Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS212844.roa
File: AS212844.roa (raw, json)
Hash identifier: UnCUliu0hJg6o6vhJ23wVlOuW/Elw30q9u9qKTq61Dg=
Subject key identifier: EE:7B:2A:15:E4:AF:56:02:80:DE:18:F2:03:DC:C7:8A:D3:CB:2E:A7
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 332D4BB6DD67040D275CEB0803B0DD1E0FA171E7
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS212844.roa
Signing time: Fri 23 Aug 2024 08:01:19 +0000
ROA not before: Fri 23 Aug 2024 07:56:19 +0000
ROA not after: Fri 22 Aug 2025 08:01:19 +0000
asID: 212844
IP address blocks: 2a0f:85c1:810::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:2d:4b:b6:dd:67:04:0d:27:5c:eb:08:03:b0:dd:1e:0f:a1:71:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:19 2024 GMT
Not After : Aug 22 08:01:19 2025 GMT
Subject: CN=EE7B2A15E4AF560280DE18F203DCC78AD3CB2EA7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7b:cf:ea:c8:51:e0:af:84:8f:08:6d:58:df:
5b:63:e3:75:82:c4:da:ea:53:4f:41:b9:81:d1:02:
94:ea:a5:e2:4c:69:80:20:d3:95:b7:d1:a5:5d:5c:
e4:2c:03:5a:9f:b7:83:0d:f7:e8:57:79:c8:cd:a1:
01:d5:24:d5:74:8c:ea:76:bb:da:03:95:db:24:44:
d4:9c:7a:43:40:cd:b0:97:aa:e7:68:83:d9:32:81:
45:f2:e1:64:71:d9:54:f7:a1:0f:0d:14:cd:6d:4d:
51:ea:54:d7:b7:b8:4d:36:5d:29:79:58:aa:9d:50:
d9:21:ee:c5:67:38:5e:63:e6:ec:d3:b0:69:2f:b0:
69:03:ab:17:98:1b:2b:ba:0c:8d:e1:19:12:2b:56:
08:4b:bf:31:19:25:8b:df:55:4a:11:42:e6:bf:af:
f2:22:cb:9e:80:3e:12:a6:c1:5d:19:31:51:92:a6:
75:6f:ab:79:13:a6:5c:3d:42:70:bf:91:35:8c:d2:
89:33:8c:3c:b5:d5:a3:07:cc:60:a4:cc:ba:e8:9e:
9d:9e:49:ef:80:37:29:73:da:2c:f6:97:88:e4:62:
e0:94:d1:2b:eb:f8:1b:14:e3:38:fd:23:bc:61:97:
ea:fe:29:52:80:6f:2a:39:ad:ca:ef:d8:d9:8f:a1:
c1:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:7B:2A:15:E4:AF:56:02:80:DE:18:F2:03:DC:C7:8A:D3:CB:2E:A7
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS212844.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:810::/48
Signature Algorithm: sha256WithRSAEncryption
40:1b:e0:58:48:d0:88:f5:2f:6d:fe:93:fe:a4:9f:64:a4:41:
b7:e2:5a:24:c8:1d:0e:6a:fe:e8:6e:61:27:d2:a6:08:29:9b:
88:22:f4:a8:b0:a6:d4:16:af:ed:1b:a1:e3:d1:83:48:df:65:
0c:9a:5a:ba:84:49:d3:79:ef:f2:ea:fa:2c:d4:ce:ed:fa:bf:
c5:4d:06:e2:f6:67:55:a5:22:2d:64:8b:fa:16:fb:ba:e3:20:
b8:a0:e5:90:36:c2:5c:79:7c:71:6c:cb:4a:c3:99:b6:cb:d3:
29:39:2e:84:e7:ff:83:ba:88:e1:2e:91:0b:2e:a4:39:3a:e6:
83:6b:89:e3:ca:0b:e7:d3:8b:a7:76:53:c3:93:b1:93:d3:14:
20:72:33:87:c0:76:bf:b9:9f:92:dc:bb:01:67:be:f0:6c:d2:
3c:c6:6c:0c:fd:3f:d6:a6:3f:51:15:4e:e3:a2:10:48:82:58:
41:21:2c:ee:6f:94:b1:41:f3:08:ea:dc:1c:89:e6:1b:f8:c9:
d3:f4:9b:f6:65:49:b4:06:c8:bb:cc:e8:a6:fa:d7:3a:a8:a0:
8b:19:99:50:2d:27:e6:13:61:48:3f:d0:d9:50:74:a7:93:2c:
6a:bb:37:2e:25:83:11:b6:d1:67:ea:d4:4f:c4:8a:0a:9a:5a:
08:d6:ec:76
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUMy1Ltt1nBA0nXOsIA7DdHg+hcecwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MTlaFw0yNTA4MjIwODAxMTlaMDMxMTAvBgNV
BAMTKEVFN0IyQTE1RTRBRjU2MDI4MERFMThGMjAzRENDNzhBRDNDQjJFQTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRe8/qyFHgr4SPCG1Y31tj43WC
xNrqU09BuYHRApTqpeJMaYAg05W30aVdXOQsA1qft4MN9+hXecjNoQHVJNV0jOp2
u9oDldskRNScekNAzbCXqudog9kygUXy4WRx2VT3oQ8NFM1tTVHqVNe3uE02XSl5
WKqdUNkh7sVnOF5j5uzTsGkvsGkDqxeYGyu6DI3hGRIrVghLvzEZJYvfVUoRQua/
r/Iiy56APhKmwV0ZMVGSpnVvq3kTplw9QnC/kTWM0okzjDy11aMHzGCkzLronp2e
Se+ANylz2iz2l4jkYuCU0Svr+BsU4zj9I7xhl+r+KVKAbyo5rcrv2NmPocF3AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU7nsqFeSvVgKA3hjyA9zHitPLLqcwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjEyODQ0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQgQMA0GCSqGSIb3DQEBCwUAA4IBAQBAG+BYSNCI9S9t/pP+pJ9kpEG34lokyB0O
av7obmEn0qYIKZuIIvSosKbUFq/tG6Hj0YNI32UMmlq6hEnTee/y6vos1M7t+r/F
TQbi9mdVpSItZIv6Fvu64yC4oOWQNsJceXxxbMtKw5m2y9MpOS6E5/+DuojhLpEL
LqQ5OuaDa4njygvn04undlPDk7GT0xQgcjOHwHa/uZ+S3LsBZ77wbNI8xmwM/T/W
pj9RFU7johBIglhBISzub5SxQfMI6twcieYb+MnT9Jv2ZUm0Bsi7zOim+tc6qKCL
GZlQLSfmE2FIP9DZUHSnkyxquzcuJYMRttFn6tRPxIoKmloI1ux2
-----END CERTIFICATE-----
Generated at Thu Sep 19 13:52:02 2024 by rpki-client on console-fra.rpki-client.org