Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214340.roa
File: AS214340.roa (raw, json)
Hash identifier: Mov96zDKR7mTZxOPk3Hvp6bl8cY0I/2VgtSbgXTu+A0=
Subject key identifier: 65:DB:7D:D2:05:D0:1F:5F:BF:07:0C:A7:1F:86:99:9F:6C:ED:9E:4F
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 2CEC0209565EC48A1E91A7C5FF50CD6F4FF0C299
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214340.roa
Signing time: Fri 23 Aug 2024 08:01:20 +0000
ROA not before: Fri 23 Aug 2024 07:56:20 +0000
ROA not after: Fri 22 Aug 2025 08:01:20 +0000
asID: 214340
IP address blocks: 2a0f:85c1:889::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:ec:02:09:56:5e:c4:8a:1e:91:a7:c5:ff:50:cd:6f:4f:f0:c2:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:20 2024 GMT
Not After : Aug 22 08:01:20 2025 GMT
Subject: CN=65DB7DD205D01F5FBF070CA71F86999F6CED9E4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c3:f6:86:da:aa:5c:0c:ca:29:fd:bf:83:3d:
1b:a4:3d:29:0b:8a:03:9b:bc:0f:a7:7f:e5:44:1b:
72:f2:33:76:30:7a:08:40:cd:47:73:1a:fa:85:15:
6c:e9:e9:02:3a:87:d6:9b:59:f1:76:fd:9b:e7:03:
57:44:66:39:81:dd:85:e5:30:23:53:6d:99:d9:01:
c1:3e:fa:67:e9:a7:57:f1:bf:01:dd:19:b3:d7:f3:
b1:3b:ed:b9:98:5e:69:fe:71:c9:ff:a6:21:75:b1:
66:a1:e0:ac:e9:47:8b:e8:78:c6:03:13:0d:a4:2a:
87:9b:c3:80:43:54:f4:f3:e4:0a:65:f4:8a:6e:01:
30:e9:ba:82:ce:33:96:de:9c:92:6f:c5:a9:41:80:
84:03:3a:f8:6c:4f:16:2f:b9:4e:ca:e1:ec:50:db:
31:81:94:db:cb:f8:a3:b6:97:51:aa:a3:e0:d7:13:
cd:84:16:cb:f9:a6:15:7c:18:64:65:86:81:7e:e7:
98:5a:bf:55:d0:ff:54:44:36:19:2f:72:d9:e8:eb:
11:b4:09:40:29:04:ae:8e:06:bb:27:ff:e1:ce:99:
df:d9:73:39:41:e9:b3:43:44:ed:a0:21:78:ae:49:
06:f1:b1:8d:1e:56:bd:8c:f5:8d:30:23:e5:68:63:
aa:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:DB:7D:D2:05:D0:1F:5F:BF:07:0C:A7:1F:86:99:9F:6C:ED:9E:4F
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214340.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:889::/48
Signature Algorithm: sha256WithRSAEncryption
b9:b3:ef:1e:9c:b8:14:ed:a9:d2:e4:15:19:34:b4:88:bf:f4:
e8:70:87:5e:7c:f2:05:33:61:f9:3e:99:64:4a:ed:b2:b5:8a:
78:8c:61:d1:84:34:5c:8c:fa:6a:7d:5f:7b:62:a8:b7:8b:23:
14:0a:6a:a9:39:77:57:5e:ce:4d:fc:76:3f:c7:6f:99:eb:02:
35:28:f9:53:9f:9f:96:91:23:37:0d:07:34:31:3d:67:0d:4e:
86:d3:fc:af:51:c9:b3:f1:a9:37:67:ff:fd:d8:57:2e:22:60:
22:e3:12:f8:75:8a:dc:1f:bf:24:76:0c:43:d8:46:62:81:e5:
6d:b6:e5:b3:71:73:90:1b:49:55:06:8f:ba:6d:b6:21:c3:15:
7a:1a:2f:d1:03:13:06:85:5a:0c:46:62:06:76:09:54:fd:d0:
69:06:12:e9:98:82:43:6d:f4:fd:05:ff:e5:c1:98:ab:0d:0a:
94:f9:a8:d8:5c:57:d0:35:d8:fb:ee:f8:3e:73:3a:68:0c:78:
d1:21:13:56:55:1a:e8:72:cb:b9:2a:3d:c0:2c:3a:32:71:08:
fa:8a:65:79:b8:c0:2b:34:f3:3b:d9:18:1d:fc:34:d0:d6:73:
c3:5b:e7:6c:57:20:20:5e:de:17:d9:8a:5f:cf:92:7d:24:8a:
3c:0c:e8:a8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIULOwCCVZexIoekafF/1DNb0/wwpkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MjBaFw0yNTA4MjIwODAxMjBaMDMxMTAvBgNV
BAMTKDY1REI3REQyMDVEMDFGNUZCRjA3MENBNzFGODY5OTlGNkNFRDlFNEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfw/aG2qpcDMop/b+DPRukPSkL
igObvA+nf+VEG3LyM3YweghAzUdzGvqFFWzp6QI6h9abWfF2/ZvnA1dEZjmB3YXl
MCNTbZnZAcE++mfpp1fxvwHdGbPX87E77bmYXmn+ccn/piF1sWah4KzpR4voeMYD
Ew2kKoebw4BDVPTz5Apl9IpuATDpuoLOM5benJJvxalBgIQDOvhsTxYvuU7K4exQ
2zGBlNvL+KO2l1Gqo+DXE82EFsv5phV8GGRlhoF+55hav1XQ/1RENhkvctno6xG0
CUApBK6OBrsn/+HOmd/ZczlB6bNDRO2gIXiuSQbxsY0eVr2M9Y0wI+VoY6p5AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUZdt90gXQH1+/BwynH4aZn2ztnk8wHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE0MzQwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQiJMA0GCSqGSIb3DQEBCwUAA4IBAQC5s+8enLgU7anS5BUZNLSIv/TocIdefPIF
M2H5PplkSu2ytYp4jGHRhDRcjPpqfV97Yqi3iyMUCmqpOXdXXs5N/HY/x2+Z6wI1
KPlTn5+WkSM3DQc0MT1nDU6G0/yvUcmz8ak3Z//92FcuImAi4xL4dYrcH78kdgxD
2EZigeVttuWzcXOQG0lVBo+6bbYhwxV6Gi/RAxMGhVoMRmIGdglU/dBpBhLpmIJD
bfT9Bf/lwZirDQqU+ajYXFfQNdj77vg+czpoDHjRIRNWVRrocsu5Kj3ALDoycQj6
imV5uMArNPM72Rgd/DTQ1nPDW+dsVyAgXt4X2Ypfz5J9JIo8DOio
-----END CERTIFICATE-----
Generated at Thu Nov 21 12:18:36 2024 by rpki-client on console-ams.rpki-client.org