Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214337.roa
File: AS214337.roa (raw, json)
Hash identifier: I9KKaftVY5n2q7nnL5Ou/qk4yw5+nuTWynittoeD3Lc=
Subject key identifier: 5C:FC:88:DB:2C:17:0E:61:1E:54:27:E2:3A:09:E3:9A:90:F8:02:B9
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 353D5E924D758A145D48B14573AF1705394FF1CA
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214337.roa
Signing time: Mon 02 Sep 2024 15:49:08 +0000
ROA not before: Mon 02 Sep 2024 15:44:08 +0000
ROA not after: Mon 01 Sep 2025 15:49:08 +0000
asID: 214337
IP address blocks: 2a0f:85c1:88e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:3d:5e:92:4d:75:8a:14:5d:48:b1:45:73:af:17:05:39:4f:f1:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Sep 2 15:44:08 2024 GMT
Not After : Sep 1 15:49:08 2025 GMT
Subject: CN=5CFC88DB2C170E611E5427E23A09E39A90F802B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b3:2c:a5:d9:64:3e:de:bd:8e:13:6d:58:a8:
f4:77:1c:03:e4:1a:7f:06:0d:da:6e:52:c9:74:59:
8b:51:12:d5:9c:c3:6f:73:2a:4e:5e:28:71:ef:d9:
2c:8b:f4:80:a4:0c:ed:b9:0e:b6:86:d1:ec:da:82:
c7:07:ef:cb:2d:63:a8:15:66:10:e3:1a:c6:99:ea:
86:1b:1a:fe:48:80:f9:f0:60:d1:22:d6:7a:2a:da:
b0:7d:6e:fa:ad:8a:a6:96:5e:e9:31:82:a0:6e:ce:
4e:27:bc:7d:82:eb:9d:c9:ab:b9:6b:a0:d3:2d:74:
b3:ba:69:0c:f5:37:47:ca:1f:89:50:95:16:ac:5f:
4a:10:00:4d:ae:ee:93:54:2b:12:19:89:ee:ed:42:
32:17:60:8e:50:5a:13:e4:15:d0:81:69:47:19:f2:
1e:4e:ee:a4:67:5f:d3:5e:b2:bb:94:c9:08:4f:ed:
d9:bd:4c:c3:81:82:e5:0e:8c:08:e3:8b:af:c8:8d:
2f:2a:5e:96:a1:bb:5e:b8:46:0f:1a:8b:4c:9c:81:
25:34:58:28:43:5e:78:4c:15:ab:a4:1f:ad:12:23:
f7:61:5b:60:32:6f:8b:c7:91:a9:39:af:a5:37:c7:
44:69:1c:c6:7d:3b:1e:1b:7e:e3:8e:42:7a:7f:74:
a0:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:FC:88:DB:2C:17:0E:61:1E:54:27:E2:3A:09:E3:9A:90:F8:02:B9
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:88e::/48
Signature Algorithm: sha256WithRSAEncryption
6b:a7:a1:84:c8:80:bb:03:a9:47:58:71:b4:ba:60:61:b1:8f:
53:cc:6f:59:98:f1:eb:c1:a5:5a:76:a8:e4:5f:81:70:0b:8a:
3b:53:c2:6a:64:e3:59:78:d6:ba:9f:e4:f0:66:31:18:eb:f9:
1e:eb:91:9e:49:5f:52:50:7e:c9:51:52:ff:f6:b4:8b:39:7e:
09:94:94:cc:f7:d4:b1:7f:50:30:b2:bf:ce:0a:e5:3c:1e:70:
5e:83:2d:b7:2a:53:25:4d:fe:64:50:9d:06:28:0b:b7:5a:cd:
36:98:cd:1b:de:a5:72:5a:75:23:ce:24:1e:a8:ac:3f:b7:99:
c7:79:c2:fc:b5:16:f1:80:6f:f6:04:c2:8f:75:e1:e3:29:a7:
9f:85:bd:de:b8:71:5b:21:a0:de:34:d5:0c:c2:55:86:e3:47:
31:83:ae:d3:e8:bf:2f:c8:97:c9:76:8f:8a:59:92:de:d6:be:
3e:a9:f2:a1:3a:68:4a:47:e6:84:bf:73:08:1c:75:9d:c4:bc:
dc:c8:13:f7:ef:1c:5e:c4:86:e5:a0:07:9c:a5:20:4f:cc:90:
d9:9f:e9:37:94:df:94:0c:28:17:55:9d:8a:bc:29:e1:a6:9d:
4f:a1:6e:28:cf:70:f7:6a:18:cf:c1:d6:13:01:d5:88:6f:a9:
8f:8f:2d:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUNT1ekk11ihRdSLFFc68XBTlP8cowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA5MDIxNTQ0MDhaFw0yNTA5MDExNTQ5MDhaMDMxMTAvBgNV
BAMTKDVDRkM4OERCMkMxNzBFNjExRTU0MjdFMjNBMDlFMzlBOTBGODAyQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3syyl2WQ+3r2OE21YqPR3HAPk
Gn8GDdpuUsl0WYtREtWcw29zKk5eKHHv2SyL9ICkDO25DraG0ezagscH78stY6gV
ZhDjGsaZ6oYbGv5IgPnwYNEi1noq2rB9bvqtiqaWXukxgqBuzk4nvH2C653Jq7lr
oNMtdLO6aQz1N0fKH4lQlRasX0oQAE2u7pNUKxIZie7tQjIXYI5QWhPkFdCBaUcZ
8h5O7qRnX9NesruUyQhP7dm9TMOBguUOjAjji6/IjS8qXpahu164Rg8ai0ycgSU0
WChDXnhMFaukH60SI/dhW2Ayb4vHkak5r6U3x0RpHMZ9Ox4bfuOOQnp/dKChAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUXPyI2ywXDmEeVCfiOgnjmpD4ArkwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE0MzM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQiOMA0GCSqGSIb3DQEBCwUAA4IBAQBrp6GEyIC7A6lHWHG0umBhsY9TzG9ZmPHr
waVadqjkX4FwC4o7U8JqZONZeNa6n+TwZjEY6/ke65GeSV9SUH7JUVL/9rSLOX4J
lJTM99Sxf1Awsr/OCuU8HnBegy23KlMlTf5kUJ0GKAu3Ws02mM0b3qVyWnUjziQe
qKw/t5nHecL8tRbxgG/2BMKPdeHjKaefhb3euHFbIaDeNNUMwlWG40cxg67T6L8v
yJfJdo+KWZLe1r4+qfKhOmhKR+aEv3MIHHWdxLzcyBP37xxexIbloAecpSBPzJDZ
n+k3lN+UDCgXVZ2KvCnhpp1PoW4oz3D3ahjPwdYTAdWIb6mPjy3a
-----END CERTIFICATE-----
Generated at Sat Nov 23 16:20:22 2024 by rpki-client on console-fra.rpki-client.org