Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS207841.roa
File: AS207841.roa (raw, json)
Hash identifier: 2KjjRleXUGQ7P4iUr06erAaQVy6BI90mZVHxllW/0Ak=
Subject key identifier: 62:79:13:29:55:85:F5:32:F9:FF:88:11:92:E4:65:FF:D1:F6:90:2B
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 1E92FCED22EE5323A65BC619888BDDAFE3E5EDCA
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS207841.roa
Signing time: Fri 23 Aug 2024 08:01:25 +0000
ROA not before: Fri 23 Aug 2024 07:56:25 +0000
ROA not after: Fri 22 Aug 2025 08:01:25 +0000
asID: 207841
IP address blocks: 193.57.144.0/24 maxlen: 24
193.57.159.0/24 maxlen: 24
193.57.167.0/24 maxlen: 24
193.57.168.0/24 maxlen: 24
2a0f:85c0::/48 maxlen: 48
2a0f:85c2::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:92:fc:ed:22:ee:53:23:a6:5b:c6:19:88:8b:dd:af:e3:e5:ed:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:25 2024 GMT
Not After : Aug 22 08:01:25 2025 GMT
Subject: CN=627913295585F532F9FF881192E465FFD1F6902B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3f:7a:68:fd:f0:7f:b6:60:33:74:b5:fb:98:
4c:e6:46:43:8c:ad:b4:e8:4a:db:de:4a:92:6d:ae:
87:57:d6:bc:8f:ff:0c:ba:53:df:d2:41:c1:b1:4c:
7a:ae:bf:59:9b:3e:5b:0b:20:c4:e1:69:21:39:d8:
88:e0:b3:4a:36:e7:8f:f0:02:8b:2e:1c:51:d8:c3:
05:71:ee:7d:03:f9:12:60:85:89:54:8b:e9:3a:37:
d9:ae:e5:d7:68:ce:f0:fc:8b:bf:19:bf:c9:74:48:
ee:c9:73:38:c8:00:4f:38:64:15:a3:c4:8a:6f:0b:
26:a4:58:6f:7c:25:ee:f8:58:61:3d:55:f8:0b:33:
81:a8:70:d0:d3:11:57:37:fa:e9:dd:a9:f9:18:f6:
f7:91:d6:57:a2:1f:7b:a2:ff:e6:c2:61:02:07:2a:
1b:60:4a:e4:1f:12:d5:65:1d:84:7e:12:03:89:cd:
44:7c:97:98:7f:64:36:3c:a2:3a:23:52:2d:30:39:
1d:c5:fb:79:0f:3a:7a:12:4d:32:1e:6d:bb:85:bd:
7f:ef:b4:cd:54:3d:f3:d5:94:b3:86:2f:1e:79:0e:
1d:14:37:23:f2:93:51:f5:41:6e:4c:39:8a:bc:d0:
a0:1c:7d:38:35:3a:31:da:7c:14:fb:45:1a:c7:61:
ec:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:79:13:29:55:85:F5:32:F9:FF:88:11:92:E4:65:FF:D1:F6:90:2B
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS207841.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.144.0/24
193.57.159.0/24
193.57.167.0-193.57.168.255
IPv6:
2a0f:85c0::/48
2a0f:85c2::/32
Signature Algorithm: sha256WithRSAEncryption
d6:58:7a:39:3b:61:62:30:d1:9f:95:f8:88:97:59:c0:dd:51:
59:17:a4:16:c1:dd:15:97:68:ef:99:6a:7c:8c:c5:e0:83:d8:
ab:8d:83:2f:d8:7f:e6:57:be:7c:d7:b2:6a:58:45:a7:c3:2c:
a7:33:a9:26:1d:a6:74:7c:d6:06:dd:4b:3f:e4:02:6f:ee:c1:
87:c2:2f:05:e9:5c:df:47:ab:bc:56:3a:52:51:25:9d:19:37:
2a:e1:9f:7a:9d:2a:c8:c9:3b:0d:fe:81:22:ba:87:e0:bf:74:
50:9c:b2:d1:4e:b3:90:32:e4:c1:14:9a:f6:d4:5d:11:c4:fb:
aa:95:85:a5:cf:0a:ad:c1:ed:c4:27:ba:dc:fb:44:b7:5e:d1:
a8:a1:df:c1:9e:63:8f:27:21:3b:f2:61:c4:50:97:b7:ed:10:
b8:91:47:e6:57:8e:a0:48:88:45:d5:32:85:a7:1a:92:69:52:
81:e6:16:ad:93:ca:83:dd:28:66:5c:42:31:4e:e3:b7:0a:dd:
68:fd:2e:55:c4:87:fb:98:0e:21:ad:14:40:99:3e:74:3f:cf:
18:36:ee:bb:ba:f9:e1:cc:cc:46:e8:90:f6:70:db:f8:e0:dd:
01:08:0e:e9:36:d1:e4:7d:41:30:41:f5:b3:5f:b3:ec:b2:7d:
9d:f1:82:43
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUHpL87SLuUyOmW8YZiIvdr+Pl7cowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MjVaFw0yNTA4MjIwODAxMjVaMDMxMTAvBgNV
BAMTKDYyNzkxMzI5NTU4NUY1MzJGOUZGODgxMTkyRTQ2NUZGRDFGNjkwMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6P3po/fB/tmAzdLX7mEzmRkOM
rbToStveSpJtrodX1ryP/wy6U9/SQcGxTHquv1mbPlsLIMThaSE52Ijgs0o254/w
AosuHFHYwwVx7n0D+RJghYlUi+k6N9mu5ddozvD8i78Zv8l0SO7JczjIAE84ZBWj
xIpvCyakWG98Je74WGE9VfgLM4GocNDTEVc3+undqfkY9veR1leiH3ui/+bCYQIH
KhtgSuQfEtVlHYR+EgOJzUR8l5h/ZDY8ojojUi0wOR3F+3kPOnoSTTIebbuFvX/v
tM1UPfPVlLOGLx55Dh0UNyPyk1H1QW5MOYq80KAcfTg1OjHafBT7RRrHYezvAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUYnkTKVWF9TL5/4gRkuRl/9H2kCswHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjA3ODQxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAgBAIAATAaAwQAwTmQ
AwQAwTmfMAwDBADBOacDBADBOagwFgQCAAIwEAMHACoPhcAAAAMFACoPhcIwDQYJ
KoZIhvcNAQELBQADggEBANZYejk7YWIw0Z+V+IiXWcDdUVkXpBbB3RWXaO+ZanyM
xeCD2KuNgy/Yf+ZXvnzXsmpYRafDLKczqSYdpnR81gbdSz/kAm/uwYfCLwXpXN9H
q7xWOlJRJZ0ZNyrhn3qdKsjJOw3+gSK6h+C/dFCcstFOs5Ay5MEUmvbUXRHE+6qV
haXPCq3B7cQnutz7RLde0aih38GeY48nITvyYcRQl7ftELiRR+ZXjqBIiEXVMoWn
GpJpUoHmFq2TyoPdKGZcQjFO47cK3Wj9LlXEh/uYDiGtFECZPnQ/zxg27ru6+eHM
zEbokPZw2/jg3QEIDuk20eR9QTBB9bNfs+yyfZ3xgkM=
-----END CERTIFICATE-----
Generated at Thu Nov 21 12:08:35 2024 by rpki-client on console-fra.rpki-client.org