Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS212384.roa
File: AS212384.roa (raw, json)
Hash identifier: jIMuwjI+p89ttSswSIusTIUHwaOaYuHJx/ITRaB8LxQ=
Subject key identifier: 46:4E:8D:7B:E5:7E:A9:FD:23:DF:3E:16:68:2E:44:09:D3:E4:FB:80
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 4774FFB14714E42312E11A42933466E664BAA5DC
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS212384.roa
Signing time: Tue 08 Oct 2024 00:43:22 +0000
ROA not before: Tue 08 Oct 2024 00:38:22 +0000
ROA not after: Tue 07 Oct 2025 00:43:22 +0000
asID: 212384
IP address blocks: 45.142.238.0/23 maxlen: 24
45.146.83.0/24 maxlen: 24
45.154.107.0/24 maxlen: 24
152.89.248.0/24 maxlen: 24
176.105.224.0/24 maxlen: 24
176.105.225.0/24 maxlen: 24
193.29.96.0/24 maxlen: 24
194.5.149.0/24 maxlen: 24
194.113.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:74:ff:b1:47:14:e4:23:12:e1:1a:42:93:34:66:e6:64:ba:a5:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Oct 8 00:38:22 2024 GMT
Not After : Oct 7 00:43:22 2025 GMT
Subject: CN=464E8D7BE57EA9FD23DF3E16682E4409D3E4FB80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:46:3f:7b:60:2f:8b:6d:3c:40:fd:48:05:4d:
39:c3:68:67:d2:b4:71:63:8c:9d:c3:fb:e3:28:e5:
18:b8:64:37:9a:62:c6:1e:0b:2f:27:c8:a5:e0:be:
f8:95:9d:30:25:d7:b4:00:4f:e9:c8:5b:2c:91:73:
34:2b:9e:19:f6:fb:cf:0a:70:f6:28:82:ba:43:ac:
a5:6d:49:d4:d3:01:26:17:2c:c5:9f:05:33:80:f5:
8d:9f:5f:55:a7:20:6b:49:bc:cd:e0:61:10:41:55:
6d:88:eb:ca:5a:6d:5f:e8:16:56:39:b3:67:f4:9c:
09:eb:5b:15:ae:a6:56:5d:6c:9b:76:be:a7:22:3c:
62:54:0b:47:a8:64:a4:75:27:45:2d:9c:1d:e1:9c:
89:85:f6:2c:02:2e:02:e2:83:b3:ad:cf:de:7e:02:
9c:fc:0c:72:4f:16:a4:a0:20:ce:a7:fa:02:ae:7b:
f5:f5:d7:80:73:3c:9f:11:2b:2f:5f:3d:9c:70:16:
71:9b:81:9f:5b:d8:03:d0:d2:6d:10:21:2c:e1:dc:
b4:97:9d:05:01:37:6c:79:2c:27:df:50:05:e3:a9:
ff:85:cf:91:14:e8:9b:a4:50:c9:53:2c:13:b5:e9:
e4:76:e2:e1:5f:ea:e9:25:60:ab:8a:2b:2a:0d:1d:
be:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:4E:8D:7B:E5:7E:A9:FD:23:DF:3E:16:68:2E:44:09:D3:E4:FB:80
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS212384.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.238.0/23
45.146.83.0/24
45.154.107.0/24
152.89.248.0/24
176.105.224.0/23
193.29.96.0/24
194.5.149.0/24
194.113.227.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:3c:98:00:73:e9:19:67:0c:d9:bc:3a:42:a3:a6:16:25:68:
c3:ca:c1:44:8f:1a:7e:70:20:fb:ac:31:16:e8:ae:ad:c2:64:
71:92:07:c5:09:5e:b5:74:5d:1d:b9:64:e4:55:ad:62:c7:64:
90:ed:9e:38:59:d9:e3:cc:35:8f:de:e4:12:3c:53:a2:18:a0:
d2:68:3d:31:11:d2:d9:fd:73:44:2c:89:d8:a6:34:6b:a6:bc:
1d:3c:35:36:75:b8:08:f7:a0:0d:0f:92:ca:04:8e:10:fc:a3:
a8:c0:6e:76:b6:51:70:97:b3:6b:ac:6e:f5:c9:69:78:b4:9b:
bd:7f:96:4e:52:73:02:97:d3:76:78:ce:a2:26:94:f3:b5:2c:
e0:3a:73:81:2f:8f:0c:70:d7:06:e4:e9:b0:60:41:2c:5d:a7:
4e:eb:48:d0:71:05:58:8e:0b:ac:5d:c8:fb:ab:70:d6:60:02:
d1:b7:95:87:c3:8d:01:e3:fa:81:d3:21:7c:98:e0:a3:b8:c8:
7e:35:f9:98:db:ad:43:29:9c:86:3a:a8:34:1b:bf:10:34:5a:
b5:7b:32:b5:b7:8b:45:62:42:38:d7:df:0c:a0:a6:36:1c:d0:
cc:38:d4:29:5d:0b:11:d7:37:5f:e4:4f:82:5f:9a:bf:52:f6:
8c:04:31:ea
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUR3T/sUcU5CMS4RpCkzRm5mS6pdwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNDEwMDgwMDM4MjJaFw0yNTEwMDcwMDQzMjJaMDMxMTAvBgNV
BAMTKDQ2NEU4RDdCRTU3RUE5RkQyM0RGM0UxNjY4MkU0NDA5RDNFNEZCODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoRj97YC+LbTxA/UgFTTnDaGfS
tHFjjJ3D++Mo5Ri4ZDeaYsYeCy8nyKXgvviVnTAl17QAT+nIWyyRczQrnhn2+88K
cPYogrpDrKVtSdTTASYXLMWfBTOA9Y2fX1WnIGtJvM3gYRBBVW2I68pabV/oFlY5
s2f0nAnrWxWuplZdbJt2vqciPGJUC0eoZKR1J0UtnB3hnImF9iwCLgLig7Otz95+
Apz8DHJPFqSgIM6n+gKue/X114BzPJ8RKy9fPZxwFnGbgZ9b2APQ0m0QISzh3LSX
nQUBN2x5LCffUAXjqf+Fz5EU6JukUMlTLBO16eR24uFf6uklYKuKKyoNHb65AgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQURk6Ne+V+qf0j3z4WaC5ECdPk+4AwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjEyMzg0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBLY7u
AwQALZJTAwQALZprAwQAmFn4AwQBsGngAwQAwR1gAwQAwgWVAwQAwnHjMA0GCSqG
SIb3DQEBCwUAA4IBAQA6PJgAc+kZZwzZvDpCo6YWJWjDysFEjxp+cCD7rDEW6K6t
wmRxkgfFCV61dF0duWTkVa1ix2SQ7Z44WdnjzDWP3uQSPFOiGKDSaD0xEdLZ/XNE
LInYpjRrprwdPDU2dbgI96AND5LKBI4Q/KOowG52tlFwl7NrrG71yWl4tJu9f5ZO
UnMCl9N2eM6iJpTztSzgOnOBL48McNcG5OmwYEEsXadO60jQcQVYjgusXcj7q3DW
YALRt5WHw40B4/qB0yF8mOCjuMh+NfmY261DKZyGOqg0G78QNFq1ezK1t4tFYkI4
198MoKY2HNDMONQpXQsR1zdf5E+CX5q/UvaMBDHq
-----END CERTIFICATE-----
Generated at Sun Nov 24 08:05:57 2024 by rpki-client on console-fra.rpki-client.org