Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS205398.roa
File: AS205398.roa (raw, json)
Hash identifier: F5I7rF8YHcoRAFjAEDVpOqdiBXTyvuJVuRW1WxK+oO8=
Subject key identifier: 4A:87:D1:E3:32:E9:2B:42:C8:D4:20:C1:84:C7:2B:5A:7C:59:2A:87
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 278F2982A478DFC2E3DBDB075148E5C25BBDECD1
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS205398.roa
Signing time: Fri 23 Aug 2024 08:01:18 +0000
ROA not before: Fri 23 Aug 2024 07:56:18 +0000
ROA not after: Fri 22 Aug 2025 08:01:18 +0000
asID: 205398
IP address blocks: 2a0f:85c1:260::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:8f:29:82:a4:78:df:c2:e3:db:db:07:51:48:e5:c2:5b:bd:ec:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:18 2024 GMT
Not After : Aug 22 08:01:18 2025 GMT
Subject: CN=4A87D1E332E92B42C8D420C184C72B5A7C592A87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b8:c3:ad:72:b9:04:aa:8d:15:0d:67:5a:02:
04:13:26:52:9d:c0:2d:a8:ea:37:f4:e8:97:79:bd:
2d:57:42:06:f6:37:7e:cb:ba:6a:ea:b2:49:7c:6a:
f5:d0:8b:96:b6:a9:83:9d:f3:cc:39:d4:98:1a:06:
3d:05:00:ab:54:18:8c:be:24:ef:12:90:2c:3d:57:
d7:3a:18:63:99:5d:5f:fa:d0:3e:bc:e9:12:d5:81:
f5:94:c2:41:dc:93:1b:7e:e3:e6:90:28:02:39:87:
03:7a:10:ac:19:bd:e0:25:7b:82:8d:8f:b1:b3:14:
a5:e8:ce:4b:db:e4:34:c2:e6:80:83:62:d7:12:4a:
e5:54:eb:f9:0b:51:4a:3e:92:3f:46:07:6d:09:60:
01:f8:0d:67:15:38:5d:97:84:a7:08:a6:7b:db:c9:
c4:24:ee:be:ac:e3:48:69:0b:48:58:da:64:4c:91:
15:ab:9e:d5:12:2f:ff:e7:85:91:ae:8a:f7:81:35:
27:ea:fa:ff:11:9b:7d:bc:24:06:a8:3b:90:0d:96:
0e:19:33:dd:f1:58:13:b0:23:37:40:01:1f:f2:c2:
1c:06:9e:87:6f:f4:19:c5:9a:fa:f4:47:a8:82:67:
f2:6a:f7:af:01:57:3f:a8:b4:2a:4a:ff:17:55:29:
96:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:87:D1:E3:32:E9:2B:42:C8:D4:20:C1:84:C7:2B:5A:7C:59:2A:87
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS205398.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:260::/44
Signature Algorithm: sha256WithRSAEncryption
14:51:b9:2e:98:d8:ff:ad:d7:91:ab:71:85:74:e9:de:8a:c7:
bb:53:e3:27:fe:c4:e6:3f:aa:6f:03:e1:3d:99:55:b4:90:cb:
60:52:51:bb:61:e9:63:09:4d:1a:c2:26:bc:2f:1a:17:fd:7b:
c1:7f:f8:f7:b7:93:aa:ac:8d:b2:80:57:11:d4:a1:fe:db:43:
e8:5c:6c:60:22:4d:64:54:6a:89:b2:0a:cb:a3:60:5a:36:81:
0a:50:3f:37:b9:11:7c:69:52:72:99:fe:60:e9:f6:6c:82:fb:
4a:90:cc:4f:56:d0:d2:ed:8d:54:07:86:b1:94:1d:23:7a:9a:
5c:f7:91:74:ad:99:23:b4:59:98:dd:71:54:d1:18:23:2e:a6:
9d:9d:28:47:b4:44:8d:4c:f1:f1:b4:5c:5a:e3:95:ea:7b:38:
99:fd:de:2b:fa:62:18:35:4a:0a:d0:51:3f:5b:80:1f:16:84:
ee:fb:20:c1:85:1a:79:d3:7a:d9:0b:bd:b1:d5:09:53:73:d1:
38:4f:d1:20:14:07:93:de:58:92:90:49:e7:6f:93:df:f4:91:
9f:90:f3:dd:a2:cf:3d:30:52:62:82:ee:4e:24:1c:41:40:32:
fd:44:d2:49:c9:fd:b8:11:b5:55:ce:c5:c2:7c:3e:a4:ed:91:
ca:d8:05:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUJ48pgqR438Lj29sHUUjlwlu97NEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MThaFw0yNTA4MjIwODAxMThaMDMxMTAvBgNV
BAMTKDRBODdEMUUzMzJFOTJCNDJDOEQ0MjBDMTg0QzcyQjVBN0M1OTJBODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSuMOtcrkEqo0VDWdaAgQTJlKd
wC2o6jf06Jd5vS1XQgb2N37Lumrqskl8avXQi5a2qYOd88w51JgaBj0FAKtUGIy+
JO8SkCw9V9c6GGOZXV/60D686RLVgfWUwkHckxt+4+aQKAI5hwN6EKwZveAle4KN
j7GzFKXozkvb5DTC5oCDYtcSSuVU6/kLUUo+kj9GB20JYAH4DWcVOF2XhKcIpnvb
ycQk7r6s40hpC0hY2mRMkRWrntUSL//nhZGuiveBNSfq+v8Rm328JAaoO5ANlg4Z
M93xWBOwIzdAAR/ywhwGnodv9BnFmvr0R6iCZ/Jq968BVz+otCpK/xdVKZYFAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUSofR4zLpK0LI1CDBhMcrWnxZKocwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjA1Mzk4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg+F
wQJgMA0GCSqGSIb3DQEBCwUAA4IBAQAUUbkumNj/rdeRq3GFdOneise7U+Mn/sTm
P6pvA+E9mVW0kMtgUlG7YeljCU0awia8LxoX/XvBf/j3t5OqrI2ygFcR1KH+20Po
XGxgIk1kVGqJsgrLo2BaNoEKUD83uRF8aVJymf5g6fZsgvtKkMxPVtDS7Y1UB4ax
lB0jeppc95F0rZkjtFmY3XFU0RgjLqadnShHtESNTPHxtFxa45XqeziZ/d4r+mIY
NUoK0FE/W4AfFoTu+yDBhRp503rZC72x1QlTc9E4T9EgFAeT3liSkEnnb5Pf9JGf
kPPdos89MFJigu5OJBxBQDL9RNJJyf24EbVVzsXCfD6k7ZHK2AXa
-----END CERTIFICATE-----
Generated at Thu Sep 19 13:12:08 2024 by rpki-client on console-ams.rpki-client.org