Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214681.roa
File: AS214681.roa (raw, json)
Hash identifier: OLUJ6syU+bPkZGCfl2XaIcg0shoJc3dVMd+8NKcj/rQ=
Subject key identifier: B5:35:32:ED:7D:C6:71:82:F3:38:8E:E2:7B:E0:09:A7:64:91:02:AF
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 2D9E8F55DA9718E3CA955B28840559D2E3734F34
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214681.roa
Signing time: Fri 23 Aug 2024 08:01:18 +0000
ROA not before: Fri 23 Aug 2024 07:56:18 +0000
ROA not after: Fri 22 Aug 2025 08:01:18 +0000
asID: 214681
IP address blocks: 2a0f:85c1:81e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Sep 2024 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:9e:8f:55:da:97:18:e3:ca:95:5b:28:84:05:59:d2:e3:73:4f:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:18 2024 GMT
Not After : Aug 22 08:01:18 2025 GMT
Subject: CN=B53532ED7DC67182F3388EE27BE009A7649102AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:3f:03:66:18:d5:ce:9d:8d:3b:96:c5:b3:ad:
d7:bf:a5:c4:ec:70:ad:2e:4a:ac:94:5e:97:26:a9:
8a:f1:8d:9c:72:c7:f5:2b:f0:98:19:dc:47:52:01:
e8:52:77:e2:13:ae:9d:39:26:2c:af:85:50:c3:a6:
b8:07:07:77:21:f4:a5:80:eb:34:a9:54:e0:d9:83:
58:ea:93:f6:8a:1c:c3:38:ad:5b:9b:79:a5:c8:fe:
fe:11:da:1d:0b:aa:87:95:d9:5b:42:f8:7d:eb:33:
92:b5:bd:bd:ee:86:4d:49:9e:e0:47:0b:8a:6c:66:
70:b9:4a:07:bf:cc:b2:76:44:17:61:77:59:ac:a1:
0e:7b:58:f3:8c:e3:60:af:83:20:54:e0:3d:bc:2e:
59:09:dd:a0:a1:62:95:3b:15:2b:76:43:d6:f6:e6:
c6:69:b1:31:8d:b8:be:41:00:18:c9:d7:f1:b8:f0:
be:4f:3b:d5:8f:b1:c6:b7:01:e8:74:ca:36:24:81:
8b:bd:96:da:e0:ae:4b:df:58:18:d4:c6:36:fb:71:
62:67:b6:fe:2d:31:35:a0:e2:05:4e:f0:2d:65:72:
1c:de:34:d6:e1:67:3f:7a:27:cf:dc:87:cf:9c:4d:
0e:ed:43:0f:f8:aa:0a:47:a0:6f:8b:18:9e:90:2c:
56:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:35:32:ED:7D:C6:71:82:F3:38:8E:E2:7B:E0:09:A7:64:91:02:AF
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214681.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:81e::/48
Signature Algorithm: sha256WithRSAEncryption
32:24:ce:7e:8f:c7:d3:06:9f:b4:dc:13:d3:d2:c7:f2:85:55:
24:88:6b:9c:10:84:ec:92:df:10:3c:72:a0:3e:41:22:0b:23:
d7:13:57:7c:5b:d6:4b:36:82:c3:f2:97:77:e4:30:43:42:3e:
94:c8:20:8b:bc:74:93:d9:5e:6a:15:b2:77:cb:df:ed:bb:13:
12:03:bd:e1:75:aa:66:1a:14:a7:fd:5c:a3:e7:ad:96:f4:97:
2e:52:61:97:a0:5a:f3:71:9e:f9:b1:d6:db:e5:64:2a:d2:3e:
9e:9e:25:5d:8a:9d:e8:73:b3:87:14:aa:ee:f7:e1:80:08:ea:
0a:dd:91:16:f8:ce:77:35:71:2e:e9:13:0d:df:86:55:29:67:
2e:de:f1:08:b2:9b:cc:44:45:5e:8a:59:bb:e9:11:c3:7b:4e:
a8:44:53:6f:97:0b:8a:a3:6b:3c:5d:9d:2c:6f:58:4e:5a:e2:
79:61:9e:a6:a2:62:84:b4:ca:c3:da:43:c0:f6:2b:e4:55:29:
96:c2:c4:32:a2:22:8d:03:0b:b3:e4:29:71:56:b1:01:a0:8c:
6c:fd:51:5b:13:05:62:83:58:82:5f:ec:00:a4:d8:23:62:73:
d8:c3:7d:29:bf:f5:b0:54:ed:f1:29:98:84:a6:f6:28:af:4c:
d0:bf:fa:6f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIULZ6PVdqXGOPKlVsohAVZ0uNzTzQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MThaFw0yNTA4MjIwODAxMThaMDMxMTAvBgNV
BAMTKEI1MzUzMkVEN0RDNjcxODJGMzM4OEVFMjdCRTAwOUE3NjQ5MTAyQUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWPwNmGNXOnY07lsWzrde/pcTs
cK0uSqyUXpcmqYrxjZxyx/Ur8JgZ3EdSAehSd+ITrp05JiyvhVDDprgHB3ch9KWA
6zSpVODZg1jqk/aKHMM4rVubeaXI/v4R2h0LqoeV2VtC+H3rM5K1vb3uhk1JnuBH
C4psZnC5Sge/zLJ2RBdhd1msoQ57WPOM42CvgyBU4D28LlkJ3aChYpU7FSt2Q9b2
5sZpsTGNuL5BABjJ1/G48L5PO9WPsca3Aeh0yjYkgYu9ltrgrkvfWBjUxjb7cWJn
tv4tMTWg4gVO8C1lchzeNNbhZz96J8/ch8+cTQ7tQw/4qgpHoG+LGJ6QLFbZAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUtTUy7X3GcYLzOI7ie+AJp2SRAq8wHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE0NjgxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQgeMA0GCSqGSIb3DQEBCwUAA4IBAQAyJM5+j8fTBp+03BPT0sfyhVUkiGucEITs
kt8QPHKgPkEiCyPXE1d8W9ZLNoLD8pd35DBDQj6UyCCLvHST2V5qFbJ3y9/tuxMS
A73hdapmGhSn/Vyj562W9JcuUmGXoFrzcZ75sdbb5WQq0j6eniVdip3oc7OHFKru
9+GACOoK3ZEW+M53NXEu6RMN34ZVKWcu3vEIspvMREVeilm76RHDe06oRFNvlwuK
o2s8XZ0sb1hOWuJ5YZ6momKEtMrD2kPA9ivkVSmWwsQyoiKNAwuz5ClxVrEBoIxs
/VFbEwVig1iCX+wApNgjYnPYw30pv/WwVO3xKZiEpvYor0zQv/pv
-----END CERTIFICATE-----
Generated at Fri Sep 20 19:04:30 2024 by rpki-client on console-ams.rpki-client.org