Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: b+P0y4ADUjBWW8Ugy3w6RBz6bR5dU1KzSu4H3qbq9ko=
Subject key identifier: 81:72:3B:08:86:D8:9E:74:28:12:A8:35:0C:D8:0B:67:51:30:09:A8
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 1034D1C77596EFC5702FA7DA2D1486F603FF2BCA
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS7029.roa
Signing time: Wed 15 Jan 2025 17:17:17 +0000
ROA not before: Wed 15 Jan 2025 17:12:17 +0000
ROA not after: Wed 14 Jan 2026 17:17:17 +0000
asID: 7029
IP address blocks: 85.8.156.0/22 maxlen: 22
176.53.168.0/22 maxlen: 22
185.231.224.0/22 maxlen: 22
193.187.108.0/22 maxlen: 22
213.139.224.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:34:d1:c7:75:96:ef:c5:70:2f:a7:da:2d:14:86:f6:03:ff:2b:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jan 15 17:12:17 2025 GMT
Not After : Jan 14 17:17:17 2026 GMT
Subject: CN=81723B0886D89E742812A8350CD80B67513009A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ef:98:61:75:92:b5:82:b7:94:15:b2:fb:46:
3c:ec:25:d3:1d:c1:4c:53:6e:6c:59:5b:bb:18:af:
a7:9f:0c:e0:96:9e:83:31:6e:9e:6b:5d:8a:f9:c8:
3b:db:5a:b3:eb:cb:19:1e:19:6a:ac:ad:4e:82:7b:
64:59:96:42:16:91:25:95:d1:64:20:91:1b:8d:8f:
dd:b1:56:41:93:f6:4e:da:fa:68:a1:55:0a:61:80:
f5:a1:36:78:92:ec:bf:57:2e:b5:3e:b9:30:df:ab:
19:67:41:26:0f:e7:de:f8:ea:8d:1f:04:89:87:4a:
1d:4e:93:16:87:d6:40:e9:5d:19:5d:f3:0d:b8:17:
5e:82:e9:df:f8:48:b7:9d:d6:ff:b9:09:3b:1f:4b:
9f:d3:3d:53:c0:bc:32:93:4c:8d:5d:58:2a:43:39:
58:b1:2b:cd:f7:2d:59:48:97:ed:c3:d1:8d:37:27:
6c:67:a0:65:99:0e:ee:d8:7b:a0:4b:5a:0f:f1:0a:
0c:b2:df:06:b1:c4:5a:9e:7b:4e:09:07:07:b8:a7:
78:f7:db:b8:73:8a:be:f2:80:04:cc:56:a8:a4:f6:
a3:1d:61:7a:52:fb:9e:cf:68:3c:5a:0e:8b:ce:c1:
b7:db:cb:39:d3:01:0f:d5:cf:66:d5:30:8e:7e:46:
af:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:72:3B:08:86:D8:9E:74:28:12:A8:35:0C:D8:0B:67:51:30:09:A8
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.156.0/22
176.53.168.0/22
185.231.224.0/22
193.187.108.0/22
213.139.224.0/22
Signature Algorithm: sha256WithRSAEncryption
78:87:a5:2b:4e:3e:88:df:5d:a8:73:be:f3:77:6e:86:65:24:
cb:87:35:ca:83:69:4c:d8:25:48:7e:2a:11:9c:0e:c7:ec:db:
af:02:31:5c:22:ef:a4:24:19:eb:1b:7c:c5:85:9a:15:09:e8:
ed:2d:d8:ed:dd:bb:5e:84:c3:60:b1:3f:51:f1:81:aa:41:44:
8b:87:9f:c8:85:08:41:48:52:e5:cd:73:1c:8a:13:35:cb:2d:
33:0d:61:0d:79:75:5f:aa:f3:28:3b:60:d8:22:64:8b:47:03:
bb:f0:d1:1b:e2:71:fb:65:16:66:2a:31:56:1e:89:46:5c:ea:
f6:8b:b4:f6:4a:d3:dd:1a:3a:dd:1e:a5:3b:17:77:a2:53:5b:
28:26:05:f3:00:e8:05:16:ec:87:93:97:94:a1:f1:be:fc:0a:
12:fc:1d:e7:ae:eb:a4:6e:3e:f8:29:49:87:d3:7d:60:ff:75:
09:e1:63:a2:95:06:b6:44:ad:e5:60:f2:31:c8:46:9c:2e:8d:
c5:40:b4:89:19:68:f2:0b:8a:ce:53:fe:d4:1d:a9:d6:c8:cc:
63:d1:18:aa:9a:58:cb:f7:35:da:7c:4f:13:87:1e:e9:c3:68:
05:6a:f2:cf:db:0c:71:b2:91:5a:f1:67:44:47:e4:64:6a:35:
0e:19:ac:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUEDTRx3WW78VwL6faLRSG9gP/K8owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTAxMTUxNzEyMTdaFw0yNjAxMTQxNzE3MTdaMDMxMTAvBgNV
BAMTKDgxNzIzQjA4ODZEODlFNzQyODEyQTgzNTBDRDgwQjY3NTEzMDA5QTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY75hhdZK1greUFbL7RjzsJdMd
wUxTbmxZW7sYr6efDOCWnoMxbp5rXYr5yDvbWrPryxkeGWqsrU6Ce2RZlkIWkSWV
0WQgkRuNj92xVkGT9k7a+mihVQphgPWhNniS7L9XLrU+uTDfqxlnQSYP59746o0f
BImHSh1OkxaH1kDpXRld8w24F16C6d/4SLed1v+5CTsfS5/TPVPAvDKTTI1dWCpD
OVixK833LVlIl+3D0Y03J2xnoGWZDu7Ye6BLWg/xCgyy3waxxFqee04JBwe4p3j3
27hzir7ygATMVqik9qMdYXpS+57PaDxaDovOwbfbyznTAQ/Vz2bVMI5+Rq97AgMB
AAGjggIgMIICHDAdBgNVHQ4EFgQUgXI7CIbYnnQoEqg1DNgLZ1EwCagwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAlUInAME
ArA1qAMEArnn4AMEAsG7bAMEAtWL4DANBgkqhkiG9w0BAQsFAAOCAQEAeIelK04+
iN9dqHO+83duhmUky4c1yoNpTNglSH4qEZwOx+zbrwIxXCLvpCQZ6xt8xYWaFQno
7S3Y7d27XoTDYLE/UfGBqkFEi4efyIUIQUhS5c1zHIoTNcstMw1hDXl1X6rzKDtg
2CJki0cDu/DRG+Jx+2UWZioxVh6JRlzq9ou09krT3Ro63R6lOxd3olNbKCYF8wDo
BRbsh5OXlKHxvvwKEvwd567rpG4++ClJh9N9YP91CeFjopUGtkSt5WDyMchGnC6N
xUC0iRlo8guKzlP+1B2p1sjMY9EYqppYy/c12nxPE4ce6cNoBWryz9sMcbKRWvFn
REfkZGo1DhmsRQ==
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:03:45 2025 by rpki-client