Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214451.roa
File: AS214451.roa (raw, json)
Hash identifier: 3H9yYQbo5dSkR85M8JrkRlPR2NOughdxb5CP4YzSY78=
Subject key identifier: CD:6F:34:3B:AF:AE:37:E1:7B:DB:BD:65:15:B9:AE:67:A8:57:40:2A
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 3F6DD454D2D961F241D6E0EA198C3B5D727DF307
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214451.roa
Signing time: Fri 23 Aug 2024 08:01:25 +0000
ROA not before: Fri 23 Aug 2024 07:56:25 +0000
ROA not after: Fri 22 Aug 2025 08:01:25 +0000
asID: 214451
IP address blocks: 2a0f:85c1:846::/48 maxlen: 48
2a0f:85c1:870::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:6d:d4:54:d2:d9:61:f2:41:d6:e0:ea:19:8c:3b:5d:72:7d:f3:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:25 2024 GMT
Not After : Aug 22 08:01:25 2025 GMT
Subject: CN=CD6F343BAFAE37E17BDBBD6515B9AE67A857402A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:27:c5:16:99:b4:5c:c4:1f:48:aa:9d:15:fd:
10:55:ec:84:5a:02:4f:43:21:09:ef:e0:47:de:12:
a2:33:94:20:e9:d6:6d:d1:63:4f:3a:87:a8:da:2e:
62:68:68:5b:b8:c2:a8:e7:5e:ce:d8:ca:48:63:5e:
17:a4:c2:8c:b5:c7:a8:8e:fa:d4:f7:82:13:07:6f:
7e:bb:b2:08:35:02:ba:91:6d:74:fa:19:ed:07:77:
1c:58:e3:fd:e8:c4:28:a4:4a:52:c1:9b:14:12:01:
9a:97:d3:bc:2b:f7:83:ba:99:a0:f7:ae:c4:e0:ea:
5c:a6:5f:78:90:d1:c6:07:29:c6:7e:b2:4d:1b:55:
5b:7e:31:05:85:7b:58:ff:61:0f:ca:3d:66:8c:bd:
3d:9d:2b:3c:87:98:eb:c1:49:6c:17:cc:cb:62:d6:
7e:2a:12:4e:c3:38:03:f6:33:b9:88:46:e4:ef:87:
fc:b5:b1:7d:54:8c:b6:8a:d0:d0:b9:bb:42:33:98:
ab:a8:63:37:33:de:07:39:d9:91:de:2f:97:19:b7:
f8:11:38:0d:84:46:f8:6d:91:ab:35:7f:f7:52:68:
25:32:b9:7c:a2:2a:7e:a2:6c:2e:5e:13:02:5f:29:
a3:36:e4:5d:d1:49:0f:cb:b6:ea:45:18:7d:53:e1:
54:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:6F:34:3B:AF:AE:37:E1:7B:DB:BD:65:15:B9:AE:67:A8:57:40:2A
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214451.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:846::/48
2a0f:85c1:870::/44
Signature Algorithm: sha256WithRSAEncryption
41:0f:8d:60:8e:a4:4a:ff:f5:84:c6:2d:71:b4:52:3f:ab:84:
92:03:bd:e2:71:47:4c:5f:3f:39:17:ac:77:e8:85:e8:d8:cd:
28:10:7b:65:7e:f0:95:72:37:ad:6b:98:8c:0d:19:44:e9:02:
18:9e:43:2a:13:cb:ad:05:60:11:ba:18:b9:22:c9:c7:a1:16:
d3:e9:a5:b3:9a:87:b3:17:15:cb:08:f1:8a:b2:07:e6:cf:7c:
74:9e:1c:84:f6:64:e1:f6:7f:38:72:21:03:ba:49:26:87:c7:
5f:85:f6:6f:6e:f6:f8:51:39:39:c7:c8:0a:f3:c5:f0:c1:6b:
f8:a2:31:64:2a:31:f7:16:87:41:2a:57:8f:d9:58:92:c8:21:
f9:ad:fd:b2:35:7d:b3:b7:02:ae:d8:85:bd:b2:5d:12:f9:71:
df:3d:62:8e:a7:6f:f2:a7:54:52:19:66:a8:5b:eb:3d:cb:10:
06:74:6f:b6:7f:29:35:50:07:11:7f:df:65:79:dc:d5:ee:de:
01:70:28:66:73:3c:6a:6e:b0:f6:a9:d0:96:6f:27:53:0e:f2:
19:36:00:dc:b8:e3:d8:33:a5:74:40:e6:4b:2b:98:b9:1d:01:
e3:8b:32:0c:56:d3:eb:1a:e1:4f:cd:67:89:62:dc:aa:06:72:
23:25:3e:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUP23UVNLZYfJB1uDqGYw7XXJ98wcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MjVaFw0yNTA4MjIwODAxMjVaMDMxMTAvBgNV
BAMTKENENkYzNDNCQUZBRTM3RTE3QkRCQkQ2NTE1QjlBRTY3QTg1NzQwMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaJ8UWmbRcxB9Iqp0V/RBV7IRa
Ak9DIQnv4EfeEqIzlCDp1m3RY086h6jaLmJoaFu4wqjnXs7YykhjXhekwoy1x6iO
+tT3ghMHb367sgg1ArqRbXT6Ge0HdxxY4/3oxCikSlLBmxQSAZqX07wr94O6maD3
rsTg6lymX3iQ0cYHKcZ+sk0bVVt+MQWFe1j/YQ/KPWaMvT2dKzyHmOvBSWwXzMti
1n4qEk7DOAP2M7mIRuTvh/y1sX1UjLaK0NC5u0IzmKuoYzcz3gc52ZHeL5cZt/gR
OA2ERvhtkas1f/dSaCUyuXyiKn6ibC5eEwJfKaM25F3RSQ/LtupFGH1T4VQ1AgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUzW80O6+uN+F7271lFbmuZ6hXQCowHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE0NDUxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg+F
wQhGAwcEKg+FwQhwMA0GCSqGSIb3DQEBCwUAA4IBAQBBD41gjqRK//WExi1xtFI/
q4SSA73icUdMXz85F6x36IXo2M0oEHtlfvCVcjeta5iMDRlE6QIYnkMqE8utBWAR
uhi5IsnHoRbT6aWzmoezFxXLCPGKsgfmz3x0nhyE9mTh9n84ciEDukkmh8dfhfZv
bvb4UTk5x8gK88XwwWv4ojFkKjH3FodBKleP2ViSyCH5rf2yNX2ztwKu2IW9sl0S
+XHfPWKOp2/yp1RSGWaoW+s9yxAGdG+2fyk1UAcRf99ledzV7t4BcChmczxqbrD2
qdCWbydTDvIZNgDcuOPYM6V0QOZLK5i5HQHjizIMVtPrGuFPzWeJYtyqBnIjJT53
-----END CERTIFICATE-----
Generated at Thu Nov 21 12:18:36 2024 by rpki-client on console-ams.rpki-client.org