Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS399989.roa
File: AS399989.roa (raw, json)
Hash identifier: 3sKmEJambxJob78bPAhvoDpn2Bf6o4DKNTio4POZAwU=
Subject key identifier: 18:DD:30:9D:87:88:AD:FF:E3:3B:D7:94:14:86:03:63:BA:8A:B3:74
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 6F62349BEB8D62C5925B276B89721F55C932EB10
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS399989.roa
Signing time: Wed 15 Jan 2025 17:17:27 +0000
ROA not before: Wed 15 Jan 2025 17:12:27 +0000
ROA not after: Wed 14 Jan 2026 17:17:27 +0000
asID: 399989
IP address blocks: 85.8.156.0/22 maxlen: 22
176.53.168.0/22 maxlen: 22
185.231.224.0/22 maxlen: 22
193.187.108.0/22 maxlen: 22
213.139.224.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:62:34:9b:eb:8d:62:c5:92:5b:27:6b:89:72:1f:55:c9:32:eb:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jan 15 17:12:27 2025 GMT
Not After : Jan 14 17:17:27 2026 GMT
Subject: CN=18DD309D8788ADFFE33BD79414860363BA8AB374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:fd:4f:97:59:bc:e2:a0:b9:f1:68:d2:b5:95:
8b:e6:6c:6e:ef:f5:a3:0b:f0:24:13:eb:2c:c6:0a:
9d:c7:7b:07:5f:c7:72:e9:6b:7d:3c:41:29:d2:b2:
57:5a:b3:7c:b2:24:39:f2:08:73:37:2e:c5:cd:4e:
7c:32:29:3b:78:c2:49:55:7b:c8:7a:71:66:ed:87:
9e:8c:2b:62:d3:3f:91:e0:dc:0f:f9:c7:51:f9:d7:
5c:f9:40:33:3f:df:09:10:d7:56:e6:5c:20:1b:5f:
3d:73:a7:aa:3c:60:57:88:27:c7:b8:e6:12:50:6c:
17:07:f1:20:10:75:9e:e5:19:08:0b:b8:ee:5b:c0:
49:84:03:3e:df:74:ce:ff:7d:8e:6e:7f:e6:f4:1d:
cf:5c:4d:2b:cc:e2:2a:3c:14:a4:d7:a9:61:97:cd:
fc:d3:99:78:80:d4:53:4a:f6:e7:f4:44:0b:75:52:
f2:f5:d1:a5:de:bf:73:a8:8a:c3:ea:35:6d:f5:3a:
33:cc:dc:b6:30:61:c5:1a:5c:3a:0d:e7:ba:27:6d:
f2:af:d1:68:8f:ca:56:a2:bd:70:34:ee:e3:60:dc:
32:9b:8d:60:72:ce:9f:ab:3e:47:be:04:89:d1:1b:
2e:0b:29:65:8a:06:0c:58:c8:12:28:f8:59:e6:ff:
5c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:DD:30:9D:87:88:AD:FF:E3:3B:D7:94:14:86:03:63:BA:8A:B3:74
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS399989.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.156.0/22
176.53.168.0/22
185.231.224.0/22
193.187.108.0/22
213.139.224.0/22
Signature Algorithm: sha256WithRSAEncryption
20:25:bc:0a:c7:3a:9c:46:20:27:bd:2c:47:e7:a3:05:bf:58:
eb:f0:04:52:89:75:fc:5f:4c:90:72:cd:65:91:80:59:d0:15:
a0:b9:20:81:20:27:38:cc:46:7e:87:0b:04:dc:31:29:e2:9f:
8c:9a:97:a5:c1:c1:4f:4e:bc:5d:2b:0e:0b:3b:04:d8:5e:d9:
db:5f:a2:bb:99:6c:57:2f:5d:72:b3:cd:86:7f:6d:e9:f5:c4:
ed:0c:b0:c9:db:16:f2:93:ec:3a:5e:68:aa:f8:5b:87:dc:ce:
6b:29:6a:53:92:b5:49:2a:1e:d5:03:67:de:5d:46:c8:f4:8e:
49:1a:cf:9b:4d:4b:a3:ea:36:1b:0a:b3:2b:84:a8:4a:bb:50:
c8:46:9e:ff:92:3e:f3:fe:ff:b2:f6:b5:94:88:63:4b:e7:05:
8d:2f:7a:c9:47:cc:49:b6:c7:01:3f:93:b4:42:0e:d3:eb:d3:
3c:c6:38:9f:e7:9a:38:71:f8:49:7f:99:2a:9b:a1:c7:78:8a:
e9:7c:6d:91:37:ab:24:5d:89:d4:19:d0:65:86:9c:41:c6:b7:
79:8a:fc:85:e0:dc:92:69:66:7c:4e:5c:fc:2d:b8:09:28:81:
7e:c7:a3:76:0b:2a:02:df:45:87:e2:a4:cc:f8:25:25:4a:59:
d8:41:30:5a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUb2I0m+uNYsWSWydriXIfVcky6xAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTAxMTUxNzEyMjdaFw0yNjAxMTQxNzE3MjdaMDMxMTAvBgNV
BAMTKDE4REQzMDlEODc4OEFERkZFMzNCRDc5NDE0ODYwMzYzQkE4QUIzNzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDe/U+XWbzioLnxaNK1lYvmbG7v
9aML8CQT6yzGCp3Hewdfx3Lpa308QSnSsldas3yyJDnyCHM3LsXNTnwyKTt4wklV
e8h6cWbth56MK2LTP5Hg3A/5x1H511z5QDM/3wkQ11bmXCAbXz1zp6o8YFeIJ8e4
5hJQbBcH8SAQdZ7lGQgLuO5bwEmEAz7fdM7/fY5uf+b0Hc9cTSvM4io8FKTXqWGX
zfzTmXiA1FNK9uf0RAt1UvL10aXev3OoisPqNW31OjPM3LYwYcUaXDoN57onbfKv
0WiPylaivXA07uNg3DKbjWByzp+rPke+BInRGy4LKWWKBgxYyBIo+Fnm/1zZAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUGN0wnYeIrf/jO9eUFIYDY7qKs3QwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMzk5OTg5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCVQic
AwQCsDWoAwQCuefgAwQCwbtsAwQC1YvgMA0GCSqGSIb3DQEBCwUAA4IBAQAgJbwK
xzqcRiAnvSxH56MFv1jr8ARSiXX8X0yQcs1lkYBZ0BWguSCBICc4zEZ+hwsE3DEp
4p+MmpelwcFPTrxdKw4LOwTYXtnbX6K7mWxXL11ys82Gf23p9cTtDLDJ2xbyk+w6
Xmiq+FuH3M5rKWpTkrVJKh7VA2feXUbI9I5JGs+bTUuj6jYbCrMrhKhKu1DIRp7/
kj7z/v+y9rWUiGNL5wWNL3rJR8xJtscBP5O0Qg7T69M8xjif55o4cfhJf5kqm6HH
eIrpfG2RN6skXYnUGdBlhpxBxrd5ivyF4NySaWZ8Tlz8LbgJKIF+x6N2CyoC30WH
4qTM+CUlSlnYQTBa
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:02:11 2025 by rpki-client