Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214565.roa
File: AS214565.roa (raw, json)
Hash identifier: az4XdPv858+I71DSnqmPLDuLknTHanSSk/Pl/dXxCX0=
Subject key identifier: 59:73:92:8D:02:22:C7:41:AA:C3:92:21:94:B8:A9:B2:E7:F4:43:0C
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 7612E79D7DA62E64889D6ACD5DBB31E58FE32A3B
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214565.roa
Signing time: Fri 23 Aug 2024 08:01:24 +0000
ROA not before: Fri 23 Aug 2024 07:56:24 +0000
ROA not after: Fri 22 Aug 2025 08:01:24 +0000
asID: 214565
IP address blocks: 2a0f:85c1:832::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 02:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:12:e7:9d:7d:a6:2e:64:88:9d:6a:cd:5d:bb:31:e5:8f:e3:2a:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:24 2024 GMT
Not After : Aug 22 08:01:24 2025 GMT
Subject: CN=5973928D0222C741AAC3922194B8A9B2E7F4430C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e9:fa:f1:d9:7c:a9:43:cb:ca:24:94:d6:8f:
92:61:d9:d6:87:27:19:c5:a8:50:cf:d9:63:3e:35:
88:f2:63:e9:97:95:dd:06:50:99:27:a0:50:7a:c3:
18:3d:9c:5e:3a:ae:87:ae:e3:9b:ed:63:b5:5e:47:
d7:23:cc:2e:fe:07:9f:22:4a:fb:73:e5:80:c2:aa:
3d:2c:3f:30:8a:13:2d:b5:67:7b:06:18:ea:27:9e:
da:88:85:01:de:23:51:b4:43:f5:5c:b6:da:39:93:
7a:d9:10:f9:e5:45:76:42:d8:0e:35:1b:e9:2e:c5:
2c:aa:ad:e8:cc:48:46:75:6d:bb:88:ae:63:19:47:
11:81:b3:68:1d:81:77:d3:f5:ff:c9:2e:81:f5:81:
b7:fc:0f:15:93:cd:e5:af:9e:bc:79:6d:dd:ac:1e:
8f:8c:f1:a3:42:0b:e8:59:ea:b9:84:5b:1e:a2:b5:
a7:da:43:f0:b7:9e:f5:19:65:06:26:69:d4:e4:55:
5e:7c:83:1a:cb:85:d5:0f:f7:8b:a2:11:04:55:68:
83:4c:bb:f4:0d:57:dd:ad:33:80:7d:79:64:46:18:
ae:47:3b:7b:bb:7c:7e:c2:d3:2d:a9:ab:45:48:6e:
73:d0:76:3e:f1:bc:18:c5:99:0d:bd:41:89:e7:15:
21:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:73:92:8D:02:22:C7:41:AA:C3:92:21:94:B8:A9:B2:E7:F4:43:0C
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214565.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:832::/48
Signature Algorithm: sha256WithRSAEncryption
18:64:ae:c4:a7:37:f8:33:bf:f2:2a:15:53:93:76:4a:4e:cb:
37:44:bf:6a:c2:b9:b0:72:8c:ec:4b:5b:4d:22:dd:86:1e:39:
12:75:ce:36:42:ca:41:82:16:c6:49:16:3d:ae:fc:87:ad:4c:
c5:24:32:b1:db:0e:c9:74:12:ae:50:79:6c:16:f5:0e:f9:9d:
69:7d:01:22:4b:b3:f0:d7:46:3a:61:3b:ae:56:3c:48:c9:81:
75:d6:84:f4:2d:b8:5b:01:de:41:98:7b:9f:5e:41:91:21:c1:
87:3e:f4:81:21:70:fd:b0:6b:c1:c4:1d:a1:81:8f:1d:4f:27:
6c:76:d3:58:fb:0b:16:1d:db:89:88:85:a8:78:ac:ed:3f:f7:
6e:51:06:28:d1:0b:18:68:b0:f8:ae:54:01:fc:bb:cb:04:b1:
fa:c0:a6:2d:e5:39:75:ef:a9:91:d9:6b:81:a8:d6:21:2a:6b:
a2:46:d5:a4:55:85:fb:1b:29:ee:32:dd:2b:78:79:ce:18:99:
48:dc:2a:5a:29:cf:a7:e3:b2:ce:17:d4:10:e9:7e:6d:01:8f:
9d:7c:02:65:aa:20:a2:31:fa:5f:fb:b4:7b:27:5e:9a:05:56:
21:a7:e7:1a:1d:cb:83:40:c1:39:2c:6c:57:91:e8:22:d8:11:
e3:e0:92:be
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUdhLnnX2mLmSInWrNXbsx5Y/jKjswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MjRaFw0yNTA4MjIwODAxMjRaMDMxMTAvBgNV
BAMTKDU5NzM5MjhEMDIyMkM3NDFBQUMzOTIyMTk0QjhBOUIyRTdGNDQzMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU6frx2XypQ8vKJJTWj5Jh2daH
JxnFqFDP2WM+NYjyY+mXld0GUJknoFB6wxg9nF46roeu45vtY7VeR9cjzC7+B58i
Svtz5YDCqj0sPzCKEy21Z3sGGOonntqIhQHeI1G0Q/Vctto5k3rZEPnlRXZC2A41
G+kuxSyqrejMSEZ1bbuIrmMZRxGBs2gdgXfT9f/JLoH1gbf8DxWTzeWvnrx5bd2s
Ho+M8aNCC+hZ6rmEWx6itafaQ/C3nvUZZQYmadTkVV58gxrLhdUP94uiEQRVaINM
u/QNV92tM4B9eWRGGK5HO3u7fH7C0y2pq0VIbnPQdj7xvBjFmQ29QYnnFSGdAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUWXOSjQIix0Gqw5IhlLipsuf0QwwwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE0NTY1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQgyMA0GCSqGSIb3DQEBCwUAA4IBAQAYZK7Epzf4M7/yKhVTk3ZKTss3RL9qwrmw
cozsS1tNIt2GHjkSdc42QspBghbGSRY9rvyHrUzFJDKx2w7JdBKuUHlsFvUO+Z1p
fQEiS7Pw10Y6YTuuVjxIyYF11oT0LbhbAd5BmHufXkGRIcGHPvSBIXD9sGvBxB2h
gY8dTydsdtNY+wsWHduJiIWoeKztP/duUQYo0QsYaLD4rlQB/LvLBLH6wKYt5Tl1
76mR2WuBqNYhKmuiRtWkVYX7GynuMt0reHnOGJlI3CpaKc+n47LOF9QQ6X5tAY+d
fAJlqiCiMfpf+7R7J16aBVYhp+caHcuDQME5LGxXkegi2BHj4JK+
-----END CERTIFICATE-----
Generated at Wed Sep 18 11:03:45 2024 by rpki-client on console-ams.rpki-client.org