Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS216336.roa
File: AS216336.roa (raw, json)
Hash identifier: qE59LeEqv87fYk7+9e8yIOg0PlN98tmhNYVtVrS2A0A=
Subject key identifier: 66:19:33:38:A6:D7:D3:EA:6F:B9:70:4F:4B:59:A5:A9:E4:0C:BA:1A
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 7091AE5B51546031326714DC4EADB5DC0C83E317
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS216336.roa
Signing time: Fri 23 Aug 2024 08:01:22 +0000
ROA not before: Fri 23 Aug 2024 07:56:22 +0000
ROA not after: Fri 22 Aug 2025 08:01:22 +0000
asID: 216336
IP address blocks: 2a0f:85c1:400::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:91:ae:5b:51:54:60:31:32:67:14:dc:4e:ad:b5:dc:0c:83:e3:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:22 2024 GMT
Not After : Aug 22 08:01:22 2025 GMT
Subject: CN=66193338A6D7D3EA6FB9704F4B59A5A9E40CBA1A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:01:05:e8:84:95:00:57:c6:78:ec:98:ed:ef:
e0:ff:ac:58:0b:9e:53:46:25:98:90:20:b1:6f:84:
a8:f2:66:7d:f6:0d:91:3c:76:a6:56:21:73:d5:0a:
9d:95:20:41:8f:c5:62:16:40:6b:94:8b:ff:bf:96:
d7:6b:11:7d:ba:75:f2:fd:fa:ed:64:d7:80:6f:6c:
44:b1:3c:24:4a:46:aa:66:67:4a:eb:f2:6d:a0:1a:
a3:a1:bc:ba:ed:9e:53:52:7d:ff:e5:36:fe:6f:63:
ea:94:f8:ec:13:d4:ec:2f:bc:32:6f:2b:cc:f6:34:
04:95:67:3b:18:40:19:80:56:08:dd:09:46:41:80:
44:7b:a1:45:5d:ec:b9:85:0c:7b:a3:6c:36:b6:c0:
2f:f3:87:1a:ac:63:39:d8:9d:ba:7f:40:9b:51:3a:
96:7d:40:19:b0:72:14:6f:13:69:60:f9:95:cb:0d:
a0:7f:a2:34:db:f2:53:11:51:38:a9:7b:1b:60:a8:
88:e5:2a:18:75:3d:a5:6b:c3:b5:4c:5d:ad:87:c5:
88:81:c9:3f:c4:bf:03:20:98:05:6e:9a:cb:4c:d9:
f4:af:eb:67:47:86:44:18:5d:a7:78:2c:49:0f:38:
92:6e:01:5d:43:93:74:70:f6:15:37:7d:28:5b:f1:
cb:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:19:33:38:A6:D7:D3:EA:6F:B9:70:4F:4B:59:A5:A9:E4:0C:BA:1A
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS216336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:400::/40
Signature Algorithm: sha256WithRSAEncryption
25:ac:b7:12:4c:b8:4d:12:b5:dd:88:af:c5:3b:42:de:05:39:
be:b1:a0:46:11:d8:64:65:73:3c:ef:8c:34:ae:16:66:0b:e6:
26:58:65:e4:c4:ea:61:36:2d:3f:fc:22:68:19:a2:33:51:2a:
fa:25:b8:1e:4c:92:63:75:bd:3b:0c:91:b9:c7:f9:19:b1:48:
9c:b6:33:20:1d:2d:93:83:5e:ac:72:1a:73:29:33:54:20:74:
54:1a:3c:d8:7b:63:9f:b6:66:33:be:03:91:a6:af:0e:b0:e5:
12:3e:03:bd:b2:6b:5a:06:3f:e2:41:02:cd:9a:25:fd:76:7e:
c0:e4:b5:11:00:12:da:ed:ad:82:cd:eb:46:6f:8d:00:4a:ce:
17:90:eb:82:ee:a1:45:2e:bc:fe:d3:1c:e9:49:91:f9:cc:cb:
98:3d:c9:25:5c:1a:59:60:6e:53:39:a0:26:b9:87:61:80:43:
c0:6d:24:2e:38:3f:28:0d:12:bb:27:ea:c0:25:ff:49:73:c7:
57:d1:c6:63:4e:98:fc:a9:22:80:a9:54:62:9f:4f:18:0c:df:
ec:80:ea:11:d7:f6:f6:64:d2:7d:e1:fd:d9:00:75:55:6f:74:
7a:78:74:d3:27:b6:f2:ed:11:c7:15:82:4c:43:f3:1d:a2:ff:
18:67:81:69
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUcJGuW1FUYDEyZxTcTq213AyD4xcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MjJaFw0yNTA4MjIwODAxMjJaMDMxMTAvBgNV
BAMTKDY2MTkzMzM4QTZEN0QzRUE2RkI5NzA0RjRCNTlBNUE5RTQwQ0JBMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpAQXohJUAV8Z47Jjt7+D/rFgL
nlNGJZiQILFvhKjyZn32DZE8dqZWIXPVCp2VIEGPxWIWQGuUi/+/ltdrEX26dfL9
+u1k14BvbESxPCRKRqpmZ0rr8m2gGqOhvLrtnlNSff/lNv5vY+qU+OwT1OwvvDJv
K8z2NASVZzsYQBmAVgjdCUZBgER7oUVd7LmFDHujbDa2wC/zhxqsYznYnbp/QJtR
OpZ9QBmwchRvE2lg+ZXLDaB/ojTb8lMRUTipextgqIjlKhh1PaVrw7VMXa2HxYiB
yT/EvwMgmAVumstM2fSv62dHhkQYXad4LEkPOJJuAV1Dk3Rw9hU3fShb8curAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUZhkzOKbX0+pvuXBPS1mlqeQMuhowHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE2MzM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg+F
wQQwDQYJKoZIhvcNAQELBQADggEBACWstxJMuE0Std2Ir8U7Qt4FOb6xoEYR2GRl
czzvjDSuFmYL5iZYZeTE6mE2LT/8ImgZojNRKvoluB5MkmN1vTsMkbnH+RmxSJy2
MyAdLZODXqxyGnMpM1QgdFQaPNh7Y5+2ZjO+A5Gmrw6w5RI+A72ya1oGP+JBAs2a
Jf12fsDktREAEtrtrYLN60ZvjQBKzheQ64LuoUUuvP7THOlJkfnMy5g9ySVcGllg
blM5oCa5h2GAQ8BtJC44PygNErsn6sAl/0lzx1fRxmNOmPypIoCpVGKfTxgM3+yA
6hHX9vZk0n3h/dkAdVVvdHp4dNMntvLtEccVgkxD8x2i/xhngWk=
-----END CERTIFICATE-----
Generated at Thu Sep 19 13:12:08 2024 by rpki-client on console-ams.rpki-client.org