Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS209988.roa
File: AS209988.roa (raw, json)
Hash identifier: HhFlvwtzGBpklhZx26oEu6owcXl7oC+8AUAjh7UGbiE=
Subject key identifier: 00:EF:77:F3:25:0A:AD:0D:C5:7A:DF:29:00:EB:F1:0E:41:A4:F8:9B
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 0C5FF1D5666AB6868A527C27B99E0B9BCB26A030
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS209988.roa
Signing time: Tue 04 Feb 2025 00:17:07 +0000
ROA not before: Tue 04 Feb 2025 00:12:07 +0000
ROA not after: Tue 03 Feb 2026 00:17:07 +0000
asID: 209988
IP address blocks: 2a14:7581:f000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:04:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:5f:f1:d5:66:6a:b6:86:8a:52:7c:27:b9:9e:0b:9b:cb:26:a0:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Feb 4 00:12:07 2025 GMT
Not After : Feb 3 00:17:07 2026 GMT
Subject: CN=00EF77F3250AAD0DC57ADF2900EBF10E41A4F89B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:43:44:78:e0:fb:86:5e:bc:aa:b5:01:0b:02:
70:93:dc:b5:3e:1c:ce:2a:c3:aa:c3:c9:1e:90:ef:
c0:af:f1:0a:1f:1a:c7:51:8e:65:23:db:10:e3:e4:
0e:02:0d:7f:79:55:e5:40:14:b3:47:17:1c:9d:56:
23:35:24:29:8d:1d:1a:51:d1:03:5e:6e:a2:ba:f0:
4f:f5:b9:59:ce:94:40:f2:79:85:62:3a:6b:89:98:
16:72:c8:af:45:0a:ee:98:16:7a:7b:4e:9f:1a:f3:
8d:79:d7:cc:d5:ec:ce:8e:d7:2e:ba:43:7a:c3:bb:
31:7a:51:f9:5c:ba:30:ed:c6:93:b0:0b:4f:1d:24:
50:4d:28:b2:1d:86:9e:cd:48:45:cc:04:77:25:6d:
e5:a7:7d:f4:55:cd:5d:db:a6:ae:ef:c2:cc:8f:0f:
da:46:93:36:b4:0c:e6:02:1f:f6:ec:ad:92:78:c6:
de:91:a5:bc:73:d2:23:55:a8:87:b6:32:9b:08:fc:
26:2f:ff:50:3d:3c:4f:5b:2d:ea:30:56:01:00:e4:
1a:35:eb:53:92:7f:a5:17:ca:3a:76:67:80:d7:78:
f7:12:50:3e:bf:3d:a1:01:de:0d:33:10:0f:7f:87:
97:97:93:4c:14:60:7f:8d:49:ca:dc:15:d1:80:9d:
68:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:EF:77:F3:25:0A:AD:0D:C5:7A:DF:29:00:EB:F1:0E:41:A4:F8:9B
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS209988.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:f000::/36
Signature Algorithm: sha256WithRSAEncryption
12:ba:f1:1c:cc:8e:55:4a:d5:1f:ae:ad:30:10:76:da:f7:02:
14:57:b2:08:eb:77:99:6e:51:f0:90:49:bf:5b:85:59:d1:ec:
97:40:8d:00:55:da:99:fc:de:83:78:03:2c:62:7f:71:b5:36:
b2:0d:b6:df:1e:9e:c9:78:ba:4e:b1:75:4d:53:97:ac:42:41:
95:ac:59:48:d7:e6:05:87:d3:78:c7:2b:82:40:dd:52:9c:51:
a8:b4:41:4d:04:8f:50:8a:22:a8:47:ae:36:40:12:9c:d4:08:
23:ba:23:4c:10:aa:d0:3b:e8:61:22:34:2b:55:0c:b0:22:64:
f3:27:72:52:63:63:98:36:32:15:07:38:e2:15:17:59:ad:aa:
69:b4:49:fa:5e:fb:b4:af:d9:48:97:64:d5:80:2e:53:03:6c:
b5:06:3d:fa:c5:22:68:de:20:5f:a2:00:1c:75:df:09:34:6c:
9d:8c:90:d8:28:75:4d:a5:7a:16:43:2b:40:e5:67:75:af:13:
45:55:c8:c3:b4:81:99:d8:17:8b:0f:1f:bc:72:3e:d1:7b:f0:
03:7f:26:dc:e2:f1:70:f5:8a:54:8c:fc:3a:2f:23:b1:c9:50:
9f:7f:68:72:5a:f1:3d:c8:c6:67:c8:9d:b7:91:49:e8:aa:9f:
a7:9f:fc:5b
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUDF/x1WZqtoaKUnwnuZ4Lm8smoDAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTAyMDQwMDEyMDdaFw0yNjAyMDMwMDE3MDdaMDMxMTAvBgNV
BAMTKDAwRUY3N0YzMjUwQUFEMERDNTdBREYyOTAwRUJGMTBFNDFBNEY4OUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+Q0R44PuGXryqtQELAnCT3LU+
HM4qw6rDyR6Q78Cv8QofGsdRjmUj2xDj5A4CDX95VeVAFLNHFxydViM1JCmNHRpR
0QNebqK68E/1uVnOlEDyeYViOmuJmBZyyK9FCu6YFnp7Tp8a841518zV7M6O1y66
Q3rDuzF6UflcujDtxpOwC08dJFBNKLIdhp7NSEXMBHclbeWnffRVzV3bpq7vwsyP
D9pGkza0DOYCH/bsrZJ4xt6Rpbxz0iNVqIe2MpsI/CYv/1A9PE9bLeowVgEA5Bo1
61OSf6UXyjp2Z4DXePcSUD6/PaEB3g0zEA9/h5eXk0wUYH+NScrcFdGAnWhlAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUAO938yUKrQ3Fet8pAOvxDkGk+JswHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA5OTg4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKhR1
gfAwDQYJKoZIhvcNAQELBQADggEBABK68RzMjlVK1R+urTAQdtr3AhRXsgjrd5lu
UfCQSb9bhVnR7JdAjQBV2pn83oN4Ayxif3G1NrINtt8ensl4uk6xdU1Tl6xCQZWs
WUjX5gWH03jHK4JA3VKcUai0QU0Ej1CKIqhHrjZAEpzUCCO6I0wQqtA76GEiNCtV
DLAiZPMnclJjY5g2MhUHOOIVF1mtqmm0Sfpe+7Sv2UiXZNWALlMDbLUGPfrFImje
IF+iABx13wk0bJ2MkNgodU2lehZDK0DlZ3WvE0VVyMO0gZnYF4sPH7xyPtF78AN/
Jtzi8XD1ilSM/DovI7HJUJ9/aHJa8T3IxmfInbeRSeiqn6ef/Fs=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:41:31 2025 by rpki-client