Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS213734.roa
File: AS213734.roa (raw, json)
Hash identifier: QIRHafB2cW8eIbRa4FMveMQCR61kE8Y5KcjhXzqa+OQ=
Subject key identifier: AA:B5:27:4B:89:7A:41:D4:D9:57:DA:EE:AE:5A:6D:2C:B2:C3:6B:A7
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 76ABC5A86120A159A13935BB8524C447F7CD79CC
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS213734.roa
Signing time: Mon 06 Jan 2025 12:53:53 +0000
ROA not before: Mon 06 Jan 2025 12:48:53 +0000
ROA not after: Mon 05 Jan 2026 12:53:53 +0000
asID: 213734
IP address blocks: 46.203.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 14:35:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:ab:c5:a8:61:20:a1:59:a1:39:35:bb:85:24:c4:47:f7:cd:79:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jan 6 12:48:53 2025 GMT
Not After : Jan 5 12:53:53 2026 GMT
Subject: CN=AAB5274B897A41D4D957DAEEAE5A6D2CB2C36BA7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ca:7d:fc:04:ae:38:7b:aa:83:94:05:25:a3:
f5:35:ff:5d:19:db:d0:ab:48:98:e0:46:ee:06:b2:
0e:01:7e:2d:13:61:cf:e6:ff:a8:3b:48:91:c1:0b:
a8:ea:5c:bb:37:12:39:be:9d:15:d9:43:9a:44:9b:
aa:92:3f:04:3a:61:e9:0f:87:07:b9:87:fa:82:14:
1c:74:03:34:01:d8:ca:16:7a:2f:92:a1:06:f2:80:
56:0a:67:10:b1:73:6c:10:5f:7b:06:68:8a:c4:76:
5c:64:ce:d2:8b:3d:35:ee:1b:77:fd:6a:f2:e6:ee:
9a:76:4d:12:5c:5e:1e:28:ad:72:81:bf:c0:60:79:
82:0d:76:0c:d4:54:45:61:12:ba:f0:c6:a0:ce:fc:
e6:44:ee:65:75:47:89:9a:75:89:e0:4e:ce:be:a3:
b2:4f:82:ad:27:ba:e7:9a:d0:8e:51:9b:84:bf:18:
94:01:77:5f:4a:43:eb:58:a6:b6:fc:08:d6:ca:95:
28:e9:3a:c4:f6:8f:a8:d0:f5:04:3b:7b:52:30:85:
df:a6:13:74:8e:31:2b:03:1b:0b:e2:15:2e:18:75:
d7:7e:eb:c3:2f:9e:2c:93:24:27:58:3a:c5:20:aa:
f9:cd:94:23:0a:0f:37:1e:d1:ee:7b:5b:86:f3:43:
f5:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:B5:27:4B:89:7A:41:D4:D9:57:DA:EE:AE:5A:6D:2C:B2:C3:6B:A7
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS213734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.93.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:f7:f6:80:b3:5a:a6:eb:04:a3:52:2e:ac:cd:16:d0:75:57:
0b:ab:0d:e9:63:ea:37:72:c6:f7:72:03:94:b7:aa:c1:70:f4:
ab:35:ad:a9:a0:99:3c:06:fe:c5:bd:b2:d7:2c:c3:e2:fa:90:
d9:74:0f:c7:e5:7f:70:c7:e8:52:50:1c:10:5f:2c:4e:63:0e:
7f:5f:e0:23:64:93:22:1b:72:7c:a6:17:67:1e:38:68:cf:26:
c7:3a:8b:bd:e1:23:8d:ca:59:48:95:fd:6a:44:0a:0a:15:eb:
a5:12:8d:fa:c6:11:48:86:33:3b:2d:a0:5f:6d:e1:e2:d2:91:
83:9e:08:6d:cb:af:fb:cd:93:82:c3:1f:b1:3f:83:94:fd:23:
63:a4:e6:d8:ae:71:82:3b:09:d2:1e:f9:93:f3:b5:20:eb:7f:
82:3b:cd:dd:e8:c1:3e:f0:37:f6:28:78:21:96:7e:33:c6:fb:
7d:c8:8c:9d:04:75:8f:d3:9f:15:d9:8a:f2:57:24:0a:18:8c:
b0:f5:2c:3f:82:68:02:de:d4:f7:ed:a7:26:06:c6:e3:45:08:
d9:fa:06:af:33:b5:88:a7:a1:0e:c4:7a:1a:d0:bf:53:a6:ee:
0c:80:56:b0:d7:c9:cc:c8:07:3b:d0:1d:ee:0c:a4:21:f8:42:
3c:c4:3a:af
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUdqvFqGEgoVmhOTW7hSTER/fNecwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTAxMDYxMjQ4NTNaFw0yNjAxMDUxMjUzNTNaMDMxMTAvBgNV
BAMTKEFBQjUyNzRCODk3QTQxRDREOTU3REFFRUFFNUE2RDJDQjJDMzZCQTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyyn38BK44e6qDlAUlo/U1/10Z
29CrSJjgRu4Gsg4Bfi0TYc/m/6g7SJHBC6jqXLs3Ejm+nRXZQ5pEm6qSPwQ6YekP
hwe5h/qCFBx0AzQB2MoWei+SoQbygFYKZxCxc2wQX3sGaIrEdlxkztKLPTXuG3f9
avLm7pp2TRJcXh4orXKBv8BgeYINdgzUVEVhErrwxqDO/OZE7mV1R4madYngTs6+
o7JPgq0nuuea0I5Rm4S/GJQBd19KQ+tYprb8CNbKlSjpOsT2j6jQ9QQ7e1Iwhd+m
E3SOMSsDGwviFS4Yddd+68MvniyTJCdYOsUgqvnNlCMKDzce0e57W4bzQ/UvAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUqrUnS4l6QdTZV9rurlptLLLDa6cwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjEzNzM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALstd
MA0GCSqGSIb3DQEBCwUAA4IBAQB/9/aAs1qm6wSjUi6szRbQdVcLqw3pY+o3csb3
cgOUt6rBcPSrNa2poJk8Bv7FvbLXLMPi+pDZdA/H5X9wx+hSUBwQXyxOYw5/X+Aj
ZJMiG3J8phdnHjhozybHOou94SONyllIlf1qRAoKFeulEo36xhFIhjM7LaBfbeHi
0pGDnghty6/7zZOCwx+xP4OU/SNjpObYrnGCOwnSHvmT87Ug63+CO83d6ME+8Df2
KHghln4zxvt9yIydBHWP058V2YryVyQKGIyw9Sw/gmgC3tT37acmBsbjRQjZ+gav
M7WIp6EOxHoa0L9Tpu4MgFaw18nMyAc70B3uDKQh+EI8xDqv
-----END CERTIFICATE-----
Generated at Wed Feb 5 16:53:49 2025 by rpki-client