Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS39521.roa
File: AS39521.roa (raw, json)
Hash identifier: +OU0tUeNRCrmju1iFOSQa4hyQXPrwwbZuKBshIOgTzE=
Subject key identifier: C2:1C:19:CB:A5:A7:72:EE:F2:72:55:3C:67:3C:BD:86:0D:15:FE:9A
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 56415F0842CED36A6D344F95682E48D51BB29511
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS39521.roa
Signing time: Wed 15 Jan 2025 17:18:06 +0000
ROA not before: Wed 15 Jan 2025 17:13:06 +0000
ROA not after: Wed 14 Jan 2026 17:18:06 +0000
asID: 39521
IP address blocks: 85.8.160.0/22 maxlen: 22
92.249.60.0/22 maxlen: 22
188.119.68.0/22 maxlen: 22
193.32.186.0/23 maxlen: 23
212.107.4.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:41:5f:08:42:ce:d3:6a:6d:34:4f:95:68:2e:48:d5:1b:b2:95:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jan 15 17:13:06 2025 GMT
Not After : Jan 14 17:18:06 2026 GMT
Subject: CN=C21C19CBA5A772EEF272553C673CBD860D15FE9A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:8b:53:4c:96:d7:cd:99:b2:90:44:dc:f7:92:
4e:e5:08:dd:25:71:26:57:e4:04:ef:89:a0:dc:4d:
0b:eb:4b:ef:db:4c:10:d0:12:3f:3c:b7:fa:32:70:
2b:63:6a:11:65:e1:31:2d:28:a5:1b:ef:84:bb:f5:
7b:89:d8:97:09:4b:96:ef:03:23:1f:41:27:21:5b:
8b:4e:cd:e6:ef:a4:a0:fb:46:f0:07:51:73:93:ee:
5e:ff:cc:8e:01:a9:8e:7b:58:83:a1:cb:fc:07:82:
af:c9:0f:a6:04:e4:d0:e2:75:47:18:d1:ba:a8:8f:
74:63:73:0f:ba:e1:59:71:a0:40:e4:1b:bd:5b:bd:
b7:9d:29:1e:e0:ff:19:41:fb:52:ab:57:31:19:07:
11:21:bf:44:de:87:00:7c:4a:b9:e4:fb:a6:0a:32:
9f:13:b1:a5:4b:a5:db:cc:b6:c6:61:af:f6:70:41:
a4:87:dd:9c:4b:7b:f2:88:e8:3f:ed:c1:e7:5a:e1:
3c:ea:a9:bb:a7:17:a5:d4:29:e4:48:4d:8b:b3:f3:
6c:cc:ec:25:51:3a:8a:99:a6:f2:ce:4a:20:c8:b2:
82:e9:f2:19:40:fb:2d:17:8c:a7:64:f5:86:10:e3:
e3:c2:09:31:5c:aa:74:12:e3:0f:6a:c2:9d:e5:32:
db:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:1C:19:CB:A5:A7:72:EE:F2:72:55:3C:67:3C:BD:86:0D:15:FE:9A
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS39521.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.160.0/22
92.249.60.0/22
188.119.68.0/22
193.32.186.0/23
212.107.4.0/22
Signature Algorithm: sha256WithRSAEncryption
53:25:63:6f:6d:cd:77:77:95:b5:9f:16:69:4d:20:38:2d:74:
d5:98:6f:8c:08:67:70:75:fc:11:65:fe:67:ed:bc:16:25:8f:
70:09:7d:ff:5f:f0:53:14:be:d9:1b:2d:cf:c8:12:fa:fe:f3:
cd:e3:d3:88:c3:ed:f6:bd:c2:d6:8a:c8:8b:a6:60:dc:f4:40:
57:54:d7:e7:1b:28:95:68:25:05:76:86:5d:8d:62:9b:3e:99:
4c:f3:70:e5:b9:e2:9c:21:3f:13:5d:8c:c5:3b:21:dc:b1:93:
d6:65:b0:cb:cf:c5:08:7d:75:92:6f:3d:2a:48:82:d3:66:1c:
3f:ce:6f:d8:e3:7b:4f:3d:55:7d:33:67:f3:c5:b7:92:22:49:
00:0f:b6:5a:c9:1b:a5:76:fd:b7:84:8e:3f:fb:fe:71:a8:c9:
f9:8f:8b:6b:65:f8:19:b5:67:53:82:4b:7a:0c:21:a2:47:da:
7e:d4:d0:83:35:e8:7e:fa:1a:41:a5:73:e7:f7:7c:c1:df:c0:
21:78:40:50:a0:21:f2:18:43:f3:bd:d1:48:bd:86:17:a0:6f:
88:15:cd:56:3e:53:64:43:f3:57:9a:f0:d4:c9:2f:1d:26:51:
12:59:28:c9:f1:6f:65:27:39:74:f8:f7:1a:f2:6b:50:24:b5:
82:a8:75:14
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUVkFfCELO02ptNE+VaC5I1RuylREwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTAxMTUxNzEzMDZaFw0yNjAxMTQxNzE4MDZaMDMxMTAvBgNV
BAMTKEMyMUMxOUNCQTVBNzcyRUVGMjcyNTUzQzY3M0NCRDg2MEQxNUZFOUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbi1NMltfNmbKQRNz3kk7lCN0l
cSZX5ATviaDcTQvrS+/bTBDQEj88t/oycCtjahFl4TEtKKUb74S79XuJ2JcJS5bv
AyMfQSchW4tOzebvpKD7RvAHUXOT7l7/zI4BqY57WIOhy/wHgq/JD6YE5NDidUcY
0bqoj3Rjcw+64VlxoEDkG71bvbedKR7g/xlB+1KrVzEZBxEhv0TehwB8Srnk+6YK
Mp8TsaVLpdvMtsZhr/ZwQaSH3ZxLe/KI6D/tweda4TzqqbunF6XUKeRITYuz82zM
7CVROoqZpvLOSiDIsoLp8hlA+y0XjKdk9YYQ4+PCCTFcqnQS4w9qwp3lMtslAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUwhwZy6Wncu7yclU8Zzy9hg0V/powHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMzk1MjEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBAJVCKAD
BAJc+TwDBAK8d0QDBAHBILoDBALUawQwDQYJKoZIhvcNAQELBQADggEBAFMlY29t
zXd3lbWfFmlNIDgtdNWYb4wIZ3B1/BFl/mftvBYlj3AJff9f8FMUvtkbLc/IEvr+
883j04jD7fa9wtaKyIumYNz0QFdU1+cbKJVoJQV2hl2NYps+mUzzcOW54pwhPxNd
jMU7Idyxk9ZlsMvPxQh9dZJvPSpIgtNmHD/Ob9jje089VX0zZ/PFt5IiSQAPtlrJ
G6V2/beEjj/7/nGoyfmPi2tl+Bm1Z1OCS3oMIaJH2n7U0IM16H76GkGlc+f3fMHf
wCF4QFCgIfIYQ/O90Ui9hhegb4gVzVY+U2RD81ea8NTJLx0mURJZKMnxb2UnOXT4
9xrya1AktYKodRQ=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:02:52 2025 by rpki-client