Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214821.roa
File: AS214821.roa (raw, json)
Hash identifier: zF7AHHgnWNsKnhPxKc0QaTrVx8y0BNuFpWpEkjR1jcs=
Subject key identifier: C0:CB:4F:93:7E:0F:54:60:E4:5F:4F:82:AA:AC:36:93:64:B6:E4:A9
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 288CB98C5DA83EAB356619A27ACE7A7F789D31C6
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214821.roa
Signing time: Tue 04 Feb 2025 00:17:09 +0000
ROA not before: Tue 04 Feb 2025 00:12:09 +0000
ROA not after: Tue 03 Feb 2026 00:17:09 +0000
asID: 214821
IP address blocks: 2a14:7581:800::/40 maxlen: 48
2a14:7581:ff8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:04:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:8c:b9:8c:5d:a8:3e:ab:35:66:19:a2:7a:ce:7a:7f:78:9d:31:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Feb 4 00:12:09 2025 GMT
Not After : Feb 3 00:17:09 2026 GMT
Subject: CN=C0CB4F937E0F5460E45F4F82AAAC369364B6E4A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f0:54:e2:de:7b:14:b2:37:06:5c:81:5d:0e:
73:22:d2:08:4b:96:f4:10:d8:1a:52:4e:87:62:7b:
29:b6:6d:91:41:a2:01:87:34:71:93:68:f3:87:49:
93:40:4e:41:37:cd:e6:04:72:28:cb:a3:2c:9e:34:
3d:ad:03:c2:f1:06:cb:e4:04:be:63:8a:72:2e:51:
1c:aa:0b:58:34:79:2f:58:ea:c6:14:ca:99:98:b4:
13:9f:2f:22:a6:9f:2c:f3:a2:67:45:ff:89:a8:b3:
40:36:17:e2:f5:db:ac:b3:27:e4:4b:8b:eb:94:67:
39:c1:47:e6:1a:ec:d3:2a:b4:1f:c4:f0:f6:2d:4d:
69:c7:12:30:58:9f:15:7e:b6:2c:ba:dd:26:20:3a:
d1:5b:0d:90:c5:ce:78:dc:3d:5f:37:06:5d:7e:d5:
30:a6:37:a3:c8:9e:8e:39:13:f9:b9:ba:4a:17:b7:
0f:55:70:29:0d:68:0a:10:37:3e:9e:02:71:38:62:
ee:b9:71:a9:65:9a:94:14:d8:e9:81:5a:d2:d2:ec:
4f:4a:9f:1a:59:a4:15:88:91:a4:b5:93:5b:f6:43:
97:9b:49:55:e5:16:4c:f9:48:54:5c:33:e9:d9:66:
e3:14:cd:7e:d7:4e:4c:90:c1:a0:a7:5e:18:1a:25:
21:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:CB:4F:93:7E:0F:54:60:E4:5F:4F:82:AA:AC:36:93:64:B6:E4:A9
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214821.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:800::/40
2a14:7581:ff8::/48
Signature Algorithm: sha256WithRSAEncryption
91:71:49:5f:44:0b:4b:c1:b0:de:c5:fc:92:fb:4b:39:5e:ab:
94:10:1a:0b:ef:9d:76:fd:8e:e2:e3:fb:cd:1c:a3:4e:79:1f:
5b:4c:c3:fc:5d:0e:e8:62:e7:a4:5a:44:86:b3:92:e3:d2:46:
a7:32:e8:df:9d:8b:37:19:6e:e6:97:94:3d:13:1e:dd:74:92:
54:f3:9c:de:7e:8f:d2:5d:48:a4:a1:4c:dc:ab:54:ae:81:c7:
be:f1:ee:ba:c9:0b:34:36:8b:87:09:48:6d:2e:3c:3b:3c:11:
f8:61:5b:81:71:19:4e:33:87:87:4e:ce:b3:9f:0c:7f:ab:00:
24:db:e9:8a:2d:4a:5f:1c:c3:07:73:16:4e:c9:9e:8d:bd:b5:
14:20:ae:de:2a:f7:fb:47:16:d9:82:b5:f3:94:c5:b1:52:e3:
f7:bc:59:f6:5b:01:b4:4d:0d:bc:f4:98:1a:94:53:cd:d4:f5:
88:29:b8:5c:d2:65:2c:b0:c0:1f:b7:9b:af:1b:fa:88:70:0b:
9a:41:53:3d:d1:62:6e:25:d4:11:87:96:b3:6e:61:fb:bc:78:
99:51:ab:47:bb:6f:28:eb:20:07:a4:0a:bf:65:b8:c2:b9:01:
42:88:66:b8:71:51:74:1a:9e:b7:00:19:2b:f8:fb:eb:27:a8:
79:01:50:11
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUKIy5jF2oPqs1Zhmies56f3idMcYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTAyMDQwMDEyMDlaFw0yNjAyMDMwMDE3MDlaMDMxMTAvBgNV
BAMTKEMwQ0I0RjkzN0UwRjU0NjBFNDVGNEY4MkFBQUMzNjkzNjRCNkU0QTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY8FTi3nsUsjcGXIFdDnMi0ghL
lvQQ2BpSTodieym2bZFBogGHNHGTaPOHSZNATkE3zeYEcijLoyyeND2tA8LxBsvk
BL5jinIuURyqC1g0eS9Y6sYUypmYtBOfLyKmnyzzomdF/4mos0A2F+L126yzJ+RL
i+uUZznBR+Ya7NMqtB/E8PYtTWnHEjBYnxV+tiy63SYgOtFbDZDFznjcPV83Bl1+
1TCmN6PIno45E/m5ukoXtw9VcCkNaAoQNz6eAnE4Yu65callmpQU2OmBWtLS7E9K
nxpZpBWIkaS1k1v2Q5ebSVXlFkz5SFRcM+nZZuMUzX7XTkyQwaCnXhgaJSFFAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUwMtPk34PVGDkX0+Cqqw2k2S25KkwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjE0ODIxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYAKhR1
gQgDBwAqFHWBD/gwDQYJKoZIhvcNAQELBQADggEBAJFxSV9EC0vBsN7F/JL7Szle
q5QQGgvvnXb9juLj+80co055H1tMw/xdDuhi56RaRIazkuPSRqcy6N+dizcZbuaX
lD0THt10klTznN5+j9JdSKShTNyrVK6Bx77x7rrJCzQ2i4cJSG0uPDs8EfhhW4Fx
GU4zh4dOzrOfDH+rACTb6YotSl8cwwdzFk7Jno29tRQgrt4q9/tHFtmCtfOUxbFS
4/e8WfZbAbRNDbz0mBqUU83U9YgpuFzSZSywwB+3m68b+ohwC5pBUz3RYm4l1BGH
lrNuYfu8eJlRq0e7byjrIAekCr9luMK5AUKIZrhxUXQanrcAGSv4++snqHkBUBE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:13:52 2025 by rpki-client