Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
File: AS214025.roa (raw, json)
Hash identifier: y5a4jvtqf5qdegYCcaIgZS2D9tA9sL/G3c+UTajSpTg=
Subject key identifier: 44:29:F2:0E:59:AD:B1:1F:C7:5B:21:03:98:B8:3C:7C:6B:2C:74:B3
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 0CB1B98635ED9837D6E308B5F568215975256A7F
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
Signing time: Wed 04 Dec 2024 03:42:23 +0000
ROA not before: Wed 04 Dec 2024 03:37:23 +0000
ROA not after: Wed 03 Dec 2025 03:42:23 +0000
asID: 214025
IP address blocks: 46.203.98.0/24 maxlen: 24
46.203.99.0/24 maxlen: 24
46.203.188.0/24 maxlen: 24
46.203.189.0/24 maxlen: 24
46.203.203.0/24 maxlen: 24
46.203.204.0/24 maxlen: 24
46.203.250.0/24 maxlen: 24
46.203.251.0/24 maxlen: 24
91.124.8.0/24 maxlen: 24
91.124.9.0/24 maxlen: 24
91.124.10.0/24 maxlen: 24
91.124.11.0/24 maxlen: 24
91.124.12.0/24 maxlen: 24
91.124.13.0/24 maxlen: 24
92.113.106.0/23 maxlen: 24
92.113.112.0/23 maxlen: 24
92.113.124.0/23 maxlen: 24
92.113.136.0/23 maxlen: 24
92.113.142.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 14:35:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:b1:b9:86:35:ed:98:37:d6:e3:08:b5:f5:68:21:59:75:25:6a:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Dec 4 03:37:23 2024 GMT
Not After : Dec 3 03:42:23 2025 GMT
Subject: CN=4429F20E59ADB11FC75B210398B83C7C6B2C74B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2b:5d:06:b3:8b:b6:29:ab:39:cb:f4:f8:5d:
02:71:a1:28:82:71:3d:fc:5d:88:95:d0:cd:68:cd:
e4:e8:b0:d8:58:50:ac:bc:61:2b:5e:1a:7b:55:0d:
0c:84:4a:be:3d:ba:05:d7:eb:0f:f8:9a:31:da:ed:
20:d7:e4:ef:d8:30:8f:3a:ce:8e:3c:30:f4:63:73:
0b:66:41:21:9f:c4:cc:9d:48:dc:92:89:a5:60:d0:
11:0b:f4:04:50:cf:31:b2:fb:6c:70:01:5f:f3:c8:
95:ae:bc:a9:e8:17:64:10:74:91:c3:2c:89:4d:ba:
b9:d5:e4:66:69:04:17:60:5f:b7:da:d2:57:9d:3b:
14:42:44:11:c9:66:e2:d2:a1:98:65:f4:d0:c9:85:
3b:dc:27:75:40:19:1e:92:96:3f:50:c1:11:30:31:
ea:ca:c0:96:8e:ca:2a:4a:0c:ea:bd:61:8f:c6:ac:
f7:c0:07:ab:e4:05:4b:ea:f2:3b:6b:45:7a:9f:be:
9e:30:f8:de:c2:29:07:45:40:2d:dc:85:ef:db:1e:
8f:14:f2:79:f0:3e:1b:5b:ec:2b:44:3c:d2:d8:6f:
8b:60:28:61:b4:d2:46:bf:1d:92:91:24:af:30:1d:
37:4a:13:2e:1e:4f:cf:21:21:9c:60:da:d0:57:58:
13:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:29:F2:0E:59:AD:B1:1F:C7:5B:21:03:98:B8:3C:7C:6B:2C:74:B3
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214025.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.98.0/23
46.203.188.0/23
46.203.203.0-46.203.204.255
46.203.250.0/23
91.124.8.0-91.124.13.255
92.113.106.0/23
92.113.112.0/23
92.113.124.0/23
92.113.136.0/23
92.113.142.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:cc:18:85:41:ea:e1:79:bc:fc:e5:6c:b9:8f:4f:f3:90:71:
ad:da:e0:f1:01:c1:93:c5:ca:e5:6b:e2:1e:bb:17:0c:b4:d3:
b5:b5:54:f7:95:ea:eb:ae:ba:48:88:47:a5:ae:85:3c:1d:2f:
6f:e6:df:b1:a7:55:b3:13:0f:55:1b:ed:1a:54:c0:fb:cb:d3:
86:02:31:da:96:bf:89:1d:34:fe:51:89:db:3d:a2:94:a9:24:
05:80:88:0a:37:85:57:b1:0f:02:82:32:ec:02:b9:87:9b:88:
32:f2:80:32:91:60:82:77:e0:01:1b:8d:5f:9f:c4:a6:49:83:
a4:92:57:36:b4:02:67:65:80:75:c6:99:10:09:ca:96:7d:6f:
af:09:6b:ef:ef:53:ac:64:ad:92:1e:c8:8c:fd:41:e2:4b:e3:
40:3e:e8:b1:4e:b3:75:32:d3:e5:0d:ca:07:a9:cc:34:06:9d:
c4:13:f4:2e:6a:f1:43:57:e4:8e:b0:00:5c:50:2d:aa:c8:79:
d4:03:94:ac:0c:0a:cd:cb:b9:16:6e:cf:e0:64:6b:a0:68:93:
83:86:82:37:7e:97:cd:4a:69:b7:3d:f9:57:6b:de:33:d8:3c:
73:90:2a:b4:b8:eb:79:09:f0:4a:7d:85:c9:15:27:15:e4:03:
d0:92:69:0f
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUDLG5hjXtmDfW4wi19WghWXUlan8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDEyMDQwMzM3MjNaFw0yNTEyMDMwMzQyMjNaMDMxMTAvBgNV
BAMTKDQ0MjlGMjBFNTlBREIxMUZDNzVCMjEwMzk4QjgzQzdDNkIyQzc0QjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiK10Gs4u2Kas5y/T4XQJxoSiC
cT38XYiV0M1ozeTosNhYUKy8YSteGntVDQyESr49ugXX6w/4mjHa7SDX5O/YMI86
zo48MPRjcwtmQSGfxMydSNySiaVg0BEL9ARQzzGy+2xwAV/zyJWuvKnoF2QQdJHD
LIlNurnV5GZpBBdgX7fa0ledOxRCRBHJZuLSoZhl9NDJhTvcJ3VAGR6Slj9QwREw
MerKwJaOyipKDOq9YY/GrPfAB6vkBUvq8jtrRXqfvp4w+N7CKQdFQC3che/bHo8U
8nnwPhtb7CtEPNLYb4tgKGG00ka/HZKRJK8wHTdKEy4eT88hIZxg2tBXWBMrAgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQURCnyDlmtsR/HWyEDmLg8fGssdLMwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQBLsti
AwQBLsu8MAwDBAAuy8sDBAAuy8wDBAEuy/owDAMEA1t8CAMEAVt8DAMEAVxxagME
AVxxcAMEAVxxfAMEAVxxiAMEAVxxjjANBgkqhkiG9w0BAQsFAAOCAQEAe8wYhUHq
4Xm8/OVsuY9P85Bxrdrg8QHBk8XK5WviHrsXDLTTtbVU95Xq6666SIhHpa6FPB0v
b+bfsadVsxMPVRvtGlTA+8vThgIx2pa/iR00/lGJ2z2ilKkkBYCICjeFV7EPAoIy
7AK5h5uIMvKAMpFggnfgARuNX5/EpkmDpJJXNrQCZ2WAdcaZEAnKln1vrwlr7+9T
rGStkh7IjP1B4kvjQD7osU6zdTLT5Q3KB6nMNAadxBP0LmrxQ1fkjrAAXFAtqsh5
1AOUrAwKzcu5Fm7P4GRroGiTg4aCN36XzUpptz35V2veM9g8c5AqtLjreQnwSn2F
yRUnFeQD0JJpDw==
-----END CERTIFICATE-----
Generated at Wed Feb 5 16:59:20 2025 by rpki-client