Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS206628.roa
File: AS206628.roa (raw, json)
Hash identifier: Z/6CYprPFxnh0kzK6xjTbtuKmcCRn2piejsyEBbKlpU=
Subject key identifier: 27:63:62:D4:CB:6E:84:65:2A:F4:47:F5:43:57:F3:FB:13:67:75:0E
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 24BE32029C1BA2887BEC1E96089D307A904DC9D3
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS206628.roa
Signing time: Fri 23 Aug 2024 08:01:23 +0000
ROA not before: Fri 23 Aug 2024 07:56:23 +0000
ROA not after: Fri 22 Aug 2025 08:01:23 +0000
asID: 206628
IP address blocks: 2a0f:85c1::/48 maxlen: 48
2a0f:85c1:21::/48 maxlen: 48
2a0f:85c1:22::/48 maxlen: 48
2a0f:85c1:30::/48 maxlen: 48
2a0f:85c1:31::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:be:32:02:9c:1b:a2:88:7b:ec:1e:96:08:9d:30:7a:90:4d:c9:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:23 2024 GMT
Not After : Aug 22 08:01:23 2025 GMT
Subject: CN=276362D4CB6E84652AF447F54357F3FB1367750E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:46:2f:d8:9b:0b:90:04:e0:d3:10:fd:ca:91:
13:98:ed:ca:5f:f0:38:78:a7:bb:3c:ba:2f:39:5b:
60:b2:18:03:e6:12:0c:6b:28:ae:6a:f1:a3:e3:b2:
a9:0f:ec:7f:e5:57:b2:1d:7b:df:76:3a:ee:c3:18:
ff:50:3a:4a:17:bc:ab:d8:c8:43:6f:d4:38:7e:c6:
2b:41:e0:2b:80:a0:78:dc:ee:33:98:0f:d4:75:20:
95:95:d8:45:70:54:67:66:bb:76:a7:88:a3:4c:d7:
83:62:72:41:c3:22:5a:b0:3c:fa:3c:43:d6:f4:d6:
45:54:34:31:6d:da:ef:07:9b:fc:1c:06:7d:f1:47:
f4:00:be:b7:a5:08:cc:40:f7:15:3b:14:bb:42:8a:
06:62:77:df:38:35:e6:7a:4c:67:a7:f7:f7:20:3c:
5e:c2:09:f8:74:a3:d2:00:9e:21:bf:a4:a3:10:2e:
c3:eb:71:0b:fd:d6:49:bc:b4:fb:3f:21:20:68:87:
5b:04:2a:c8:f7:71:ce:da:a8:ac:12:a6:7b:90:90:
30:3d:fd:2f:6a:44:aa:38:a5:7e:7b:6c:91:fa:cc:
07:5a:1a:6e:49:7c:ac:7e:99:3b:a6:e8:57:f6:fa:
f8:4d:00:f4:9f:17:66:c2:2d:58:9f:79:2a:01:09:
7f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:63:62:D4:CB:6E:84:65:2A:F4:47:F5:43:57:F3:FB:13:67:75:0E
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS206628.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1::/48
2a0f:85c1:21::-2a0f:85c1:22:ffff:ffff:ffff:ffff:ffff
2a0f:85c1:30::/47
Signature Algorithm: sha256WithRSAEncryption
ac:b1:04:3a:ee:fc:f1:35:0d:64:1b:88:56:2d:61:e4:55:e2:
ad:28:43:e9:f3:1c:06:c4:7a:99:ef:1e:7a:02:9f:10:fa:29:
38:53:5b:d5:20:01:53:2d:24:24:67:68:80:d2:4e:68:34:e8:
70:7e:6f:03:6f:44:3a:d2:1a:b9:c3:6b:00:91:99:b4:f2:f9:
ef:05:74:fe:f1:37:ff:04:0e:61:a3:c6:00:ab:ea:84:b8:ea:
e4:f5:55:5c:b5:38:ec:3a:96:84:d4:15:df:a1:a6:64:7d:6f:
96:c4:4a:bb:cc:94:dd:60:bd:f1:0d:6a:29:78:bc:4c:6c:c7:
d7:ed:8b:03:21:82:a2:d1:ea:9a:14:2e:75:52:e6:23:ee:ec:
4b:b9:6b:0c:10:47:49:36:7d:28:ec:49:06:c0:60:2e:3b:2c:
74:c5:b7:ad:5e:b7:67:57:8d:48:50:0c:cb:fa:a2:0c:60:f3:
ef:1a:a4:6a:21:76:f1:b6:eb:cb:8b:f8:b2:44:b3:0a:8f:de:
20:b1:2b:41:25:19:d9:c9:20:ab:76:cd:9d:dc:59:80:ce:ff:
43:6b:c2:ee:1e:6d:71:65:ba:7d:b3:3b:e1:eb:fe:b6:fb:d6:
11:01:57:60:b8:72:28:0c:f6:cb:99:e1:35:ea:fb:21:a3:09:
4e:a4:b6:ab
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIUJL4yApwbooh77B6WCJ0wepBNydMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MjNaFw0yNTA4MjIwODAxMjNaMDMxMTAvBgNV
BAMTKDI3NjM2MkQ0Q0I2RTg0NjUyQUY0NDdGNTQzNTdGM0ZCMTM2Nzc1MEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaRi/YmwuQBODTEP3KkROY7cpf
8Dh4p7s8ui85W2CyGAPmEgxrKK5q8aPjsqkP7H/lV7Ide992Ou7DGP9QOkoXvKvY
yENv1Dh+xitB4CuAoHjc7jOYD9R1IJWV2EVwVGdmu3aniKNM14NickHDIlqwPPo8
Q9b01kVUNDFt2u8Hm/wcBn3xR/QAvrelCMxA9xU7FLtCigZid984NeZ6TGen9/cg
PF7CCfh0o9IAniG/pKMQLsPrcQv91km8tPs/ISBoh1sEKsj3cc7aqKwSpnuQkDA9
/S9qRKo4pX57bJH6zAdaGm5JfKx+mTum6Ff2+vhNAPSfF2bCLVifeSoBCX+zAgMB
AAGjggIqMIICJjAdBgNVHQ4EFgQUJ2Ni1MtuhGUq9Ef1Q1fz+xNndQ4wHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjA2NjI4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAwcAKg+F
wQAAMBIDBwAqD4XBACEDBwAqD4XBACIDBwEqD4XBADAwDQYJKoZIhvcNAQELBQAD
ggEBAKyxBDru/PE1DWQbiFYtYeRV4q0oQ+nzHAbEepnvHnoCnxD6KThTW9UgAVMt
JCRnaIDSTmg06HB+bwNvRDrSGrnDawCRmbTy+e8FdP7xN/8EDmGjxgCr6oS46uT1
VVy1OOw6loTUFd+hpmR9b5bESrvMlN1gvfENail4vExsx9ftiwMhgqLR6poULnVS
5iPu7Eu5awwQR0k2fSjsSQbAYC47LHTFt61et2dXjUhQDMv6ogxg8+8apGohdvG2
68uL+LJEswqP3iCxK0ElGdnJIKt2zZ3cWYDO/0Nrwu4ebXFlun2zO+Hr/rb71hEB
V2C4cigM9suZ4TXq+yGjCU6ktqs=
-----END CERTIFICATE-----
Generated at Thu Nov 21 12:18:36 2024 by rpki-client on console-ams.rpki-client.org