Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS200088.roa
File: AS200088.roa (raw, json)
Hash identifier: DEbEuhHb9fvdcXALoBecAXx/gmAnlAYSIdkyks9IOrM=
Subject key identifier: EA:21:A1:BF:D0:3A:4E:85:DF:59:5E:B0:18:15:0A:F0:F3:96:80:7C
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 20FE43090A656F5117B0C8A10201C0760574BE6D
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS200088.roa
Signing time: Sat 30 Nov 2024 02:24:45 +0000
ROA not before: Sat 30 Nov 2024 02:19:45 +0000
ROA not after: Sat 29 Nov 2025 02:24:45 +0000
asID: 200088
IP address blocks: 46.203.97.0/24 maxlen: 24
46.203.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 14:35:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:fe:43:09:0a:65:6f:51:17:b0:c8:a1:02:01:c0:76:05:74:be:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Nov 30 02:19:45 2024 GMT
Not After : Nov 29 02:24:45 2025 GMT
Subject: CN=EA21A1BFD03A4E85DF595EB018150AF0F396807C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ed:f5:78:d2:20:e6:8a:62:7d:cc:e3:fb:c1:
2a:94:d8:6e:cf:c3:f5:5e:6c:27:1a:9c:4e:de:ae:
96:7f:ad:18:ba:04:09:5b:da:42:70:01:8f:47:81:
ee:08:3e:0b:a4:c8:64:88:f0:c7:0e:57:80:ea:29:
ae:6f:dc:e2:12:a8:69:70:0b:ff:ba:dd:6b:01:7a:
a1:64:30:e7:d6:51:65:84:05:a1:6a:09:3a:7d:cb:
5f:9f:c7:ee:91:9c:ac:06:fd:1f:11:eb:1c:9d:57:
e8:72:98:aa:a5:a0:3b:47:6c:42:ae:d7:b5:e8:bb:
6b:ce:af:a5:78:5d:ef:fe:24:c1:98:1b:9f:ac:31:
29:ff:c1:49:87:06:ba:7f:9e:4d:85:a7:13:55:ba:
a0:6a:1a:bb:12:27:25:b7:ac:17:20:d7:1b:34:6d:
d5:2c:57:7e:7d:06:c0:2e:e4:a1:61:22:00:42:c8:
a1:28:a6:8a:c5:89:c1:11:0e:23:79:a8:a5:7e:8b:
07:ef:ba:0a:39:ed:62:22:40:6e:b8:1b:03:56:19:
97:16:94:5d:d3:b6:14:6b:8a:d2:77:13:2c:84:b1:
f3:0a:79:10:fa:cd:19:5c:5d:23:c8:df:0c:a3:14:
7e:40:a1:56:9f:dc:18:42:a3:a6:2a:25:d2:49:94:
a2:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:21:A1:BF:D0:3A:4E:85:DF:59:5E:B0:18:15:0A:F0:F3:96:80:7C
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS200088.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.97.0/24
46.203.102.0/24
Signature Algorithm: sha256WithRSAEncryption
99:c6:53:2d:45:f0:ca:43:b0:59:a6:ec:f4:93:87:17:b9:30:
78:5b:36:26:12:7c:45:02:94:62:57:00:a9:4c:eb:9b:43:e0:
bc:2b:55:0a:c5:a3:7f:39:2e:03:df:30:f6:05:7d:33:f1:ad:
44:ac:29:3d:24:55:4b:ff:47:c3:ff:8f:d5:7d:bb:89:c5:a1:
1a:9e:8f:b2:e0:8e:37:4f:8e:dd:37:4c:33:cf:20:d1:87:ea:
2a:e4:80:41:bb:6a:89:1d:45:4a:4f:51:6a:07:07:fe:98:97:
ce:b8:20:71:eb:89:93:39:85:56:17:60:0d:dc:ec:75:f4:5b:
44:c4:41:e4:a1:22:74:25:dd:10:49:1a:2b:d0:bc:3e:aa:5d:
fc:c6:65:52:96:5a:25:22:7d:e7:24:3a:d5:d0:24:91:86:1d:
1d:d0:41:eb:d5:fd:46:d4:3f:ef:1e:29:9d:0d:44:c0:2b:b2:
b5:f7:07:6e:fe:72:e0:c5:1c:8c:56:48:be:d9:a8:dc:b6:9f:
8a:e9:68:71:c8:61:c0:b0:8a:52:b8:3a:80:18:38:04:54:51:
a0:ab:54:9e:55:8c:98:f0:d6:92:f4:c7:8d:ba:3f:6d:fb:2f:
e3:66:0b:76:82:d3:b7:0e:bb:8f:d8:58:48:59:dd:53:61:4a:
16:27:81:ee
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUIP5DCQplb1EXsMihAgHAdgV0vm0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDExMzAwMjE5NDVaFw0yNTExMjkwMjI0NDVaMDMxMTAvBgNV
BAMTKEVBMjFBMUJGRDAzQTRFODVERjU5NUVCMDE4MTUwQUYwRjM5NjgwN0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC07fV40iDmimJ9zOP7wSqU2G7P
w/VebCcanE7erpZ/rRi6BAlb2kJwAY9Hge4IPgukyGSI8McOV4DqKa5v3OISqGlw
C/+63WsBeqFkMOfWUWWEBaFqCTp9y1+fx+6RnKwG/R8R6xydV+hymKqloDtHbEKu
17Xou2vOr6V4Xe/+JMGYG5+sMSn/wUmHBrp/nk2FpxNVuqBqGrsSJyW3rBcg1xs0
bdUsV359BsAu5KFhIgBCyKEoporFicERDiN5qKV+iwfvugo57WIiQG64GwNWGZcW
lF3TthRritJ3EyyEsfMKeRD6zRlcXSPI3wyjFH5AoVaf3BhCo6YqJdJJlKK3AgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQU6iGhv9A6ToXfWV6wGBUK8POWgHwwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjAwMDg4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALsth
AwQALstmMA0GCSqGSIb3DQEBCwUAA4IBAQCZxlMtRfDKQ7BZpuz0k4cXuTB4WzYm
EnxFApRiVwCpTOubQ+C8K1UKxaN/OS4D3zD2BX0z8a1ErCk9JFVL/0fD/4/VfbuJ
xaEano+y4I43T47dN0wzzyDRh+oq5IBBu2qJHUVKT1FqBwf+mJfOuCBx64mTOYVW
F2AN3Ox19FtExEHkoSJ0Jd0QSRor0Lw+ql38xmVSllolIn3nJDrV0CSRhh0d0EHr
1f1G1D/vHimdDUTAK7K19wdu/nLgxRyMVki+2ajctp+K6WhxyGHAsIpSuDqAGDgE
VFGgq1SeVYyY8NaS9MeNuj9t+y/jZgt2gtO3DruP2FhIWd1TYUoWJ4Hu
-----END CERTIFICATE-----
Generated at Wed Feb 5 17:05:42 2025 by rpki-client