Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS43260.roa
File: AS43260.roa (raw, json)
Hash identifier: qwPvAwbMsS36wBot+/j+BtvIaCBTz4lfLxcSEsQwwY0=
Subject key identifier: 9B:A1:AD:59:02:D0:95:C0:32:57:3D:BF:15:BE:47:BA:25:D8:C9:40
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 729750CF1F35E4448F840971AF1F300BC82B9510
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS43260.roa
Signing time: Fri 17 Jan 2025 13:11:25 +0000
ROA not before: Fri 17 Jan 2025 13:06:25 +0000
ROA not after: Fri 16 Jan 2026 13:11:25 +0000
asID: 43260
IP address blocks: 5.133.103.0/24 maxlen: 24
37.221.76.0/24 maxlen: 24
85.235.72.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
93.190.8.0/24 maxlen: 24
93.190.10.0/24 maxlen: 24
93.190.11.0/24 maxlen: 24
176.96.130.0/24 maxlen: 24
185.254.52.0/24 maxlen: 24
193.17.4.0/24 maxlen: 24
193.17.5.0/24 maxlen: 24
193.17.6.0/24 maxlen: 24
193.17.7.0/24 maxlen: 24
193.111.76.0/24 maxlen: 24
193.111.77.0/24 maxlen: 24
193.111.78.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:97:50:cf:1f:35:e4:44:8f:84:09:71:af:1f:30:0b:c8:2b:95:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jan 17 13:06:25 2025 GMT
Not After : Jan 16 13:11:25 2026 GMT
Subject: CN=9BA1AD5902D095C032573DBF15BE47BA25D8C940
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:14:cd:53:57:b3:69:d7:6b:30:de:40:8b:3a:
83:3c:88:17:be:db:5d:21:c9:ad:62:b0:d8:1e:d5:
2f:53:d7:59:76:83:f2:44:24:ae:ce:4c:2b:85:29:
37:63:e6:2c:67:88:39:06:08:42:5f:21:12:db:64:
56:db:14:7f:00:11:c6:43:9e:b7:24:2a:b2:4b:f1:
c9:79:86:7f:ff:1e:6d:4f:7f:a2:80:2b:ae:fd:a3:
81:7d:9d:e6:90:e5:1c:b7:f2:73:5b:33:72:46:f2:
14:c1:7e:a9:4a:93:b5:a7:06:d6:66:bc:ef:e0:5a:
36:dd:49:d3:61:6b:bf:ef:a5:43:57:58:d8:b8:a1:
d7:4e:e0:b8:5d:bf:65:39:15:26:21:b3:df:de:e8:
39:0d:f7:b5:5a:c0:ac:7d:30:97:12:75:fe:61:83:
0d:ea:c9:a6:3a:87:82:28:ee:fa:d4:ca:5e:f3:bc:
43:82:1e:fd:5f:3a:f4:d7:b4:b3:c7:6e:0d:81:e9:
33:5f:50:33:8d:2e:41:24:56:96:64:06:1d:04:94:
29:ce:f0:d6:cd:99:c8:a4:95:92:a9:cf:17:72:a3:
89:8c:21:b1:96:91:9f:fb:30:a3:16:fb:10:3f:1e:
99:c7:19:93:94:55:87:4b:b8:e6:69:dd:7c:da:b0:
7d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:A1:AD:59:02:D0:95:C0:32:57:3D:BF:15:BE:47:BA:25:D8:C9:40
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS43260.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.103.0/24
37.221.76.0/24
85.235.72.0-85.235.74.255
93.190.8.0/24
93.190.10.0/23
176.96.130.0/24
185.254.52.0/24
193.17.4.0/22
193.111.76.0/22
217.18.208.0/24
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:bd:6e:f0:16:34:87:70:ec:9f:12:2c:fb:b9:47:e1:e2:20:
62:3e:7b:06:05:41:69:dc:e0:b5:9d:16:91:56:8c:56:09:13:
86:23:41:f6:1d:f1:87:fc:48:e3:1c:2e:aa:ce:03:63:a4:55:
cc:3d:46:8f:fc:09:32:a6:dc:5b:23:62:2a:d8:1f:0f:5f:d8:
23:62:72:46:ec:b0:fd:0c:50:91:36:6b:7d:d7:2a:82:de:33:
ec:ef:0f:44:e2:eb:0a:09:d8:2c:08:b0:36:60:f5:16:69:85:
b2:ba:e4:2f:64:27:11:08:96:d4:a5:d7:8f:07:85:eb:48:04:
94:62:b1:12:4a:2b:ed:ab:75:81:6f:10:9d:09:b5:8f:96:5c:
f9:21:5a:0a:4e:d1:c2:91:e0:7f:8d:5f:8a:76:3a:69:c8:b5:
39:25:c4:80:8e:f4:38:dc:28:cf:9a:6b:b9:5e:0a:36:c3:c4:
c4:0b:81:89:62:2e:ec:ad:02:9d:6c:8a:2b:fa:8f:3b:e5:b5:
7d:e3:ca:0f:62:a6:8d:9a:6d:ef:fe:9f:ee:cc:ab:f5:e1:63:
c4:7a:02:51:a9:bc:85:31:10:b1:63:5a:fb:86:c2:a5:ec:f3:
c1:09:59:33:81:28:03:bf:06:92:3f:9b:40:55:5f:96:94:13:
40:ee:3a:c8
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUcpdQzx815ESPhAlxrx8wC8grlRAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTAxMTcxMzA2MjVaFw0yNjAxMTYxMzExMjVaMDMxMTAvBgNV
BAMTKDlCQTFBRDU5MDJEMDk1QzAzMjU3M0RCRjE1QkU0N0JBMjVEOEM5NDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsFM1TV7Np12sw3kCLOoM8iBe+
210hya1isNge1S9T11l2g/JEJK7OTCuFKTdj5ixniDkGCEJfIRLbZFbbFH8AEcZD
nrckKrJL8cl5hn//Hm1Pf6KAK679o4F9neaQ5Ry38nNbM3JG8hTBfqlKk7WnBtZm
vO/gWjbdSdNha7/vpUNXWNi4oddO4Lhdv2U5FSYhs9/e6DkN97VawKx9MJcSdf5h
gw3qyaY6h4Io7vrUyl7zvEOCHv1fOvTXtLPHbg2B6TNfUDONLkEkVpZkBh0ElCnO
8NbNmciklZKpzxdyo4mMIbGWkZ/7MKMW+xA/HpnHGZOUVYdLuOZp3XzasH0vAgMB
AAGjggJNMIICSTAdBgNVHQ4EFgQUm6GtWQLQlcAyVz2/Fb5HuiXYyUAwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTNDMyNjAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwYwYIKwYBBQUHAQcBAf8EVDBSMFAEAgABMEoDBAAFhWcD
BAAl3UwwDAMEA1XrSAMEAFXrSgMEAF2+CAMEAV2+CgMEALBgggMEALn+NAMEAsER
BAMEAsFvTAMEANkS0AMEANkS0zANBgkqhkiG9w0BAQsFAAOCAQEACr1u8BY0h3Ds
nxIs+7lH4eIgYj57BgVBadzgtZ0WkVaMVgkThiNB9h3xh/xI4xwuqs4DY6RVzD1G
j/wJMqbcWyNiKtgfD1/YI2JyRuyw/QxQkTZrfdcqgt4z7O8PROLrCgnYLAiwNmD1
FmmFsrrkL2QnEQiW1KXXjweF60gElGKxEkor7at1gW8QnQm1j5Zc+SFaCk7RwpHg
f41finY6aci1OSXEgI70ONwoz5pruV4KNsPExAuBiWIu7K0CnWyKK/qPO+W1fePK
D2KmjZpt7/6f7syr9eFjxHoCUam8hTEQsWNa+4bCpezzwQlZM4EoA78Gkj+bQFVf
lpQTQO46yA==
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:56:18 2025 by rpki-client