Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS213697.roa
File: AS213697.roa (raw, json)
Hash identifier: qfNPMZHeuBK3uyqxmSPGX+p0nSj6giH3MWeKDw7pBgY=
Subject key identifier: 3B:EB:6F:EC:7F:4F:BF:6A:05:1E:3C:85:E6:80:2C:9A:C4:E5:D3:D3
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 1E0A5A78419E4FF0A6086FE3F5C7576026F25AEC
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS213697.roa
Signing time: Wed 15 Jan 2025 16:59:41 +0000
ROA not before: Wed 15 Jan 2025 16:54:41 +0000
ROA not after: Wed 14 Jan 2026 16:59:41 +0000
asID: 213697
IP address blocks: 37.221.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:0a:5a:78:41:9e:4f:f0:a6:08:6f:e3:f5:c7:57:60:26:f2:5a:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jan 15 16:54:41 2025 GMT
Not After : Jan 14 16:59:41 2026 GMT
Subject: CN=3BEB6FEC7F4FBF6A051E3C85E6802C9AC4E5D3D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e3:5f:9f:43:31:37:a4:0f:b0:d9:c7:d7:3e:
8c:f1:26:75:59:b9:d2:b3:ee:28:5f:77:0d:e4:ce:
50:05:54:0d:7f:e3:2e:9f:b5:d8:46:ec:2c:e5:08:
e7:11:b5:82:3d:bc:72:c1:4d:23:0a:c8:86:f7:27:
70:e2:7c:92:fb:f6:74:bf:53:7b:55:5a:e3:7e:21:
e2:fe:16:d6:03:15:e3:c9:06:97:2f:f9:d3:14:f1:
ef:21:42:62:78:2d:38:07:8c:32:6b:04:55:56:9e:
7d:c4:98:74:f2:53:7b:82:db:9d:7a:2b:f7:b7:c0:
f4:cd:18:e9:c9:33:88:a8:88:58:23:ef:9e:de:f6:
74:6d:7a:72:fd:6e:31:c2:97:47:3f:36:34:f8:8c:
3e:ba:90:2a:39:ee:8e:d5:fd:26:1f:21:f1:33:f7:
84:17:64:c4:26:d0:66:fa:e2:9d:77:ef:89:7e:18:
86:7c:5b:fb:63:93:b2:d1:bb:0c:ca:86:65:10:e6:
0b:ae:f3:b0:f0:f3:c8:e7:b9:e9:77:02:07:ec:dd:
46:8a:e9:ce:b1:e2:ce:da:74:29:3f:3f:fd:3b:7a:
67:9c:68:d8:86:8b:70:77:57:8e:15:84:5d:c7:ab:
99:01:75:07:31:53:18:3c:e0:30:6e:fb:e0:f5:7a:
c0:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:EB:6F:EC:7F:4F:BF:6A:05:1E:3C:85:E6:80:2C:9A:C4:E5:D3:D3
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS213697.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.77.0/24
Signature Algorithm: sha256WithRSAEncryption
21:03:44:37:3d:65:4e:11:bf:e3:51:36:cd:72:e9:cb:ad:27:
4a:a1:28:5b:b7:b2:3d:84:05:68:27:0d:b8:e0:d9:10:8b:f0:
68:ac:b9:da:69:7a:ed:43:93:94:c2:dd:32:73:10:19:6d:c3:
34:e0:5a:b8:86:cd:55:66:01:c8:59:fc:13:86:5e:dc:a1:91:
f0:35:e0:d7:0d:95:36:d3:b7:19:5d:50:da:d9:c1:8a:34:88:
d0:d6:e1:d0:4a:43:40:14:6a:a1:4a:22:fd:3c:d6:79:64:d8:
4c:06:62:78:45:50:b1:ff:6a:7f:de:87:27:2c:71:fb:84:ef:
b9:88:f5:62:5c:bf:29:df:d4:70:44:22:68:17:59:00:24:fb:
33:9d:ec:03:07:e5:2d:b2:d9:05:ac:22:16:17:2f:d5:1b:3d:
6d:9b:2f:07:59:0c:9e:7f:ca:68:54:cc:11:d8:fe:6d:da:c5:
e3:7d:7b:01:c0:49:87:5e:67:f8:e5:bc:d6:25:ef:2f:74:eb:
7e:f2:bb:7a:8b:57:9e:db:bb:47:1b:21:27:aa:f3:7b:c4:0f:
e6:12:90:7f:4d:08:13:e0:a3:da:b4:17:af:d9:0c:89:e1:27:
8b:e6:28:5c:ca:f6:e0:22:0c:df:52:3d:fc:d0:5b:84:2a:65:
3f:78:38:a1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUHgpaeEGeT/CmCG/j9cdXYCbyWuwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTAxMTUxNjU0NDFaFw0yNjAxMTQxNjU5NDFaMDMxMTAvBgNV
BAMTKDNCRUI2RkVDN0Y0RkJGNkEwNTFFM0M4NUU2ODAyQzlBQzRFNUQzRDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCf41+fQzE3pA+w2cfXPozxJnVZ
udKz7ihfdw3kzlAFVA1/4y6ftdhG7CzlCOcRtYI9vHLBTSMKyIb3J3DifJL79nS/
U3tVWuN+IeL+FtYDFePJBpcv+dMU8e8hQmJ4LTgHjDJrBFVWnn3EmHTyU3uC2516
K/e3wPTNGOnJM4ioiFgj757e9nRtenL9bjHCl0c/NjT4jD66kCo57o7V/SYfIfEz
94QXZMQm0Gb64p1374l+GIZ8W/tjk7LRuwzKhmUQ5guu87Dw88jnuel3Agfs3UaK
6c6x4s7adCk/P/07emecaNiGi3B3V44VhF3Hq5kBdQcxUxg84DBu++D1esBBAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUO+tv7H9Pv2oFHjyF5oAsmsTl09MwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjEzNjk3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJd1N
MA0GCSqGSIb3DQEBCwUAA4IBAQAhA0Q3PWVOEb/jUTbNcunLrSdKoShbt7I9hAVo
Jw244NkQi/BorLnaaXrtQ5OUwt0ycxAZbcM04Fq4hs1VZgHIWfwThl7coZHwNeDX
DZU207cZXVDa2cGKNIjQ1uHQSkNAFGqhSiL9PNZ5ZNhMBmJ4RVCx/2p/3ocnLHH7
hO+5iPViXL8p39RwRCJoF1kAJPsznewDB+UtstkFrCIWFy/VGz1tmy8HWQyef8po
VMwR2P5t2sXjfXsBwEmHXmf45bzWJe8vdOt+8rt6i1ee27tHGyEnqvN7xA/mEpB/
TQgT4KPatBev2QyJ4SeL5ihcyvbgIgzfUj380FuEKmU/eDih
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:57:26 2025 by rpki-client