Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS209735.roa
File: AS209735.roa (raw, json)
Hash identifier: pzlPZ+/2YxLtiqgu4GwpErTooddZVVD2BxXtSTSH7wc=
Subject key identifier: FE:E4:F2:66:12:C3:48:D5:E6:37:8A:80:97:ED:38:91:A6:78:08:B1
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 04BB8334BE894DACAB71569A289A1908F5B1F4B5
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS209735.roa
Signing time: Fri 23 Aug 2024 08:01:25 +0000
ROA not before: Fri 23 Aug 2024 07:56:25 +0000
ROA not after: Fri 22 Aug 2025 08:01:25 +0000
asID: 209735
IP address blocks: 2a0f:85c1:80::/44 maxlen: 44
2a0f:85c1:80::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:bb:83:34:be:89:4d:ac:ab:71:56:9a:28:9a:19:08:f5:b1:f4:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:25 2024 GMT
Not After : Aug 22 08:01:25 2025 GMT
Subject: CN=FEE4F26612C348D5E6378A8097ED3891A67808B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:86:c4:18:4b:a9:ff:27:f0:4b:16:16:a2:b7:
95:31:ae:47:8c:44:22:85:9c:dd:1c:4d:7e:0a:50:
8d:44:bc:23:20:f3:f6:d9:b5:7c:a3:33:74:a2:97:
76:5f:e9:c7:56:19:3c:2e:40:f8:03:4a:9c:b7:93:
e3:66:51:6a:a4:f2:f5:7f:b3:5f:c3:aa:83:3b:15:
8e:94:2a:69:53:ce:43:a1:38:53:7a:35:e4:70:fb:
0c:8b:4d:8a:af:d3:79:87:ec:fc:25:86:f5:13:ab:
bd:76:08:43:97:09:f8:d8:05:84:1b:24:c7:de:a3:
46:2b:7f:97:04:23:81:43:bb:68:8c:4c:96:73:36:
fa:58:cc:1d:bd:3d:d8:9a:c3:65:f9:7e:17:c1:ec:
90:ce:80:68:21:ad:1c:94:76:c7:f9:55:05:09:68:
c7:36:7e:aa:f6:11:af:37:e8:9d:cb:11:1e:64:26:
72:02:86:96:cb:aa:aa:c6:d9:98:fb:7e:a8:a7:33:
b9:39:59:76:7e:a9:18:ed:d9:e2:9d:61:9a:ea:10:
c6:ba:ac:e4:c2:c2:72:9d:d4:e0:ad:4d:f5:8f:81:
82:8a:59:d4:a1:0e:ba:a4:d5:fa:0b:65:9d:ae:21:
31:83:4b:ae:f5:d3:b5:97:29:e9:71:22:2c:d6:c3:
62:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:E4:F2:66:12:C3:48:D5:E6:37:8A:80:97:ED:38:91:A6:78:08:B1
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS209735.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:80::/44
Signature Algorithm: sha256WithRSAEncryption
21:4e:ea:eb:10:bd:c4:0a:09:c6:b9:e3:0d:b9:9e:00:2b:dd:
ed:32:3e:3a:60:31:1d:a8:0c:00:a9:a7:5d:b3:bb:c9:94:31:
3f:3f:2a:0c:f6:46:c2:ef:ca:4e:8a:78:6d:60:f3:be:6d:4b:
4a:e1:cc:d0:d6:16:ae:c5:aa:ed:92:6a:3a:a6:00:0a:73:9f:
66:b2:1d:4f:04:9d:93:ac:cf:00:72:15:83:4e:36:3c:d4:29:
d6:20:fc:40:04:51:e0:95:53:1e:a3:4d:dc:8f:8f:0b:f6:cb:
48:a1:23:f5:a9:91:aa:23:6e:06:a2:da:5d:6c:1b:88:2a:2b:
d8:ec:1b:3b:b3:bd:75:cd:ca:aa:3f:98:48:c9:29:9a:0a:e9:
d0:27:8a:1c:2c:f4:78:5f:f8:bc:d5:02:8b:9b:de:23:26:1b:
7e:be:07:0c:48:d8:e9:fa:8e:22:a6:6b:e0:d0:25:41:ca:d1:
d1:c2:b9:3f:e6:a6:e1:b6:63:95:b1:35:a3:1b:b6:4f:09:d8:
a4:5a:04:c7:25:51:ac:fb:68:2e:7e:e3:b8:29:9f:8a:1f:87:
31:68:e4:82:7c:69:92:b6:8d:13:a3:d1:8e:a0:56:6e:8b:8c:
60:06:16:33:d9:ca:bf:5a:14:d2:79:ce:ea:e8:b8:01:82:77:
ad:a3:12:70
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUBLuDNL6JTayrcVaaKJoZCPWx9LUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MjVaFw0yNTA4MjIwODAxMjVaMDMxMTAvBgNV
BAMTKEZFRTRGMjY2MTJDMzQ4RDVFNjM3OEE4MDk3RUQzODkxQTY3ODA4QjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9hsQYS6n/J/BLFhait5UxrkeM
RCKFnN0cTX4KUI1EvCMg8/bZtXyjM3Sil3Zf6cdWGTwuQPgDSpy3k+NmUWqk8vV/
s1/DqoM7FY6UKmlTzkOhOFN6NeRw+wyLTYqv03mH7PwlhvUTq712CEOXCfjYBYQb
JMfeo0Yrf5cEI4FDu2iMTJZzNvpYzB29Pdiaw2X5fhfB7JDOgGghrRyUdsf5VQUJ
aMc2fqr2Ea836J3LER5kJnIChpbLqqrG2Zj7fqinM7k5WXZ+qRjt2eKdYZrqEMa6
rOTCwnKd1OCtTfWPgYKKWdShDrqk1foLZZ2uITGDS67107WXKelxIizWw2INAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU/uTyZhLDSNXmN4qAl+04kaZ4CLEwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjA5NzM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg+F
wQCAMA0GCSqGSIb3DQEBCwUAA4IBAQAhTurrEL3ECgnGueMNuZ4AK93tMj46YDEd
qAwAqadds7vJlDE/PyoM9kbC78pOinhtYPO+bUtK4czQ1hauxartkmo6pgAKc59m
sh1PBJ2TrM8AchWDTjY81CnWIPxABFHglVMeo03cj48L9stIoSP1qZGqI24Gotpd
bBuIKivY7Bs7s711zcqqP5hIySmaCunQJ4ocLPR4X/i81QKLm94jJht+vgcMSNjp
+o4ipmvg0CVBytHRwrk/5qbhtmOVsTWjG7ZPCdikWgTHJVGs+2gufuO4KZ+KH4cx
aOSCfGmSto0To9GOoFZui4xgBhYz2cq/WhTSec7q6LgBgnetoxJw
-----END CERTIFICATE-----
Generated at Thu Nov 21 12:18:36 2024 by rpki-client on console-ams.rpki-client.org