Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS47952.roa
File: AS47952.roa (raw, json)
Hash identifier: R8hHMdTJUP29eewA0opZtplIxFdh6l2dnf5CD9uvGFE=
Subject key identifier: 50:45:D4:1F:04:F3:A9:EB:75:B8:DF:7A:0E:10:10:36:15:2E:AA:75
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 3632F2959F17007368BCED3923BCE14FF4D4544E
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS47952.roa
Signing time: Wed 15 Jan 2025 17:12:08 +0000
ROA not before: Wed 15 Jan 2025 17:07:08 +0000
ROA not after: Wed 14 Jan 2026 17:12:08 +0000
asID: 47952
IP address blocks: 81.90.176.0/24 maxlen: 24
81.90.177.0/24 maxlen: 24
81.90.178.0/24 maxlen: 24
81.90.179.0/24 maxlen: 24
193.138.172.0/24 maxlen: 24
193.138.173.0/24 maxlen: 24
193.138.174.0/24 maxlen: 24
193.138.175.0/24 maxlen: 24
194.56.184.0/24 maxlen: 24
194.56.185.0/24 maxlen: 24
194.56.186.0/24 maxlen: 24
194.56.187.0/24 maxlen: 24
212.103.36.0/24 maxlen: 24
212.103.37.0/24 maxlen: 24
212.103.38.0/24 maxlen: 24
212.103.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:32:f2:95:9f:17:00:73:68:bc:ed:39:23:bc:e1:4f:f4:d4:54:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jan 15 17:07:08 2025 GMT
Not After : Jan 14 17:12:08 2026 GMT
Subject: CN=5045D41F04F3A9EB75B8DF7A0E101036152EAA75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ca:77:9d:a7:a8:0e:6f:41:66:db:be:10:a5:
97:e0:6d:b2:0f:36:47:78:56:79:12:dc:63:7a:9b:
03:ee:52:cd:8e:64:97:e6:e1:7d:70:b1:78:63:a9:
b9:8a:e8:33:69:4a:70:ce:9d:44:6d:0b:b5:34:ef:
89:d3:1c:12:0b:3b:fd:a5:e5:e6:24:a4:4b:9b:bc:
6c:75:5b:5e:22:54:22:68:92:7c:74:c1:c3:a9:8e:
6c:62:bb:e4:d3:2a:7c:80:ad:23:7b:2b:69:82:06:
fb:09:76:0d:b7:60:f0:c2:3b:23:0d:bf:4a:81:7c:
b0:c8:5b:12:3c:01:87:38:ec:36:c8:50:53:ce:bf:
57:83:b2:9d:5f:df:c6:3d:9a:8a:09:e8:68:f0:a2:
13:68:fa:2f:d0:8d:8f:31:9d:40:43:35:78:e0:fc:
33:ca:af:5a:2b:9d:a8:1b:22:d9:17:72:b1:4d:06:
c4:f3:32:a3:d4:fc:f6:9c:16:ab:66:5a:a6:d1:9c:
c9:48:1a:b5:e0:c9:19:37:a5:0e:db:38:a0:02:9a:
e5:4e:ae:93:c1:3d:b2:b5:76:f2:33:14:a4:79:a3:
d7:48:0f:22:c6:6f:77:df:20:07:0c:92:f4:fa:8a:
30:e9:b2:44:1b:f4:4a:31:e4:98:d4:60:eb:35:a5:
bd:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:45:D4:1F:04:F3:A9:EB:75:B8:DF:7A:0E:10:10:36:15:2E:AA:75
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS47952.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.90.176.0/22
193.138.172.0/22
194.56.184.0/22
212.103.36.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:8c:c0:b6:53:e5:df:39:df:81:3e:de:94:19:c9:61:32:0d:
59:44:9d:77:b5:52:1f:73:37:00:79:cc:fe:eb:64:fa:74:50:
49:2e:f8:35:05:47:5c:82:a6:c1:f4:69:3d:46:f8:59:7f:e2:
f5:40:0b:de:60:03:25:14:67:06:0e:2e:b3:f7:8c:fe:7c:fd:
a2:a4:35:fb:87:70:80:78:80:de:da:0b:47:52:37:af:02:ae:
10:5a:22:09:36:5f:92:de:8a:7c:64:c9:5b:97:04:c6:16:fa:
26:ec:42:47:66:6b:b2:e2:a1:e7:f0:7a:ba:ae:51:78:eb:88:
65:83:e9:52:57:87:fc:61:b8:7b:c5:ca:5e:07:79:e3:df:18:
cc:8f:21:03:4f:de:a4:c7:63:a4:af:cc:1b:88:97:7a:6b:1b:
5b:4c:a8:0a:62:ca:08:ae:c7:f7:e3:30:4a:57:59:49:4b:da:
f1:bb:3c:d7:da:f9:4f:27:58:b3:ab:da:f2:36:90:ca:aa:cf:
05:b2:b9:b1:a4:43:9a:c0:a3:22:03:24:3d:7d:e1:d0:49:00:
3c:0d:f3:5c:d4:d0:6b:6e:c6:67:77:90:83:3d:5b:c5:a6:08:
af:c7:cd:55:71:b4:25:cf:58:5c:ee:38:e0:28:6e:01:ae:91:
06:41:2e:6f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUNjLylZ8XAHNovO05I7zhT/TUVE4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTAxMTUxNzA3MDhaFw0yNjAxMTQxNzEyMDhaMDMxMTAvBgNV
BAMTKDUwNDVENDFGMDRGM0E5RUI3NUI4REY3QTBFMTAxMDM2MTUyRUFBNzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyynedp6gOb0Fm274QpZfgbbIP
Nkd4VnkS3GN6mwPuUs2OZJfm4X1wsXhjqbmK6DNpSnDOnURtC7U074nTHBILO/2l
5eYkpEubvGx1W14iVCJoknx0wcOpjmxiu+TTKnyArSN7K2mCBvsJdg23YPDCOyMN
v0qBfLDIWxI8AYc47DbIUFPOv1eDsp1f38Y9mooJ6GjwohNo+i/QjY8xnUBDNXjg
/DPKr1ornagbItkXcrFNBsTzMqPU/PacFqtmWqbRnMlIGrXgyRk3pQ7bOKACmuVO
rpPBPbK1dvIzFKR5o9dIDyLGb3ffIAcMkvT6ijDpskQb9Eox5JjUYOs1pb3xAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUUEXUHwTzqet1uN96DhAQNhUuqnUwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTNDc5NTIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAJRWrAD
BALBiqwDBALCOLgDBALUZyQwDQYJKoZIhvcNAQELBQADggEBADqMwLZT5d8534E+
3pQZyWEyDVlEnXe1Uh9zNwB5zP7rZPp0UEku+DUFR1yCpsH0aT1G+Fl/4vVAC95g
AyUUZwYOLrP3jP58/aKkNfuHcIB4gN7aC0dSN68CrhBaIgk2X5LeinxkyVuXBMYW
+ibsQkdma7LioefwerquUXjriGWD6VJXh/xhuHvFyl4HeePfGMyPIQNP3qTHY6Sv
zBuIl3prG1tMqApiygiux/fjMEpXWUlL2vG7PNfa+U8nWLOr2vI2kMqqzwWyubGk
Q5rAoyIDJD194dBJADwN81zU0Gtuxmd3kIM9W8WmCK/HzVVxtCXPWFzuOOAobgGu
kQZBLm8=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:09:03 2025 by rpki-client