Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214546.roa
File: AS214546.roa (raw, json)
Hash identifier: pkLGKJ9CCFsCyE8S076hJnkQU7D+76Ojb7cEJt4JNgM=
Subject key identifier: EF:46:7F:9F:46:B8:48:F1:0B:E4:90:F2:49:63:AB:16:7C:BB:8B:7D
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 67B5E8A1EBF62A30859FC702EDA78048788DB79C
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214546.roa
Signing time: Fri 23 Aug 2024 08:01:18 +0000
ROA not before: Fri 23 Aug 2024 07:56:18 +0000
ROA not after: Fri 22 Aug 2025 08:01:18 +0000
asID: 214546
IP address blocks: 2a0f:85c1:829::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:b5:e8:a1:eb:f6:2a:30:85:9f:c7:02:ed:a7:80:48:78:8d:b7:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:18 2024 GMT
Not After : Aug 22 08:01:18 2025 GMT
Subject: CN=EF467F9F46B848F10BE490F24963AB167CBB8B7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ce:c8:c8:ac:5b:84:0e:d4:9e:99:cf:55:72:
0c:a3:5c:06:99:2f:80:ce:c8:aa:28:2b:aa:07:26:
ba:9b:16:1b:7b:28:f2:57:a8:2d:13:eb:f8:e6:65:
56:e5:0f:51:43:d3:9f:39:d8:8e:a2:16:84:27:1f:
4a:13:2d:d9:5b:8b:1e:d6:2c:e9:ef:a4:29:a9:f0:
9d:a4:d3:85:a6:dc:fe:ea:06:c2:24:5d:a2:8f:a6:
74:ac:4a:d4:4b:a4:b2:41:c3:d4:fb:4a:ae:73:38:
d8:e1:b0:0b:46:6f:21:47:24:41:6b:e2:21:14:6c:
14:aa:e7:e4:62:46:a8:b1:56:19:56:a9:f7:8f:a0:
4d:af:9f:74:26:c5:d3:44:46:d9:5c:cd:00:da:e3:
3d:e8:9a:3d:33:c1:8e:90:79:e9:0a:3c:f5:69:a8:
e8:8a:ad:7a:40:71:db:bd:8b:aa:4a:fa:4e:eb:ac:
5b:27:50:4d:0f:2c:f9:45:f6:90:af:e2:bd:a3:d8:
14:cf:02:ba:8e:d7:13:d8:04:ee:b1:32:b7:d8:1d:
40:24:86:85:64:40:7d:05:96:7b:de:29:0c:3f:ee:
86:ef:df:61:35:c8:83:71:45:4b:54:a6:f2:49:19:
b2:2e:20:8b:40:4c:cf:7f:c2:72:f3:38:7a:5b:3e:
ce:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:46:7F:9F:46:B8:48:F1:0B:E4:90:F2:49:63:AB:16:7C:BB:8B:7D
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214546.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:829::/48
Signature Algorithm: sha256WithRSAEncryption
da:f8:8a:39:86:05:01:16:a2:67:da:a3:4d:87:4e:f9:09:b2:
3f:a3:53:98:52:da:c1:71:2a:b6:eb:1a:d6:2c:c1:da:a9:12:
34:df:cd:e7:6d:df:79:1f:22:38:fe:1f:e0:2c:16:e0:4f:1f:
b2:1d:e0:26:73:24:49:05:b7:02:95:5d:fe:94:58:26:b1:43:
50:d8:2f:24:25:4e:51:d4:3a:03:cf:25:08:bd:58:55:37:0f:
7d:68:f5:df:96:d1:ca:02:a0:96:f5:ff:a0:ef:e3:04:68:19:
bc:3a:c0:e1:9d:66:da:35:42:32:7c:c4:13:e0:f0:3b:9a:e9:
af:5a:5b:3b:8d:03:64:e7:7d:3d:92:05:06:44:aa:a3:4c:a8:
1c:de:3f:2b:0d:d1:a1:62:22:5d:bc:11:5f:fc:a9:d4:3d:a4:
59:31:90:c0:40:4b:9b:3c:a0:d0:ad:d7:21:c1:4a:4e:4d:db:
1e:56:78:82:1f:3d:0e:8a:38:2b:a6:1a:9c:ee:f2:48:e0:63:
63:6e:91:87:42:9f:46:b1:81:21:90:f5:34:aa:e8:99:a1:b6:
6a:20:6c:40:ec:52:f0:e7:88:8b:17:17:c2:8b:45:50:79:23:
6b:ab:93:af:52:8d:22:3d:1b:2c:76:d4:e2:66:6a:d3:27:20:
9c:a6:8f:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUZ7Xooev2KjCFn8cC7aeASHiNt5wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MThaFw0yNTA4MjIwODAxMThaMDMxMTAvBgNV
BAMTKEVGNDY3RjlGNDZCODQ4RjEwQkU0OTBGMjQ5NjNBQjE2N0NCQjhCN0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkzsjIrFuEDtSemc9VcgyjXAaZ
L4DOyKooK6oHJrqbFht7KPJXqC0T6/jmZVblD1FD05852I6iFoQnH0oTLdlbix7W
LOnvpCmp8J2k04Wm3P7qBsIkXaKPpnSsStRLpLJBw9T7Sq5zONjhsAtGbyFHJEFr
4iEUbBSq5+RiRqixVhlWqfePoE2vn3QmxdNERtlczQDa4z3omj0zwY6QeekKPPVp
qOiKrXpAcdu9i6pK+k7rrFsnUE0PLPlF9pCv4r2j2BTPArqO1xPYBO6xMrfYHUAk
hoVkQH0FlnveKQw/7obv32E1yINxRUtUpvJJGbIuIItATM9/wnLzOHpbPs5bAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU70Z/n0a4SPEL5JDySWOrFny7i30wHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE0NTQ2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQgpMA0GCSqGSIb3DQEBCwUAA4IBAQDa+Io5hgUBFqJn2qNNh075CbI/o1OYUtrB
cSq26xrWLMHaqRI0383nbd95HyI4/h/gLBbgTx+yHeAmcyRJBbcClV3+lFgmsUNQ
2C8kJU5R1DoDzyUIvVhVNw99aPXfltHKAqCW9f+g7+MEaBm8OsDhnWbaNUIyfMQT
4PA7mumvWls7jQNk5309kgUGRKqjTKgc3j8rDdGhYiJdvBFf/KnUPaRZMZDAQEub
PKDQrdchwUpOTdseVniCHz0Oijgrphqc7vJI4GNjbpGHQp9GsYEhkPU0quiZobZq
IGxA7FLw54iLFxfCi0VQeSNrq5OvUo0iPRssdtTiZmrTJyCcpo8b
-----END CERTIFICATE-----
Generated at Thu Nov 21 12:08:36 2024 by rpki-client on console-fra.rpki-client.org