Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: pzH69TC9OS1l7zO0SlN4bpzUziXM3rvfcGM94IbaFAU=
Subject key identifier: 0A:17:4F:5D:8A:39:9F:3A:8A:FA:38:8C:9F:B2:1F:67:44:45:52:4D
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 1A7F9F18A00C1A582DEE4B40F3F80EA0AF505FEA
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS834.roa
Signing time: Thu 30 Jan 2025 12:34:20 +0000
ROA not before: Thu 30 Jan 2025 12:29:20 +0000
ROA not after: Thu 29 Jan 2026 12:34:20 +0000
asID: 834
IP address blocks: 5.133.124.0/23 maxlen: 23
5.133.126.0/23 maxlen: 23
62.182.32.0/23 maxlen: 23
62.182.34.0/23 maxlen: 23
139.28.240.0/23 maxlen: 23
176.53.156.0/23 maxlen: 23
176.53.158.0/23 maxlen: 23
193.32.204.0/23 maxlen: 23
193.32.206.0/23 maxlen: 23
193.38.44.0/23 maxlen: 23
193.38.46.0/23 maxlen: 23
193.187.132.0/23 maxlen: 23
193.187.134.0/23 maxlen: 23
194.93.48.0/23 maxlen: 23
194.93.50.0/23 maxlen: 23
194.93.60.0/23 maxlen: 23
194.93.62.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:7f:9f:18:a0:0c:1a:58:2d:ee:4b:40:f3:f8:0e:a0:af:50:5f:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jan 30 12:29:20 2025 GMT
Not After : Jan 29 12:34:20 2026 GMT
Subject: CN=0A174F5D8A399F3A8AFA388C9FB21F674445524D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:08:44:b0:9d:d7:72:13:4b:2b:91:19:46:50:
3a:cf:e5:9a:25:cf:3e:bb:95:21:bf:2e:9f:cb:e6:
44:96:95:97:dc:cf:9b:03:09:f9:b2:a1:25:23:2c:
6a:8d:0c:47:a3:33:e4:a9:f9:39:dc:a0:67:a8:9f:
9d:c3:d6:e7:95:b3:88:af:df:06:12:da:47:2d:f2:
39:34:f5:aa:fd:0e:d4:b9:58:04:11:ff:97:5e:ba:
4f:2e:53:95:44:f1:0d:06:2a:a1:c9:46:c5:3a:8c:
96:18:91:30:23:23:f6:da:12:25:2c:13:38:5c:88:
cb:b1:4b:ab:f8:2b:2d:79:91:69:bf:e2:8e:95:cb:
1a:3f:20:59:85:39:76:dc:68:f9:af:ad:c2:a0:8d:
1d:c5:c0:e1:e6:17:f2:cc:b8:2c:95:eb:51:cc:fa:
49:09:ca:72:c7:b2:19:9b:71:92:80:b3:39:dc:af:
58:2d:02:f8:d5:71:1a:da:81:52:f9:52:f4:a6:40:
16:57:0b:3b:68:19:0c:ed:f4:63:60:a6:50:15:ee:
28:2f:b4:f1:f0:2c:d3:64:67:b1:41:d6:f3:ab:df:
f4:b5:81:44:2b:b6:39:a7:62:9c:2a:f4:a0:d2:e6:
b5:45:4b:ac:ae:20:0f:b2:2b:04:80:cb:fc:a4:d3:
98:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:17:4F:5D:8A:39:9F:3A:8A:FA:38:8C:9F:B2:1F:67:44:45:52:4D
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.124.0/22
62.182.32.0/22
139.28.240.0/23
176.53.156.0/22
193.32.204.0/22
193.38.44.0/22
193.187.132.0/22
194.93.48.0/22
194.93.60.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:48:cc:1f:93:13:46:af:9a:d0:ab:eb:25:82:6e:c6:fa:5b:
2b:e1:b8:45:f9:14:ac:b1:88:c1:3d:7c:3d:f5:81:e5:c8:15:
e4:ab:af:9a:73:ec:a9:5a:53:ad:89:fa:95:d3:c7:4f:2c:29:
21:ff:88:6e:6b:9f:e5:68:96:d9:bc:0e:af:af:51:a3:39:21:
2d:62:93:8e:4d:b1:bf:f0:d6:06:a3:47:fc:ab:2d:e7:3c:f4:
01:44:d6:77:b8:09:66:e8:82:8e:d5:a8:4a:27:5f:af:ec:d6:
29:09:e9:5d:66:8a:d0:c1:d0:66:2f:bf:13:82:6f:94:e9:84:
cb:58:92:e4:56:93:b3:10:df:b7:3e:82:2c:df:e4:ec:5c:15:
86:b0:0c:26:68:e1:2a:e2:0b:a8:d2:0d:0e:85:d8:7a:7c:16:
c0:e3:3e:93:b0:f1:75:c5:aa:21:a5:81:d4:f9:0b:7f:61:9a:
95:6c:b1:76:e9:1d:d5:00:e8:0e:13:bd:5a:6f:aa:1d:13:6a:
e4:0f:c9:20:f8:27:08:c4:53:fc:73:2d:71:f6:23:e4:3f:4b:
0a:a0:48:e7:40:0b:d1:0b:d3:87:39:aa:b7:50:c6:a1:77:c7:
0f:4c:8e:ca:c0:27:73:48:f0:c1:72:5b:91:81:9d:65:96:af:
7a:08:8f:28
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUGn+fGKAMGlgt7ktA8/gOoK9QX+owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTAxMzAxMjI5MjBaFw0yNjAxMjkxMjM0MjBaMDMxMTAvBgNV
BAMTKDBBMTc0RjVEOEEzOTlGM0E4QUZBMzg4QzlGQjIxRjY3NDQ0NTUyNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXCESwnddyE0srkRlGUDrP5Zol
zz67lSG/Lp/L5kSWlZfcz5sDCfmyoSUjLGqNDEejM+Sp+TncoGeon53D1ueVs4iv
3wYS2kct8jk09ar9DtS5WAQR/5deuk8uU5VE8Q0GKqHJRsU6jJYYkTAjI/baEiUs
EzhciMuxS6v4Ky15kWm/4o6Vyxo/IFmFOXbcaPmvrcKgjR3FwOHmF/LMuCyV61HM
+kkJynLHshmbcZKAszncr1gtAvjVcRragVL5UvSmQBZXCztoGQzt9GNgplAV7igv
tPHwLNNkZ7FB1vOr3/S1gUQrtjmnYpwq9KDS5rVFS6yuIA+yKwSAy/yk05iVAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUChdPXYo5nzqK+jiMn7IfZ0RFUk0wHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCBYV8AwQC
PrYgAwQBixzwAwQCsDWcAwQCwSDMAwQCwSYsAwQCwbuEAwQCwl0wAwQCwl08MA0G
CSqGSIb3DQEBCwUAA4IBAQBMSMwfkxNGr5rQq+slgm7G+lsr4bhF+RSssYjBPXw9
9YHlyBXkq6+ac+ypWlOtifqV08dPLCkh/4hua5/laJbZvA6vr1GjOSEtYpOOTbG/
8NYGo0f8qy3nPPQBRNZ3uAlm6IKO1ahKJ1+v7NYpCeldZorQwdBmL78Tgm+U6YTL
WJLkVpOzEN+3PoIs3+TsXBWGsAwmaOEq4guo0g0Ohdh6fBbA4z6TsPF1xaohpYHU
+Qt/YZqVbLF26R3VAOgOE71ab6odE2rkD8kg+CcIxFP8cy1x9iPkP0sKoEjnQAvR
C9OHOaq3UMahd8cPTI7KwCdzSPDBcluRgZ1llq96CI8o
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:50:43 2025 by rpki-client