Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214654.roa
File: AS214654.roa (raw, json)
Hash identifier: HzgudaE4XgxgDXikHIJS7JBhsBQ9PbzY1lXrVxv2t3A=
Subject key identifier: B6:DD:D1:BE:DB:24:0E:F6:AE:A6:52:01:9F:03:F9:92:6F:0E:76:FF
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 5FAC214849AD4859B9EF3337EE8973B09DA9271F
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214654.roa
Signing time: Wed 13 Nov 2024 09:08:55 +0000
ROA not before: Wed 13 Nov 2024 09:03:55 +0000
ROA not after: Wed 12 Nov 2025 09:08:55 +0000
asID: 214654
IP address blocks: 91.124.8.0/24 maxlen: 24
91.124.9.0/24 maxlen: 24
91.124.10.0/24 maxlen: 24
91.124.11.0/24 maxlen: 24
91.124.12.0/24 maxlen: 24
91.124.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:ac:21:48:49:ad:48:59:b9:ef:33:37:ee:89:73:b0:9d:a9:27:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Nov 13 09:03:55 2024 GMT
Not After : Nov 12 09:08:55 2025 GMT
Subject: CN=B6DDD1BEDB240EF6AEA652019F03F9926F0E76FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:79:66:51:a7:1a:14:9a:67:65:d0:4f:78:1b:
d5:36:98:5d:13:70:d1:64:5b:9c:ad:0c:a4:75:5a:
06:3d:d5:97:41:83:aa:c4:e9:e9:08:58:02:cb:40:
53:a2:80:ab:f6:ba:37:89:af:32:8c:a9:80:9b:e9:
70:a2:7c:ef:3b:b2:37:a0:24:33:e8:8b:9d:06:03:
6d:80:1d:9c:37:01:13:56:18:04:cd:c9:95:45:4f:
19:79:ec:cd:c9:70:58:18:74:07:29:9a:82:78:2f:
92:c1:1c:b1:11:ca:d7:ee:4e:6c:2d:2f:8d:96:65:
da:da:31:ac:f4:1d:dd:7b:75:a8:84:72:7b:88:98:
ee:ac:50:6a:b0:c8:ff:1d:be:60:8f:18:75:f2:da:
10:be:74:a9:e4:f9:68:39:87:32:07:f0:a8:39:5f:
8c:c7:4b:30:16:b0:0a:bd:35:af:73:4c:58:99:d4:
3f:99:2d:f3:5e:81:bc:74:1f:a5:d7:60:3e:2f:36:
2a:ab:4e:e8:39:81:82:f7:48:87:1d:4e:5c:a5:a6:
58:b9:10:a4:1b:5f:38:b0:83:74:85:1c:67:f6:22:
3a:47:02:a3:d3:05:35:ad:23:78:82:7a:ff:61:ff:
c2:05:3a:f9:e3:84:d6:a3:1e:fe:0e:0a:f1:d1:16:
39:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:DD:D1:BE:DB:24:0E:F6:AE:A6:52:01:9F:03:F9:92:6F:0E:76:FF
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214654.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.8.0-91.124.13.255
Signature Algorithm: sha256WithRSAEncryption
80:c6:fd:d7:16:8b:2c:19:ff:4b:46:0b:ae:92:e4:82:eb:0a:
88:0e:01:ae:be:9e:a3:3a:e8:02:b6:e3:75:81:72:f5:d8:8e:
a2:4a:4e:92:0a:bd:6f:69:8d:cd:64:f7:02:da:1f:3b:08:de:
cf:f7:69:c1:db:88:ad:78:d7:79:47:14:5d:00:60:fe:8d:ed:
4c:fa:38:97:20:b7:fa:7d:cf:7f:7f:1b:4e:69:37:0b:86:e7:
aa:d6:9e:1e:ab:b1:1a:c4:b4:59:b9:01:d6:fe:a7:a5:b3:72:
c1:cf:46:a3:5e:b9:15:e8:16:08:df:55:ae:f4:1b:63:65:33:
30:69:b9:72:c8:60:87:82:d1:d2:35:24:a1:ef:5f:8e:2d:dc:
af:6e:f5:fb:dc:43:49:26:c5:09:de:88:25:52:a5:b7:9d:ca:
b0:23:ff:ee:64:2d:48:5a:79:f6:b5:7f:f8:5e:3f:df:e8:08:
10:0f:7b:2f:c8:b6:33:49:ad:9a:3b:30:a9:ec:b3:7d:3c:1a:
cb:27:41:18:36:f5:83:60:74:05:51:7a:2c:e0:63:14:7a:e4:
bd:cf:0e:09:cc:13:b6:bb:06:db:e3:24:4f:b1:33:31:2b:d2:
10:16:fe:76:4f:57:50:f0:4e:84:37:e1:d6:99:b0:ab:23:24:
bf:22:6a:ed
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIUX6whSEmtSFm57zM37olzsJ2pJx8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDExMTMwOTAzNTVaFw0yNTExMTIwOTA4NTVaMDMxMTAvBgNV
BAMTKEI2REREMUJFREIyNDBFRjZBRUE2NTIwMTlGMDNGOTkyNkYwRTc2RkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDReWZRpxoUmmdl0E94G9U2mF0T
cNFkW5ytDKR1WgY91ZdBg6rE6ekIWALLQFOigKv2ujeJrzKMqYCb6XCifO87sjeg
JDPoi50GA22AHZw3ARNWGATNyZVFTxl57M3JcFgYdAcpmoJ4L5LBHLERytfuTmwt
L42WZdraMaz0Hd17daiEcnuImO6sUGqwyP8dvmCPGHXy2hC+dKnk+Wg5hzIH8Kg5
X4zHSzAWsAq9Na9zTFiZ1D+ZLfNegbx0H6XXYD4vNiqrTug5gYL3SIcdTlylpli5
EKQbXziwg3SFHGf2IjpHAqPTBTWtI3iCev9h/8IFOvnjhNajHv4OCvHRFjnLAgMB
AAGjggISMIICDjAdBgNVHQ4EFgQUtt3RvtskDvauplIBnwP5km8Odv8wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0NjU0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANb
fAgDBAFbfAwwDQYJKoZIhvcNAQELBQADggEBAIDG/dcWiywZ/0tGC66S5ILrCogO
Aa6+nqM66AK243WBcvXYjqJKTpIKvW9pjc1k9wLaHzsI3s/3acHbiK1413lHFF0A
YP6N7Uz6OJcgt/p9z39/G05pNwuG56rWnh6rsRrEtFm5Adb+p6WzcsHPRqNeuRXo
FgjfVa70G2NlMzBpuXLIYIeC0dI1JKHvX44t3K9u9fvcQ0kmxQneiCVSpbedyrAj
/+5kLUhaefa1f/heP9/oCBAPey/ItjNJrZo7MKnss308GssnQRg29YNgdAVReizg
YxR65L3PDgnME7a7BtvjJE+xMzEr0hAW/nZPV1DwToQ34daZsKsjJL8iau0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:44:51 2024 by rpki-client on console-fra.rpki-client.org