASpQkXIJDxtW4Rb952QazCG69o3V2HCBAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUrDZ0GExvHbrBMB5+TY45XPJnIPcwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjEyMzg0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBLY7u
AwQALZJTAwQALZprAwQAmFn4AwQBsGngAwQAwR1gAwQAwgWVAwQAwnHjMA0GCSqG
SIb3DQEBCwUAA4IBAQBPK8o1XzgsH9mQUIZrfqAAC/WCB4JObl+3QZe14rd/nEQO
RGJJbe+KUyS3QGTqSkWeoJG78x/IKArAl6QUwybwo5y3JiQoXsZ+/uSt4ku6T6ft
UdKGuRFg/8Q1BdaUKt1mX6Nb1ZkfunzDBklc8j543NExUeOVLxMSTAT/I03nCv59
K7A29fHee8OLO1Yq2ynxJNZkzqUNRd52YEbZlWSWNICOZPTeL25S90mJzHQP1jrD
a2p164e3izXc9HnbhPXSazK23WnU6GuMzhyD7ZF7fo7GPRMTeN46IQjjtmyhk2Lq
/cBnBBSsi+8WcmMMk+e8/JJHbvm6XZso4/RZOm+n
-----END CERTIFICATE-----
Generated at Wed May 15 15:00:56 2024 by rpki-client on console-ams.rpki-client.org