Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214752.roa
File: AS214752.roa (raw, json)
Hash identifier: g2jMVxx4zOdNG6ZmRVR8ULkAkCBDd8GfpQ3VpmLF5Ag=
Subject key identifier: 34:79:A0:8D:8E:83:A8:7E:E9:1D:76:A1:B5:1D:0B:DA:F0:C5:97:FF
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 6AA8EDE92572AAE919F52DEEE12B98437C467D39
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214752.roa
Signing time: Fri 23 Aug 2024 08:01:18 +0000
ROA not before: Fri 23 Aug 2024 07:56:18 +0000
ROA not after: Fri 22 Aug 2025 08:01:18 +0000
asID: 214752
IP address blocks: 2a0f:85c1:812::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:a8:ed:e9:25:72:aa:e9:19:f5:2d:ee:e1:2b:98:43:7c:46:7d:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:18 2024 GMT
Not After : Aug 22 08:01:18 2025 GMT
Subject: CN=3479A08D8E83A87EE91D76A1B51D0BDAF0C597FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e1:6d:69:3c:4b:fd:4a:01:81:39:54:0d:3c:
1e:f3:eb:de:c8:0f:bd:63:5f:ed:a7:7e:a7:e4:91:
36:09:2c:66:8e:ff:2a:41:f5:b8:ba:7b:60:c5:74:
fe:70:17:7f:2f:81:6c:59:66:2f:04:bb:e5:d2:5f:
41:ef:1f:0c:6a:48:e9:96:dc:e3:5e:20:76:8b:c9:
a5:8a:c4:9b:ab:10:53:36:0a:89:0a:06:59:9a:37:
9a:c1:9d:51:ad:17:e4:a5:57:4b:c9:0c:9e:e0:49:
53:d9:b6:a3:46:ec:4c:1e:50:1a:ce:af:d2:4a:27:
ca:d4:bd:34:95:cb:b6:34:a5:e9:e0:3e:ba:a3:0c:
e6:8d:73:bf:03:df:47:d2:fa:63:ae:5e:98:fd:fd:
da:ca:62:38:44:a7:c6:98:30:2e:d8:6a:41:a5:6b:
96:3b:1a:95:00:ba:28:d1:0a:28:0f:a3:e9:95:3f:
13:b4:92:df:78:2d:6a:bd:a3:6c:32:1a:98:fc:10:
15:7c:62:0a:b6:e0:89:3b:ca:9b:25:59:6a:2f:24:
6b:00:01:d6:f1:51:ae:ca:85:e3:27:ed:53:08:2e:
bd:2d:81:5c:bb:f8:b1:5b:3d:4e:b4:3e:24:db:b9:
a7:ae:96:3e:02:8d:87:5b:e0:97:00:7f:9f:da:f1:
86:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:79:A0:8D:8E:83:A8:7E:E9:1D:76:A1:B5:1D:0B:DA:F0:C5:97:FF
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214752.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:812::/48
Signature Algorithm: sha256WithRSAEncryption
0b:15:88:48:db:61:8a:88:d5:1b:5f:a2:29:64:08:7a:eb:2c:
c6:2b:dc:2f:e9:8a:70:74:2c:af:8b:c7:2a:40:1a:8f:6e:5f:
19:d0:f9:50:fa:32:fe:0b:65:6f:70:b5:75:5d:ee:82:8f:3b:
99:9c:2f:3e:89:17:51:fb:5d:18:04:ae:05:a3:7a:c4:fd:d9:
93:66:7e:09:3f:48:db:3e:0b:8a:91:d7:7d:70:b8:2d:d6:f3:
d3:69:e3:2b:8e:08:78:65:e9:fc:2f:af:23:17:d4:ae:4d:1a:
aa:ce:f2:3a:39:0d:ba:c0:22:a2:c1:e1:61:ba:45:3c:84:f9:
db:78:28:97:25:58:77:cb:24:fc:e2:52:f1:36:bd:75:c1:fd:
d7:0c:ca:22:35:65:11:4c:5d:13:d0:fe:14:fe:79:06:0c:23:
f0:0c:39:e7:2b:29:88:af:35:3d:53:a5:14:c3:02:6b:d1:ed:
70:6b:4c:55:c3:9f:01:8a:22:36:ea:3f:2a:88:71:9e:0a:de:
70:fb:89:fe:a1:a1:65:e4:18:ea:19:87:e0:f0:7b:73:14:49:
ea:34:b2:d4:c6:38:61:84:e0:4c:22:a3:bf:4a:00:6e:75:e6:
94:c9:66:b8:5a:72:20:24:15:84:c3:69:50:3b:47:13:9c:33:
a1:f8:fa:1e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUaqjt6SVyqukZ9S3u4SuYQ3xGfTkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MThaFw0yNTA4MjIwODAxMThaMDMxMTAvBgNV
BAMTKDM0NzlBMDhEOEU4M0E4N0VFOTFENzZBMUI1MUQwQkRBRjBDNTk3RkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC14W1pPEv9SgGBOVQNPB7z697I
D71jX+2nfqfkkTYJLGaO/ypB9bi6e2DFdP5wF38vgWxZZi8Eu+XSX0HvHwxqSOmW
3ONeIHaLyaWKxJurEFM2CokKBlmaN5rBnVGtF+SlV0vJDJ7gSVPZtqNG7EweUBrO
r9JKJ8rUvTSVy7Y0pengPrqjDOaNc78D30fS+mOuXpj9/drKYjhEp8aYMC7YakGl
a5Y7GpUAuijRCigPo+mVPxO0kt94LWq9o2wyGpj8EBV8Ygq24Ik7ypslWWovJGsA
AdbxUa7KheMn7VMILr0tgVy7+LFbPU60PiTbuaeulj4CjYdb4JcAf5/a8YaJAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUNHmgjY6DqH7pHXahtR0L2vDFl/8wHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE0NzUyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQgSMA0GCSqGSIb3DQEBCwUAA4IBAQALFYhI22GKiNUbX6IpZAh66yzGK9wv6Ypw
dCyvi8cqQBqPbl8Z0PlQ+jL+C2VvcLV1Xe6CjzuZnC8+iRdR+10YBK4Fo3rE/dmT
Zn4JP0jbPguKkdd9cLgt1vPTaeMrjgh4Zen8L68jF9SuTRqqzvI6OQ26wCKiweFh
ukU8hPnbeCiXJVh3yyT84lLxNr11wf3XDMoiNWURTF0T0P4U/nkGDCPwDDnnKymI
rzU9U6UUwwJr0e1wa0xVw58BiiI26j8qiHGeCt5w+4n+oaFl5BjqGYfg8HtzFEnq
NLLUxjhhhOBMIqO/SgBudeaUyWa4WnIgJBWEw2lQO0cTnDOh+Poe
-----END CERTIFICATE-----
Generated at Thu Nov 21 12:08:36 2024 by rpki-client on console-fra.rpki-client.org