Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS2856.roa
File: AS2856.roa (raw, json)
Hash identifier: XfezLPxqS6qyMgnS5p6Q9Ff8J4pjCk1yan6ixJDr/rA=
Subject key identifier: 7C:53:91:4F:F6:54:05:EA:1F:1C:F2:01:F0:AB:CF:1B:5C:1D:EE:21
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 515BA65786BE6454BFA4830E1890CDC60DFCA607
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS2856.roa
Signing time: Wed 15 Jan 2025 16:37:17 +0000
ROA not before: Wed 15 Jan 2025 16:32:17 +0000
ROA not after: Wed 14 Jan 2026 16:37:17 +0000
asID: 2856
IP address blocks: 147.78.68.0/22 maxlen: 22
193.187.140.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:5b:a6:57:86:be:64:54:bf:a4:83:0e:18:90:cd:c6:0d:fc:a6:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jan 15 16:32:17 2025 GMT
Not After : Jan 14 16:37:17 2026 GMT
Subject: CN=7C53914FF65405EA1F1CF201F0ABCF1B5C1DEE21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:88:a8:47:8b:3c:99:4a:d1:18:f5:cb:b0:37:
c6:4f:a2:8f:ca:2f:ee:72:73:30:b9:ed:30:64:3c:
28:d4:ca:2b:fa:94:c8:d1:43:bb:13:dc:39:16:67:
4f:38:91:e3:48:99:fb:77:09:60:d5:4f:3a:19:b8:
e6:75:d5:5b:88:c6:09:f0:a3:1d:28:a3:b5:15:18:
a3:7a:5d:ed:09:b3:bb:c5:32:6d:e8:fc:17:ac:51:
af:08:c0:33:2b:c9:8c:99:a3:fe:c0:85:77:71:92:
04:4a:77:61:62:83:68:c2:b8:47:ed:7e:dc:00:c8:
f2:87:7d:0e:e6:ca:de:0a:23:32:c6:de:7e:dc:32:
41:d7:de:02:5e:c7:3a:b8:6c:62:e3:3e:8a:bf:be:
74:94:aa:3f:2d:28:6a:ba:69:2e:13:61:7e:82:dd:
e6:d5:37:3b:64:6d:63:41:02:8e:53:97:64:4f:09:
3e:14:64:f6:4d:6a:72:1e:42:79:fe:e7:74:b1:f2:
b6:b1:61:e2:06:5a:80:ee:c9:46:58:d7:2d:f1:cf:
01:14:a1:cb:a8:d2:65:77:b9:bf:e2:97:be:22:52:
15:d6:29:e2:eb:81:5c:ae:18:fb:ce:75:7b:79:16:
3a:86:39:c2:a5:3f:07:d4:ed:b6:0c:e7:be:83:f3:
5d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:53:91:4F:F6:54:05:EA:1F:1C:F2:01:F0:AB:CF:1B:5C:1D:EE:21
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS2856.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.68.0/22
193.187.140.0/22
Signature Algorithm: sha256WithRSAEncryption
36:b2:5f:a2:ae:f4:10:de:b4:72:07:9e:41:52:9e:ec:93:3c:
14:11:ac:24:1a:50:3d:61:f0:38:35:22:e3:59:84:33:84:38:
2c:32:4d:bb:9b:e0:c3:98:a8:e0:d7:15:ad:8c:6f:f0:9b:7e:
a4:6c:20:09:75:88:ad:0a:e1:0c:ad:86:e3:23:fd:98:da:a2:
a9:8c:76:a7:63:fa:8f:db:36:40:11:3c:d7:7e:e5:a7:f9:22:
5e:3d:d7:bc:71:70:4b:1c:a2:8a:9b:ea:a1:37:f6:a2:83:c3:
28:d5:9d:0c:74:08:6d:42:72:5d:3c:41:97:86:b7:57:23:5d:
28:cc:72:87:ea:08:14:5d:54:72:34:03:b8:b2:2b:86:91:0b:
bf:c6:d9:d4:9b:81:70:ae:b1:11:76:d7:f5:0f:ff:03:76:66:
69:bf:54:5d:86:76:10:d2:bf:8c:de:41:90:de:44:ec:38:1a:
6a:47:81:73:33:8d:91:0f:d7:ab:36:34:d7:1d:69:1b:d0:21:
cc:00:c9:52:83:ae:67:16:08:3a:ef:5a:6f:f1:57:65:ac:d5:
ec:f0:a0:cf:19:59:7a:2e:4b:bf:69:62:62:8f:ac:bc:a1:a7:
c6:84:6b:51:4c:c4:aa:e4:a2:6f:87:a6:60:1d:a6:5b:e1:94:
21:6f:d1:a9
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIUUVumV4a+ZFS/pIMOGJDNxg38pgcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTAxMTUxNjMyMTdaFw0yNjAxMTQxNjM3MTdaMDMxMTAvBgNV
BAMTKDdDNTM5MTRGRjY1NDA1RUExRjFDRjIwMUYwQUJDRjFCNUMxREVFMjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBiKhHizyZStEY9cuwN8ZPoo/K
L+5yczC57TBkPCjUyiv6lMjRQ7sT3DkWZ084keNImft3CWDVTzoZuOZ11VuIxgnw
ox0oo7UVGKN6Xe0Js7vFMm3o/BesUa8IwDMryYyZo/7AhXdxkgRKd2Fig2jCuEft
ftwAyPKHfQ7myt4KIzLG3n7cMkHX3gJexzq4bGLjPoq/vnSUqj8tKGq6aS4TYX6C
3ebVNztkbWNBAo5Tl2RPCT4UZPZNanIeQnn+53Sx8raxYeIGWoDuyUZY1y3xzwEU
ocuo0mV3ub/il74iUhXWKeLrgVyuGPvOdXt5FjqGOcKlPwfU7bYM576D810TAgMB
AAGjggIOMIICCjAdBgNVHQ4EFgQUfFORT/ZUBeofHPIB8KvPG1wd7iEwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjg1Ni5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEApNORAME
AsG7jDANBgkqhkiG9w0BAQsFAAOCAQEANrJfoq70EN60cgeeQVKe7JM8FBGsJBpQ
PWHwODUi41mEM4Q4LDJNu5vgw5io4NcVrYxv8Jt+pGwgCXWIrQrhDK2G4yP9mNqi
qYx2p2P6j9s2QBE8137lp/kiXj3XvHFwSxyiipvqoTf2ooPDKNWdDHQIbUJyXTxB
l4a3VyNdKMxyh+oIFF1UcjQDuLIrhpELv8bZ1JuBcK6xEXbX9Q//A3Zmab9UXYZ2
ENK/jN5BkN5E7DgaakeBczONkQ/XqzY01x1pG9AhzADJUoOuZxYIOu9ab/FXZazV
7PCgzxlZei5Lv2liYo+svKGnxoRrUUzEquSib4emYB2mW+GUIW/RqQ==
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:47:33 2025 by rpki-client