Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS134351.roa
File: AS134351.roa (raw, json)
Hash identifier: wfPpNR+EH0gd9sv4qJPJfn3xwiD4994eowjAa858b50=
Subject key identifier: 7E:38:BD:5C:67:16:DA:CF:22:20:B7:F8:17:26:55:7E:54:B5:D9:E1
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 5C108F98ED271AA8BDA382711FED184F49F64C2E
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS134351.roa
Signing time: Wed 27 Nov 2024 13:32:56 +0000
ROA not before: Wed 27 Nov 2024 13:27:56 +0000
ROA not after: Wed 26 Nov 2025 13:32:56 +0000
asID: 134351
IP address blocks: 46.202.253.0/24 maxlen: 24
46.202.255.0/24 maxlen: 24
46.203.23.0/24 maxlen: 24
46.203.28.0/24 maxlen: 24
46.203.45.0/24 maxlen: 24
46.203.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 14:35:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:10:8f:98:ed:27:1a:a8:bd:a3:82:71:1f:ed:18:4f:49:f6:4c:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Nov 27 13:27:56 2024 GMT
Not After : Nov 26 13:32:56 2025 GMT
Subject: CN=7E38BD5C6716DACF2220B7F81726557E54B5D9E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b7:4c:6b:0a:3f:70:e2:95:6b:69:53:5d:87:
1b:ee:b4:d1:d9:90:60:9a:d6:fb:de:9d:f8:c6:3b:
e3:44:02:fc:72:1d:1d:43:ac:46:36:c2:c8:b2:97:
9a:6a:1c:ab:0d:0a:88:33:4c:8a:0a:2e:2f:5c:09:
35:c0:01:d8:7f:57:ce:e5:0b:ec:10:83:97:0c:04:
3c:15:26:85:30:eb:9a:26:f1:cc:43:28:d2:82:2b:
14:2a:38:8c:65:5a:ec:b4:b6:26:d9:56:d1:79:2d:
be:45:f4:ab:2c:2a:47:58:81:94:01:3f:b5:d0:67:
59:8d:5c:05:b6:b1:87:dc:2f:ba:da:ec:a8:fc:b2:
5e:64:48:b4:f4:6c:7b:38:9f:97:f5:3b:9a:f7:d8:
85:e5:ae:27:6a:10:ff:90:24:df:8a:ac:5c:09:03:
69:93:5c:05:f6:3c:0e:46:4b:6f:42:bb:c1:52:32:
e6:86:ea:55:cd:4d:c7:2a:40:67:d0:35:b5:59:bd:
75:56:da:8d:21:15:3c:ed:b1:93:61:e4:77:c3:ec:
e9:33:e6:70:a5:7f:fc:97:30:69:71:87:a8:82:71:
5f:33:0e:44:f8:81:f7:06:00:98:3a:64:8b:ae:df:
88:eb:dd:53:d0:3f:e1:c8:f8:84:bf:f0:35:0c:73:
33:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:38:BD:5C:67:16:DA:CF:22:20:B7:F8:17:26:55:7E:54:B5:D9:E1
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS134351.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.253.0/24
46.202.255.0/24
46.203.23.0/24
46.203.28.0/24
46.203.45.0/24
46.203.52.0/24
Signature Algorithm: sha256WithRSAEncryption
55:b1:0e:de:b1:4d:9f:b0:61:8c:81:30:8c:18:27:2c:b5:ad:
62:e0:b3:8f:08:b2:53:71:47:af:66:06:52:32:7b:56:bc:e4:
68:ee:6f:69:bf:c0:33:66:d3:13:79:cf:f0:3c:ff:5f:18:2f:
dd:4a:84:85:97:ab:8f:f4:12:41:db:f0:c7:78:e4:71:20:e4:
49:ac:73:d9:6f:47:a9:de:e9:ce:06:17:ac:c0:ab:85:06:08:
75:c6:ff:e7:f0:c3:51:8d:52:d9:63:dd:af:af:51:5c:bc:c8:
4e:d8:33:62:c4:ef:92:0b:ed:d0:ae:0d:b6:a4:78:a3:17:1b:
16:69:5f:d1:7b:e2:57:5e:5d:58:8a:08:4e:5f:33:66:56:92:
5a:94:d0:a7:84:d9:19:73:32:b2:95:32:c5:58:31:90:40:85:
19:33:b7:db:5b:8d:79:86:aa:3e:d3:cf:2e:27:05:ea:f4:2c:
af:b9:f8:b2:c0:d0:ef:ea:7f:b2:44:70:0f:d1:80:44:99:a0:
69:d4:8d:bc:11:05:93:41:48:dc:d0:15:eb:09:0c:ee:bb:ab:
62:8e:09:ed:07:dd:ac:a8:00:63:46:c8:6c:7d:21:3c:4d:83:
ca:ec:2a:91:74:24:a9:b4:11:20:3b:3d:25:dc:7e:cd:86:f0:
21:67:54:ab
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUXBCPmO0nGqi9o4JxH+0YT0n2TC4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDExMjcxMzI3NTZaFw0yNTExMjYxMzMyNTZaMDMxMTAvBgNV
BAMTKDdFMzhCRDVDNjcxNkRBQ0YyMjIwQjdGODE3MjY1NTdFNTRCNUQ5RTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCct0xrCj9w4pVraVNdhxvutNHZ
kGCa1vvenfjGO+NEAvxyHR1DrEY2wsiyl5pqHKsNCogzTIoKLi9cCTXAAdh/V87l
C+wQg5cMBDwVJoUw65om8cxDKNKCKxQqOIxlWuy0tibZVtF5Lb5F9KssKkdYgZQB
P7XQZ1mNXAW2sYfcL7ra7Kj8sl5kSLT0bHs4n5f1O5r32IXlridqEP+QJN+KrFwJ
A2mTXAX2PA5GS29Cu8FSMuaG6lXNTccqQGfQNbVZvXVW2o0hFTztsZNh5HfD7Okz
5nClf/yXMGlxh6iCcV8zDkT4gfcGAJg6ZIuu34jr3VPQP+HI+IS/8DUMczPxAgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQUfji9XGcW2s8iILf4FyZVflS12eEwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTM0MzUxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALsr9
AwQALsr/AwQALssXAwQALsscAwQALsstAwQALss0MA0GCSqGSIb3DQEBCwUAA4IB
AQBVsQ7esU2fsGGMgTCMGCcsta1i4LOPCLJTcUevZgZSMntWvORo7m9pv8AzZtMT
ec/wPP9fGC/dSoSFl6uP9BJB2/DHeORxIORJrHPZb0ep3unOBheswKuFBgh1xv/n
8MNRjVLZY92vr1FcvMhO2DNixO+SC+3Qrg22pHijFxsWaV/Re+JXXl1YighOXzNm
VpJalNCnhNkZczKylTLFWDGQQIUZM7fbW415hqo+088uJwXq9CyvufiywNDv6n+y
RHAP0YBEmaBp1I28EQWTQUjc0BXrCQzuu6tijgntB92sqABjRshsfSE8TYPK7CqR
dCSptBEgOz0l3H7NhvAhZ1Sr
-----END CERTIFICATE-----
Generated at Wed Feb 5 17:06:31 2025 by rpki-client