Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214913.roa
File: AS214913.roa (raw, json)
Hash identifier: iTFaUWq78ze+Uqd1M6tSHSBmBWUHwVKf8vCRChEfPxw=
Subject key identifier: BD:F5:6C:96:EB:AF:C8:54:73:21:8F:99:A0:C9:83:6C:3E:3D:86:17
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 2A6DAC2E9933BE962B78C8DAC3CB8D9CA90EB5A8
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214913.roa
Signing time: Fri 23 Aug 2024 08:01:24 +0000
ROA not before: Fri 23 Aug 2024 07:56:24 +0000
ROA not after: Fri 22 Aug 2025 08:01:24 +0000
asID: 214913
IP address blocks: 2a0f:85c1:3f3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:6d:ac:2e:99:33:be:96:2b:78:c8:da:c3:cb:8d:9c:a9:0e:b5:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:24 2024 GMT
Not After : Aug 22 08:01:24 2025 GMT
Subject: CN=BDF56C96EBAFC85473218F99A0C9836C3E3D8617
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:98:34:e2:23:26:e7:e9:91:39:47:ac:f7:49:
f6:21:5c:f0:47:11:b4:4f:b3:e4:47:bf:c7:c1:9a:
51:3f:aa:95:b0:5b:62:c3:ab:27:fe:3a:5a:97:19:
f9:51:bd:12:28:79:57:ca:40:c4:f4:d7:07:e2:7f:
c7:e6:53:34:68:70:61:5f:a6:60:52:47:30:66:1e:
9c:ce:3b:c6:16:09:b5:8f:70:5a:5c:c6:04:10:c5:
c6:75:e3:50:db:ed:28:f4:c8:4e:01:7a:e3:79:5a:
61:b9:74:cf:f7:56:c5:fd:80:39:b2:0b:62:eb:ca:
29:34:be:d4:c1:ec:73:d2:ad:83:3a:b0:5f:f1:a2:
5b:30:98:8b:e5:07:8a:5c:0d:53:1b:90:37:12:6d:
77:22:c3:ff:60:64:fc:71:73:38:2d:09:2f:28:42:
ba:13:76:51:cb:49:3b:87:cb:25:ba:4f:08:1f:f7:
10:b5:fc:0a:11:d2:cb:b9:9b:ed:e2:22:c3:a3:59:
63:aa:f3:37:ca:04:ef:be:6c:93:b8:06:ab:63:74:
01:88:39:3f:f3:37:fe:f0:15:fc:03:54:c8:1a:26:
9e:2a:94:8a:e9:cc:96:42:74:5f:f6:92:78:59:c0:
03:54:29:a7:e4:2b:2a:b6:aa:ff:f2:66:7a:16:ae:
28:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:F5:6C:96:EB:AF:C8:54:73:21:8F:99:A0:C9:83:6C:3E:3D:86:17
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214913.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3f3::/48
Signature Algorithm: sha256WithRSAEncryption
de:48:91:73:e1:e5:65:d8:a3:cd:1d:b3:f9:81:3b:1a:7a:e6:
d6:0f:2b:71:a8:d7:66:d3:34:fd:a5:00:51:98:99:99:51:bd:
4d:b6:3d:85:eb:7c:f6:d2:2b:df:f0:26:64:44:a7:84:c0:97:
2a:1f:1a:d7:31:09:ac:cd:fa:70:68:6b:3c:cf:d5:17:97:2b:
2d:f4:45:75:e9:23:16:55:df:a7:76:f6:b2:c1:0c:1e:b8:88:
17:f0:80:db:f4:4f:8b:b2:9f:23:c5:96:13:85:d8:db:a5:37:
59:22:37:3b:02:29:d7:29:2e:e8:c1:5a:ea:ea:6f:29:d0:d8:
e7:37:0d:62:7a:6b:38:f2:f6:ca:73:00:3b:a8:ea:9d:d5:d7:
55:68:81:84:d4:2b:3f:23:8f:47:9f:9b:0e:35:17:31:b8:62:
97:81:d9:ed:c9:63:45:4a:32:b4:7e:0e:d3:86:53:2d:44:41:
42:38:db:0d:bf:86:bb:9d:06:70:1c:80:54:80:04:0d:d2:cb:
2c:7d:b8:6c:8f:45:c1:8b:68:9a:44:be:0d:4c:b6:d6:65:87:
62:fc:52:4e:27:5f:b8:12:7c:75:0a:24:97:aa:bb:08:3a:a5:
8a:f1:6a:34:ef:0c:58:2b:42:3b:f9:40:f7:ca:cc:c0:48:13:
4d:f4:b8:f4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUKm2sLpkzvpYreMjaw8uNnKkOtagwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MjRaFw0yNTA4MjIwODAxMjRaMDMxMTAvBgNV
BAMTKEJERjU2Qzk2RUJBRkM4NTQ3MzIxOEY5OUEwQzk4MzZDM0UzRDg2MTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRmDTiIybn6ZE5R6z3SfYhXPBH
EbRPs+RHv8fBmlE/qpWwW2LDqyf+OlqXGflRvRIoeVfKQMT01wfif8fmUzRocGFf
pmBSRzBmHpzOO8YWCbWPcFpcxgQQxcZ141Db7Sj0yE4BeuN5WmG5dM/3VsX9gDmy
C2Lryik0vtTB7HPSrYM6sF/xolswmIvlB4pcDVMbkDcSbXciw/9gZPxxczgtCS8o
QroTdlHLSTuHyyW6Twgf9xC1/AoR0su5m+3iIsOjWWOq8zfKBO++bJO4BqtjdAGI
OT/zN/7wFfwDVMgaJp4qlIrpzJZCdF/2knhZwANUKafkKyq2qv/yZnoWrijVAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUvfVsluuvyFRzIY+ZoMmDbD49hhcwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE0OTEzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQPzMA0GCSqGSIb3DQEBCwUAA4IBAQDeSJFz4eVl2KPNHbP5gTsaeubWDytxqNdm
0zT9pQBRmJmZUb1Ntj2F63z20ivf8CZkRKeEwJcqHxrXMQmszfpwaGs8z9UXlyst
9EV16SMWVd+ndvaywQweuIgX8IDb9E+Lsp8jxZYThdjbpTdZIjc7AinXKS7owVrq
6m8p0NjnNw1iems48vbKcwA7qOqd1ddVaIGE1Cs/I49Hn5sONRcxuGKXgdntyWNF
SjK0fg7ThlMtREFCONsNv4a7nQZwHIBUgAQN0sssfbhsj0XBi2iaRL4NTLbWZYdi
/FJOJ1+4Enx1CiSXqrsIOqWK8Wo07wxYK0I7+UD3yszASBNN9Lj0
-----END CERTIFICATE-----
Generated at Thu Nov 21 12:08:36 2024 by rpki-client on console-fra.rpki-client.org