Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214498.roa
File: AS214498.roa (raw, json)
Hash identifier: BrkcI0ibnxROVrkkhiveT0jayzq1OcJcbJF9DI2pURI=
Subject key identifier: AA:2B:DA:BB:9F:B9:E1:3A:D2:FF:E5:F9:31:5B:7B:19:F1:22:4B:33
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 489E6E13B687EE9D04BB8B75329F4C05131A7FDA
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214498.roa
Signing time: Fri 23 Aug 2024 08:01:15 +0000
ROA not before: Fri 23 Aug 2024 07:56:15 +0000
ROA not after: Fri 22 Aug 2025 08:01:15 +0000
asID: 214498
IP address blocks: 195.200.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 02:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:9e:6e:13:b6:87:ee:9d:04:bb:8b:75:32:9f:4c:05:13:1a:7f:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:15 2024 GMT
Not After : Aug 22 08:01:15 2025 GMT
Subject: CN=AA2BDABB9FB9E13AD2FFE5F9315B7B19F1224B33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:6e:c9:03:6d:23:9f:9f:cc:5a:91:d1:03:69:
75:8a:34:72:99:4f:74:b5:73:11:ae:5e:44:19:5f:
f6:bd:91:30:20:ba:2b:16:7d:ab:ee:f2:a2:1b:e2:
c5:ab:80:0f:56:d8:2a:0a:c3:e9:ab:bc:08:9d:74:
39:f3:22:1a:14:6b:e7:ec:cd:9f:87:96:f5:68:eb:
49:18:00:52:80:22:4f:c7:7b:6b:79:4d:27:13:30:
34:0e:ad:da:1c:09:9b:f2:f6:d1:bf:50:ea:a5:a7:
35:b7:1c:09:3a:0c:2c:3b:8d:0b:0d:e4:41:a3:2e:
d5:10:a9:71:6c:4b:30:16:b9:05:34:0d:fa:dd:b6:
9f:4b:07:33:de:6a:5c:09:e0:5e:7f:ac:87:73:32:
53:eb:d5:54:d5:ec:fb:52:a1:69:df:2d:bc:d0:8b:
6e:37:31:37:e1:89:12:e3:32:2e:06:b9:3d:a0:4a:
31:6c:79:85:9d:74:31:fc:f0:04:19:33:94:71:8e:
f9:3a:6a:c4:3e:35:fe:12:f7:17:82:09:72:ab:46:
08:4d:50:a7:0f:53:37:88:11:a7:b2:75:55:55:75:
31:1c:cc:c5:e4:dc:e2:06:65:64:d7:0f:22:19:5b:
c4:7c:f5:55:96:a6:44:e4:6d:e9:a1:ef:8f:4b:8c:
d8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:2B:DA:BB:9F:B9:E1:3A:D2:FF:E5:F9:31:5B:7B:19:F1:22:4B:33
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214498.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.200.20.0/24
Signature Algorithm: sha256WithRSAEncryption
19:32:8f:2b:1e:cb:c3:82:35:79:f9:ee:c5:bc:7e:4f:84:99:
89:b0:1e:4e:42:38:95:08:f4:25:0f:c9:59:9f:02:51:48:61:
70:3e:43:90:60:63:5e:09:61:ed:27:16:6b:52:ec:d5:50:d3:
7f:f2:c4:d3:d7:3c:57:db:c3:f8:87:9b:cb:21:0f:14:d0:03:
b7:a0:f2:df:73:bf:ca:d6:9d:21:45:fc:85:94:5b:b1:b6:30:
a6:49:0f:cf:70:ca:de:85:03:9b:95:38:f8:65:2c:14:31:fa:
fa:28:86:b0:e7:10:b9:97:7e:56:e1:87:fa:94:b9:b8:4d:86:
72:de:58:3d:15:77:3b:2d:0a:d5:b2:0c:0f:a0:e5:40:f9:bc:
f0:f8:9f:66:f8:0a:36:90:d4:74:68:4d:fb:41:b1:23:b4:57:
c4:a8:b8:f7:26:07:b7:11:a4:d0:31:96:b4:2b:dc:7a:11:d2:
6e:f3:c5:b1:6f:2b:b6:4b:85:89:47:72:c3:5c:70:60:ad:0f:
29:63:c1:97:bd:97:36:e7:74:69:65:3b:7b:71:3c:3b:a8:69:
db:c5:43:16:2f:26:d0:20:00:44:21:03:91:f3:78:3d:5c:ee:
a1:74:94:31:4d:be:97:1b:e1:a6:5d:dd:8a:98:62:1f:ec:9a:
45:b1:2f:48
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUSJ5uE7aH7p0Eu4t1Mp9MBRMaf9owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MTVaFw0yNTA4MjIwODAxMTVaMDMxMTAvBgNV
BAMTKEFBMkJEQUJCOUZCOUUxM0FEMkZGRTVGOTMxNUI3QjE5RjEyMjRCMzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlbskDbSOfn8xakdEDaXWKNHKZ
T3S1cxGuXkQZX/a9kTAguisWfavu8qIb4sWrgA9W2CoKw+mrvAiddDnzIhoUa+fs
zZ+HlvVo60kYAFKAIk/He2t5TScTMDQOrdocCZvy9tG/UOqlpzW3HAk6DCw7jQsN
5EGjLtUQqXFsSzAWuQU0Dfrdtp9LBzPealwJ4F5/rIdzMlPr1VTV7PtSoWnfLbzQ
i243MTfhiRLjMi4GuT2gSjFseYWddDH88AQZM5Rxjvk6asQ+Nf4S9xeCCXKrRghN
UKcPUzeIEaeydVVVdTEczMXk3OIGZWTXDyIZW8R89VWWpkTkbemh749LjNiRAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUqivau5+54TrS/+X5MVt7GfEiSzMwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE0NDk4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw8gU
MA0GCSqGSIb3DQEBCwUAA4IBAQAZMo8rHsvDgjV5+e7FvH5PhJmJsB5OQjiVCPQl
D8lZnwJRSGFwPkOQYGNeCWHtJxZrUuzVUNN/8sTT1zxX28P4h5vLIQ8U0AO3oPLf
c7/K1p0hRfyFlFuxtjCmSQ/PcMrehQOblTj4ZSwUMfr6KIaw5xC5l35W4Yf6lLm4
TYZy3lg9FXc7LQrVsgwPoOVA+bzw+J9m+Ao2kNR0aE37QbEjtFfEqLj3Jge3EaTQ
MZa0K9x6EdJu88Wxbyu2S4WJR3LDXHBgrQ8pY8GXvZc253RpZTt7cTw7qGnbxUMW
LybQIABEIQOR83g9XO6hdJQxTb6XG+GmXd2KmGIf7JpFsS9I
-----END CERTIFICATE-----
Generated at Wed Sep 18 11:03:45 2024 by rpki-client on console-ams.rpki-client.org