Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS207842.roa
File: AS207842.roa (raw, json)
Hash identifier: +dAZKMyLU6ZuG02xm9mtMp13q5K0lYC1QzdCnxQN4oI=
Subject key identifier: AE:66:DA:4A:D3:2B:85:E0:D6:8B:A4:5A:A7:29:01:E0:CB:C6:32:D0
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 4DDE21388616E7E997C150B9B2BB945507D42FF2
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS207842.roa
Signing time: Fri 23 Aug 2024 08:01:27 +0000
ROA not before: Fri 23 Aug 2024 07:56:27 +0000
ROA not after: Fri 22 Aug 2025 08:01:27 +0000
asID: 207842
IP address blocks: 2a0f:85c1:220::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:de:21:38:86:16:e7:e9:97:c1:50:b9:b2:bb:94:55:07:d4:2f:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:27 2024 GMT
Not After : Aug 22 08:01:27 2025 GMT
Subject: CN=AE66DA4AD32B85E0D68BA45AA72901E0CBC632D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:80:e8:1f:71:47:6a:6f:6d:cf:91:1c:50:67:
1c:74:da:59:a9:ed:a5:fe:c8:e5:98:86:aa:b7:27:
24:de:4e:d1:7c:15:b5:af:5f:6b:f6:c4:c6:8a:1e:
3f:80:57:0f:58:35:c4:c1:ee:e7:a8:09:8f:9c:92:
72:6c:30:60:fe:9a:b7:b8:b7:bb:2a:0d:82:7c:7f:
e1:ad:d6:01:a5:3a:43:38:de:d8:11:d4:11:d0:53:
79:34:48:73:79:a5:ef:12:fd:bf:f3:86:59:b4:ab:
2f:c9:80:94:36:ee:33:e5:75:70:13:de:a4:4b:81:
17:d0:e8:b1:ee:4f:a9:ad:55:76:22:55:06:b8:4b:
4b:8d:c9:0b:ca:a2:a8:32:d1:d8:af:94:3e:86:69:
a1:01:48:7e:95:3b:13:a3:9a:bf:ec:37:71:e4:97:
78:bf:c0:fd:50:a2:af:d1:ae:10:e1:e4:d1:5e:72:
f6:07:58:63:72:9f:a7:eb:a5:2e:fa:8b:da:de:a0:
50:ef:63:dc:dd:c7:0e:a7:44:fe:9b:f2:43:6b:4d:
ea:7c:11:d9:a6:23:8e:19:bb:11:d9:0c:f5:87:d8:
c3:f1:4e:0a:de:72:27:fb:48:8e:ed:8d:a9:56:ae:
ad:9b:ba:7d:9d:0c:bd:17:1c:c0:7f:66:13:e7:c5:
1d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:66:DA:4A:D3:2B:85:E0:D6:8B:A4:5A:A7:29:01:E0:CB:C6:32:D0
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS207842.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:220::/44
Signature Algorithm: sha256WithRSAEncryption
01:af:71:fa:12:25:0f:97:c5:83:da:c1:a6:a7:47:9a:38:33:
41:39:01:e3:24:b0:aa:e3:00:b2:0b:11:5e:9e:2a:23:16:e1:
79:5f:19:f4:9a:c0:c6:c7:cd:51:06:0a:24:16:24:f5:c1:b0:
24:ae:3a:0b:95:a4:1a:61:34:b9:7a:67:45:65:b2:0a:7e:f7:
44:bf:bb:a9:b3:9e:82:7b:e9:3b:95:98:e6:50:7a:e5:f3:81:
84:76:72:68:fd:d4:b1:67:49:49:7a:26:60:90:bb:50:8c:62:
ae:e7:d1:c3:cd:6e:06:9b:e0:e9:c7:25:e3:f7:31:59:2b:8f:
0a:54:56:1e:23:d9:28:9e:cd:f3:83:a6:5e:25:ce:d4:5b:44:
87:4f:cd:5a:cb:bc:f1:7a:45:a9:0e:fc:9d:0d:32:9b:89:5f:
c6:e5:85:ff:bb:46:04:19:b0:12:9c:21:1d:45:f1:00:3c:fb:
7a:3e:cf:8b:3e:74:81:82:ed:c1:40:55:ef:b7:c4:bc:31:f5:
81:8e:41:fb:e1:f0:7f:d6:e6:65:3d:f5:13:98:aa:38:33:6b:
f3:b3:d0:c3:c4:b4:5a:2e:2f:fc:0f:83:db:73:0e:47:b9:5c:
dd:38:36:02:e4:6c:b8:ce:03:38:39:f4:97:28:be:76:91:26:
f9:89:32:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUTd4hOIYW5+mXwVC5sruUVQfUL/IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MjdaFw0yNTA4MjIwODAxMjdaMDMxMTAvBgNV
BAMTKEFFNjZEQTRBRDMyQjg1RTBENjhCQTQ1QUE3MjkwMUUwQ0JDNjMyRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzgOgfcUdqb23PkRxQZxx02lmp
7aX+yOWYhqq3JyTeTtF8FbWvX2v2xMaKHj+AVw9YNcTB7ueoCY+cknJsMGD+mre4
t7sqDYJ8f+Gt1gGlOkM43tgR1BHQU3k0SHN5pe8S/b/zhlm0qy/JgJQ27jPldXAT
3qRLgRfQ6LHuT6mtVXYiVQa4S0uNyQvKoqgy0divlD6GaaEBSH6VOxOjmr/sN3Hk
l3i/wP1Qoq/RrhDh5NFecvYHWGNyn6frpS76i9reoFDvY9zdxw6nRP6b8kNrTep8
EdmmI44ZuxHZDPWH2MPxTgrecif7SI7tjalWrq2bun2dDL0XHMB/ZhPnxR1zAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUrmbaStMrheDWi6RapykB4MvGMtAwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjA3ODQyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg+F
wQIgMA0GCSqGSIb3DQEBCwUAA4IBAQABr3H6EiUPl8WD2sGmp0eaODNBOQHjJLCq
4wCyCxFeniojFuF5Xxn0msDGx81RBgokFiT1wbAkrjoLlaQaYTS5emdFZbIKfvdE
v7ups56Ce+k7lZjmUHrl84GEdnJo/dSxZ0lJeiZgkLtQjGKu59HDzW4Gm+DpxyXj
9zFZK48KVFYeI9kons3zg6ZeJc7UW0SHT81ay7zxekWpDvydDTKbiV/G5YX/u0YE
GbASnCEdRfEAPPt6Ps+LPnSBgu3BQFXvt8S8MfWBjkH74fB/1uZlPfUTmKo4M2vz
s9DDxLRaLi/8D4Pbcw5HuVzdODYC5Gy4zgM4OfSXKL52kSb5iTJG
-----END CERTIFICATE-----
Generated at Thu Sep 19 13:52:02 2024 by rpki-client on console-fra.rpki-client.org