Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS209267.roa
File: AS209267.roa (raw, json)
Hash identifier: yP63LmuSwmLnhi53xc+wHijvauhA5ioUqErVgeezzd4=
Subject key identifier: ED:C6:9F:F8:7C:C7:3F:40:A6:F1:80:B4:02:86:0E:92:78:17:04:4B
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 3C217DE36623C672248D872B4F631F00BF77A62B
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS209267.roa
Signing time: Fri 23 Aug 2024 08:01:23 +0000
ROA not before: Fri 23 Aug 2024 07:56:23 +0000
ROA not after: Fri 22 Aug 2025 08:01:23 +0000
asID: 209267
IP address blocks: 2a0f:85c1:70::/44 maxlen: 44
2a0f:85c1:70::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:21:7d:e3:66:23:c6:72:24:8d:87:2b:4f:63:1f:00:bf:77:a6:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:23 2024 GMT
Not After : Aug 22 08:01:23 2025 GMT
Subject: CN=EDC69FF87CC73F40A6F180B402860E927817044B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:86:63:6e:20:a7:67:de:23:06:4a:da:18:c8:
3c:e8:90:f2:50:d0:8b:c7:93:b3:80:ad:98:af:fa:
ed:8f:ef:37:be:03:6c:b9:fa:59:85:85:8d:5b:de:
0f:21:95:9b:43:df:4e:2f:c5:64:c3:2e:67:87:c8:
a6:3d:14:f7:e7:4f:d8:62:48:07:a2:80:f6:34:d5:
3b:f3:80:f0:a3:05:a7:ca:8b:5a:f3:62:4e:98:e4:
ad:94:b5:64:c5:34:92:c5:02:78:fd:e0:43:16:b0:
ca:43:31:b8:37:db:aa:f4:ac:a0:04:e0:dc:61:95:
52:99:e8:5b:bd:b2:8b:01:9b:4a:c0:dd:c8:a0:e6:
9c:08:a6:ae:e3:f0:02:bd:ad:17:d2:0c:12:c2:9b:
42:47:54:fa:06:d2:50:d4:5a:49:52:e4:a7:48:5a:
d5:0c:00:fb:98:74:c4:31:2e:da:dd:6f:22:fc:74:
a8:13:d7:67:b5:71:6f:45:20:c7:e4:e3:86:33:e2:
a3:d0:14:a5:f5:d6:52:2a:15:23:4a:e9:0d:e6:cf:
63:91:91:84:a2:a4:0d:6f:44:2b:63:2b:35:c8:8b:
56:99:db:45:c3:b8:02:e6:a2:3f:2b:da:31:18:f6:
92:4d:01:ae:96:64:bf:66:8b:eb:d6:7d:9b:46:74:
96:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:C6:9F:F8:7C:C7:3F:40:A6:F1:80:B4:02:86:0E:92:78:17:04:4B
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS209267.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:70::/44
Signature Algorithm: sha256WithRSAEncryption
d7:a3:82:1a:fd:58:54:cb:17:26:91:af:ae:fb:1f:6f:3c:73:
4a:67:32:c1:db:1e:15:b3:f6:2c:66:34:78:5d:6c:63:51:8b:
aa:2b:96:6d:eb:2d:cd:ec:50:2d:12:54:06:5f:93:94:73:6a:
53:af:5d:1f:77:15:0b:dc:5b:81:0b:25:aa:89:d3:a2:5c:0a:
12:7a:62:0f:f0:f5:26:23:b2:a0:26:ea:2b:ca:5d:7a:8c:62:
a9:20:27:bf:6d:5b:29:13:e3:26:f4:27:51:60:ef:b9:02:b7:
da:f8:28:81:c3:65:23:52:d4:05:18:c2:d5:0b:61:f1:f9:e3:
38:54:b1:e6:0c:d9:df:14:79:89:94:a1:cc:b0:d1:0d:28:39:
e4:92:6f:7c:d6:a1:0d:70:9e:9b:95:d3:28:89:d6:05:f7:27:
0a:b6:ea:5f:d3:88:0e:b2:4e:49:11:a0:dc:ee:d3:26:60:20:
40:d7:43:57:ed:68:00:c9:cd:76:4b:24:cb:0b:03:46:f1:15:
e0:3e:2c:12:51:8c:7b:0a:d4:53:78:7c:94:c9:29:96:32:75:
5d:f1:cd:45:96:8e:c1:2c:58:65:a6:b7:a0:c4:18:f6:14:3c:
cf:fd:60:14:16:52:0a:31:72:d9:19:2d:9b:79:b4:9a:f7:3e:
47:05:9b:2f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUPCF942YjxnIkjYcrT2MfAL93piswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MjNaFw0yNTA4MjIwODAxMjNaMDMxMTAvBgNV
BAMTKEVEQzY5RkY4N0NDNzNGNDBBNkYxODBCNDAyODYwRTkyNzgxNzA0NEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwhmNuIKdn3iMGStoYyDzokPJQ
0IvHk7OArZiv+u2P7ze+A2y5+lmFhY1b3g8hlZtD304vxWTDLmeHyKY9FPfnT9hi
SAeigPY01TvzgPCjBafKi1rzYk6Y5K2UtWTFNJLFAnj94EMWsMpDMbg326r0rKAE
4NxhlVKZ6Fu9sosBm0rA3cig5pwIpq7j8AK9rRfSDBLCm0JHVPoG0lDUWklS5KdI
WtUMAPuYdMQxLtrdbyL8dKgT12e1cW9FIMfk44Yz4qPQFKX11lIqFSNK6Q3mz2OR
kYSipA1vRCtjKzXIi1aZ20XDuALmoj8r2jEY9pJNAa6WZL9mi+vWfZtGdJYdAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU7caf+HzHP0Cm8YC0AoYOkngXBEswHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjA5MjY3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg+F
wQBwMA0GCSqGSIb3DQEBCwUAA4IBAQDXo4Ia/VhUyxcmka+u+x9vPHNKZzLB2x4V
s/YsZjR4XWxjUYuqK5Zt6y3N7FAtElQGX5OUc2pTr10fdxUL3FuBCyWqidOiXAoS
emIP8PUmI7KgJuoryl16jGKpICe/bVspE+Mm9CdRYO+5Arfa+CiBw2UjUtQFGMLV
C2Hx+eM4VLHmDNnfFHmJlKHMsNENKDnkkm981qENcJ6bldMoidYF9ycKtupf04gO
sk5JEaDc7tMmYCBA10NX7WgAyc12SyTLCwNG8RXgPiwSUYx7CtRTeHyUySmWMnVd
8c1Flo7BLFhlpregxBj2FDzP/WAUFlIKMXLZGS2bebSa9z5HBZsv
-----END CERTIFICATE-----
Generated at Thu Nov 21 12:08:36 2024 by rpki-client on console-fra.rpki-client.org