Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214478.roa
File: AS214478.roa (raw, json)
Hash identifier: yZUd9r5O0JFPSKBjjKrCw1GeVgJpRrB3Yl6L2d7ciDg=
Subject key identifier: 18:26:DE:E1:A8:6F:0C:77:D3:5B:07:45:FE:C2:15:D5:4D:27:E5:F7
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 1DD941F481AC42BDCFE6F9C66658CC9488B86014
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214478.roa
Signing time: Fri 23 Aug 2024 08:01:21 +0000
ROA not before: Fri 23 Aug 2024 07:56:21 +0000
ROA not after: Fri 22 Aug 2025 08:01:21 +0000
asID: 214478
IP address blocks: 2a0f:85c1:841::/48 maxlen: 48
2a0f:85c1:860::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 02:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:d9:41:f4:81:ac:42:bd:cf:e6:f9:c6:66:58:cc:94:88:b8:60:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:21 2024 GMT
Not After : Aug 22 08:01:21 2025 GMT
Subject: CN=1826DEE1A86F0C77D35B0745FEC215D54D27E5F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:cf:be:d6:b0:9b:52:05:2b:7f:98:f9:51:88:
95:1c:34:d0:fa:c7:57:bb:b6:84:93:d1:38:d2:34:
82:0c:74:8d:95:a5:1d:f4:83:ec:ba:32:ac:1a:62:
75:f0:61:f6:71:18:93:5b:53:5e:98:ce:1e:77:d4:
b0:fd:61:95:e1:a9:71:11:b4:a7:5a:06:9c:19:f8:
fe:13:69:93:f2:88:90:c7:bd:90:2e:28:01:b3:22:
c0:9f:62:9e:5c:6a:1b:04:1f:02:ae:d0:7a:e3:e7:
20:94:59:5a:37:d5:e9:e2:63:cc:25:df:5c:ed:86:
ae:e5:53:0f:fc:e9:28:3b:34:95:dd:4f:dd:65:4d:
2e:d4:0b:1a:a5:3f:5e:66:2a:c7:22:19:5e:a5:10:
c8:7c:9c:ad:53:41:54:02:42:01:64:b3:84:d1:bb:
38:ba:99:47:71:8d:5e:d3:86:a5:e1:9b:81:60:e9:
0b:7d:03:94:2b:aa:65:97:5f:7f:04:81:ed:ce:36:
18:d8:cf:95:d3:27:be:e4:75:5f:4d:82:38:d1:c7:
52:12:f1:ff:47:f5:68:80:e0:fb:f5:92:11:95:84:
d3:c0:40:3f:93:d0:35:ec:be:2f:62:3c:92:8b:5d:
2f:2d:b0:09:2f:0b:df:39:d2:37:4e:16:35:98:9c:
18:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:26:DE:E1:A8:6F:0C:77:D3:5B:07:45:FE:C2:15:D5:4D:27:E5:F7
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214478.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:841::/48
2a0f:85c1:860::/44
Signature Algorithm: sha256WithRSAEncryption
ee:8e:f6:f6:25:78:63:87:3c:40:fa:f2:96:3f:0e:3c:e5:1e:
8f:af:29:ef:c5:77:56:d0:f9:c0:ed:aa:ed:eb:17:25:93:01:
7d:1a:06:da:88:0c:c3:14:06:db:f9:b6:12:10:5f:45:05:52:
c1:4e:41:4b:27:dd:44:e3:04:18:5c:46:17:97:58:e3:37:36:
b3:04:65:55:e1:36:28:d8:af:55:40:b0:65:52:f8:92:9b:c3:
73:34:ce:a5:1a:aa:89:de:f9:d2:00:86:55:e9:c2:45:37:e2:
7e:f1:6f:96:93:41:41:75:8e:76:74:7b:5d:b9:cc:d4:36:f0:
70:37:ae:bb:99:be:85:9b:fa:7b:4e:61:a7:61:17:27:f4:65:
c4:bf:a7:b4:78:6f:8a:9d:1c:c6:60:e3:c2:b8:d2:70:a6:29:
e5:8f:7f:13:6b:ce:0a:2d:ba:6a:e3:6b:2d:b1:21:60:c3:d7:
7a:19:17:3c:d8:93:e0:49:77:a7:87:c0:9c:36:03:cd:17:28:
74:cd:64:30:56:b4:fc:d9:75:91:d7:a1:87:42:fc:de:7f:bb:
3d:27:c5:50:fa:94:2a:33:df:d4:48:08:9f:b7:0f:76:dc:53:
45:d1:f7:41:f4:57:61:fd:53:a8:18:21:37:7c:60:e0:ce:b0:
fa:5c:be:ec
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUHdlB9IGsQr3P5vnGZljMlIi4YBQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MjFaFw0yNTA4MjIwODAxMjFaMDMxMTAvBgNV
BAMTKDE4MjZERUUxQTg2RjBDNzdEMzVCMDc0NUZFQzIxNUQ1NEQyN0U1RjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoz77WsJtSBSt/mPlRiJUcNND6
x1e7toST0TjSNIIMdI2VpR30g+y6MqwaYnXwYfZxGJNbU16Yzh531LD9YZXhqXER
tKdaBpwZ+P4TaZPyiJDHvZAuKAGzIsCfYp5cahsEHwKu0Hrj5yCUWVo31eniY8wl
31zthq7lUw/86Sg7NJXdT91lTS7UCxqlP15mKsciGV6lEMh8nK1TQVQCQgFks4TR
uzi6mUdxjV7ThqXhm4Fg6Qt9A5QrqmWXX38Ege3ONhjYz5XTJ77kdV9NgjjRx1IS
8f9H9WiA4Pv1khGVhNPAQD+T0DXsvi9iPJKLXS8tsAkvC9850jdOFjWYnBhhAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUGCbe4ahvDHfTWwdF/sIV1U0n5fcwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE0NDc4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg+F
wQhBAwcEKg+FwQhgMA0GCSqGSIb3DQEBCwUAA4IBAQDujvb2JXhjhzxA+vKWPw48
5R6PrynvxXdW0PnA7art6xclkwF9GgbaiAzDFAbb+bYSEF9FBVLBTkFLJ91E4wQY
XEYXl1jjNzazBGVV4TYo2K9VQLBlUviSm8NzNM6lGqqJ3vnSAIZV6cJFN+J+8W+W
k0FBdY52dHtduczUNvBwN667mb6Fm/p7TmGnYRcn9GXEv6e0eG+KnRzGYOPCuNJw
pinlj38Ta84KLbpq42stsSFgw9d6GRc82JPgSXenh8CcNgPNFyh0zWQwVrT82XWR
16GHQvzef7s9J8VQ+pQqM9/USAiftw923FNF0fdB9Fdh/VOoGCE3fGDgzrD6XL7s
-----END CERTIFICATE-----
Generated at Wed Sep 18 12:51:44 2024 by rpki-client on console-fra.rpki-client.org