Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS207841.roa
File: AS207841.roa (raw, json)
Hash identifier: zwrmKBnbmKE8FsvuyLc5wuanGhxjYzAsu3xUOZGJJzc=
Subject key identifier: 6C:1F:38:66:05:DC:A9:FF:A5:F6:96:46:99:29:D7:B1:84:D9:B3:BE
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 5466287B74AF9DDA920F4C6D504DCF79B773D53A
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS207841.roa
Signing time: Fri 20 Dec 2024 11:30:35 +0000
ROA not before: Fri 20 Dec 2024 11:25:35 +0000
ROA not after: Fri 19 Dec 2025 11:30:35 +0000
asID: 207841
IP address blocks: 62.164.141.0/24 maxlen: 24
193.57.144.0/24 maxlen: 24
193.57.159.0/24 maxlen: 24
193.57.167.0/24 maxlen: 24
193.57.168.0/24 maxlen: 24
2a0f:85c0::/48 maxlen: 48
2a0f:85c2::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:66:28:7b:74:af:9d:da:92:0f:4c:6d:50:4d:cf:79:b7:73:d5:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Dec 20 11:25:35 2024 GMT
Not After : Dec 19 11:30:35 2025 GMT
Subject: CN=6C1F386605DCA9FFA5F696469929D7B184D9B3BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:04:1a:23:4e:c9:c6:45:fc:f4:90:30:94:0b:
c0:60:d0:a1:9e:a2:b3:30:2f:f9:29:8f:14:19:fd:
b9:23:c2:e5:a7:59:99:bc:e9:a7:2b:a5:52:63:63:
eb:25:ab:7d:39:65:b4:28:db:26:b7:35:fe:6e:0c:
47:52:fe:c6:d2:c5:71:04:a4:56:09:e4:c0:0e:63:
c6:8f:1e:c6:19:15:6a:4c:73:cc:07:0a:4d:c5:48:
d3:73:45:76:7b:88:b2:4e:0f:79:5e:b2:e2:7f:10:
a8:5d:0c:55:5a:3e:a8:5e:fe:a6:45:2e:f4:65:c5:
6a:16:a9:40:d5:32:6a:ed:b4:e6:fb:16:37:ff:ea:
a5:66:81:01:14:10:80:44:f0:cd:38:a0:9b:65:6e:
f9:b0:d7:f4:4e:98:af:b1:0b:7c:68:12:2c:5b:c0:
0d:8d:4a:0f:56:11:6a:b1:84:c8:c1:b4:4e:b7:11:
09:8d:06:ec:43:4a:96:8f:b9:28:ef:68:3d:43:ae:
94:65:23:67:04:e8:7d:a3:40:a6:10:84:c2:bc:24:
06:2d:b7:26:62:fb:f6:b4:04:b6:d8:5b:24:51:3d:
1c:42:69:18:b3:3b:e2:6a:8f:53:bf:e8:2a:5b:1e:
01:ad:fe:06:1d:06:c4:48:a8:41:25:e6:71:6d:30:
10:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:1F:38:66:05:DC:A9:FF:A5:F6:96:46:99:29:D7:B1:84:D9:B3:BE
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS207841.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.141.0/24
193.57.144.0/24
193.57.159.0/24
193.57.167.0-193.57.168.255
IPv6:
2a0f:85c0::/48
2a0f:85c2::/32
Signature Algorithm: sha256WithRSAEncryption
e4:7c:6e:4e:3c:ac:a5:4d:74:f2:ec:5a:7d:2c:e5:50:bc:d4:
25:63:f8:a7:46:bc:d6:77:8b:9d:b3:07:c9:f2:46:d0:5f:e5:
89:f5:7a:16:e2:e5:2f:1d:98:49:da:51:22:70:f0:28:44:08:
26:5a:34:63:b6:9b:ee:c2:5d:c4:9f:a0:55:f7:a7:d0:9f:76:
73:c7:71:49:22:eb:e1:bc:ed:79:cd:58:e3:c9:71:a6:4e:7d:
ae:63:46:3a:9d:7c:f4:f4:e3:2d:70:29:e5:a0:6c:5d:19:fc:
e8:cd:22:0a:9b:4f:ea:8d:a7:02:ab:95:3a:ac:54:a4:fa:66:
34:33:d2:a1:44:10:f9:62:03:b1:a3:67:d4:8e:be:a2:98:cd:
14:de:15:d5:ae:49:9d:4d:96:3d:aa:bf:88:bb:8f:e9:0e:a5:
a6:56:28:47:63:7d:a8:7c:82:18:c4:4e:48:c6:fb:ae:ef:e0:
aa:45:18:c0:43:56:48:ba:0c:9c:55:d0:15:36:6d:91:20:0b:
ab:ec:8a:ac:fb:19:8f:71:41:46:8b:52:c7:0c:19:e5:5d:d1:
72:1c:a3:92:7f:a6:6e:07:51:c4:63:49:60:64:54:4c:9b:77:
63:45:6e:d2:05:9d:81:24:30:ff:30:1f:59:79:3b:7d:28:6c:
cb:6e:b6:bd
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUVGYoe3SvndqSD0xtUE3Pebdz1TowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDEyMjAxMTI1MzVaFw0yNTEyMTkxMTMwMzVaMDMxMTAvBgNV
BAMTKDZDMUYzODY2MDVEQ0E5RkZBNUY2OTY0Njk5MjlEN0IxODREOUIzQkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzBBojTsnGRfz0kDCUC8Bg0KGe
orMwL/kpjxQZ/bkjwuWnWZm86acrpVJjY+slq305ZbQo2ya3Nf5uDEdS/sbSxXEE
pFYJ5MAOY8aPHsYZFWpMc8wHCk3FSNNzRXZ7iLJOD3lesuJ/EKhdDFVaPqhe/qZF
LvRlxWoWqUDVMmrttOb7Fjf/6qVmgQEUEIBE8M04oJtlbvmw1/ROmK+xC3xoEixb
wA2NSg9WEWqxhMjBtE63EQmNBuxDSpaPuSjvaD1DrpRlI2cE6H2jQKYQhMK8JAYt
tyZi+/a0BLbYWyRRPRxCaRizO+Jqj1O/6CpbHgGt/gYdBsRIqEEl5nFtMBCDAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUbB84ZgXcqf+l9pZGmSnXsYTZs74wHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjA3ODQxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAmBAIAATAgAwQAPqSN
AwQAwTmQAwQAwTmfMAwDBADBOacDBADBOagwFgQCAAIwEAMHACoPhcAAAAMFACoP
hcIwDQYJKoZIhvcNAQELBQADggEBAOR8bk48rKVNdPLsWn0s5VC81CVj+KdGvNZ3
i52zB8nyRtBf5Yn1ehbi5S8dmEnaUSJw8ChECCZaNGO2m+7CXcSfoFX3p9CfdnPH
cUki6+G87XnNWOPJcaZOfa5jRjqdfPT04y1wKeWgbF0Z/OjNIgqbT+qNpwKrlTqs
VKT6ZjQz0qFEEPliA7GjZ9SOvqKYzRTeFdWuSZ1Nlj2qv4i7j+kOpaZWKEdjfah8
ghjETkjG+67v4KpFGMBDVki6DJxV0BU2bZEgC6vsiqz7GY9xQUaLUscMGeVd0XIc
o5J/pm4HUcRjSWBkVEybd2NFbtIFnYEkMP8wH1l5O30obMtutr0=
-----END CERTIFICATE-----
Generated at Thu Apr 3 11:10:48 2025 by rpki-client