Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS30860.roa
File: AS30860.roa (raw, json)
Hash identifier: XFP0W+n0Hpd1wvqbjJnQlZh+ZkGtjTvhQnn3ViphPS0=
Subject key identifier: 8C:96:64:AA:83:0D:E2:F2:9E:BF:09:BA:85:AA:26:90:F5:98:4F:EA
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 6DB1DD5096FA28E1EC5DD46DB028F3E93000A157
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS30860.roa
Signing time: Thu 09 Jan 2025 10:49:45 +0000
ROA not before: Thu 09 Jan 2025 10:44:45 +0000
ROA not after: Thu 08 Jan 2026 10:49:45 +0000
asID: 30860
IP address blocks: 46.203.159.0/24 maxlen: 24
46.203.186.0/24 maxlen: 24
92.112.135.0/24 maxlen: 24
92.112.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 14:35:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:b1:dd:50:96:fa:28:e1:ec:5d:d4:6d:b0:28:f3:e9:30:00:a1:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jan 9 10:44:45 2025 GMT
Not After : Jan 8 10:49:45 2026 GMT
Subject: CN=8C9664AA830DE2F29EBF09BA85AA2690F5984FEA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0a:4a:24:83:41:59:a2:b6:1f:a8:b7:71:81:
8a:12:04:0d:41:24:da:18:d0:45:23:69:82:40:3f:
8c:a0:83:ac:77:94:59:85:66:79:75:04:1c:a8:cd:
ad:49:78:c5:3c:19:17:1b:fd:2b:b8:2d:91:74:d9:
16:22:72:95:f5:91:fd:38:fb:fa:a0:08:00:55:18:
de:e1:7c:d3:f9:ae:1a:f1:e4:bd:43:c4:38:45:a2:
65:52:3f:5e:5d:57:f5:f2:38:da:73:9a:27:6c:34:
ce:ca:a6:1d:df:61:6a:94:4d:ec:be:34:62:26:da:
a5:93:8d:dc:95:be:4a:4f:2a:d0:2d:fc:2d:46:41:
1c:c0:e6:e1:96:b8:e6:db:ba:f8:5b:c9:62:51:7c:
03:0a:41:f9:72:76:c7:c0:23:43:0b:31:d3:be:c7:
e0:6c:3d:01:27:66:ec:c1:35:f8:43:eb:e7:49:22:
6d:e9:dc:a0:3b:da:c5:f8:29:99:9b:1f:27:6b:3e:
5a:94:14:85:48:07:81:e0:cb:d5:e9:b2:1c:14:9e:
9e:b1:c3:05:6f:92:03:8d:b8:f9:a9:53:8c:21:99:
17:67:d8:93:af:8c:8c:69:07:ab:bf:8b:f3:fd:55:
ac:a2:af:c6:69:cf:e5:c2:da:f6:b0:f9:44:31:b2:
9a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:96:64:AA:83:0D:E2:F2:9E:BF:09:BA:85:AA:26:90:F5:98:4F:EA
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS30860.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.159.0/24
46.203.186.0/24
92.112.135.0/24
92.112.138.0/24
Signature Algorithm: sha256WithRSAEncryption
73:1b:bb:bb:5a:05:e7:0c:7c:18:eb:d6:6f:af:ae:ca:23:c9:
e8:8e:0d:37:83:e7:fa:8a:df:2f:b0:78:d0:36:1a:cb:9f:36:
7b:f5:80:1d:44:07:a0:96:da:e4:c3:f4:41:34:4d:fa:af:66:
ba:17:b9:61:0a:2b:0f:e1:70:09:ae:d6:18:8d:60:89:c1:b7:
5a:11:74:af:aa:9b:e5:22:31:7a:ec:97:ad:b4:12:05:9e:ba:
a8:df:47:82:85:52:66:0c:ca:ec:c8:04:8c:8c:81:25:f4:f1:
69:29:7d:ba:6c:39:8d:52:96:82:c1:22:eb:4a:59:f7:e4:76:
e8:d1:01:1f:25:30:11:af:44:68:8b:84:ec:5b:7c:a9:4a:f2:
68:5f:56:6d:30:d5:d5:ba:34:47:e1:d3:c6:35:da:8f:a2:46:
37:8b:84:52:2f:8f:71:6d:ec:e4:fa:75:ac:41:36:84:d5:2e:
e0:07:5f:2d:90:b5:dd:12:c9:5c:00:d4:d4:14:a9:ce:6b:1f:
7a:32:dd:be:a1:8a:e2:e0:0b:7f:11:74:d3:af:4c:26:a5:78:
db:30:b5:11:24:63:67:c3:8c:a8:8a:ba:d1:ce:1e:c0:45:35:
3f:ba:30:01:d5:cf:ff:27:06:4a:01:26:52:b8:eb:b3:46:34:
4d:d4:3f:52
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUbbHdUJb6KOHsXdRtsCjz6TAAoVcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTAxMDkxMDQ0NDVaFw0yNjAxMDgxMDQ5NDVaMDMxMTAvBgNV
BAMTKDhDOTY2NEFBODMwREUyRjI5RUJGMDlCQTg1QUEyNjkwRjU5ODRGRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6Ckokg0FZorYfqLdxgYoSBA1B
JNoY0EUjaYJAP4ygg6x3lFmFZnl1BByoza1JeMU8GRcb/Su4LZF02RYicpX1kf04
+/qgCABVGN7hfNP5rhrx5L1DxDhFomVSP15dV/XyONpzmidsNM7Kph3fYWqUTey+
NGIm2qWTjdyVvkpPKtAt/C1GQRzA5uGWuObbuvhbyWJRfAMKQflydsfAI0MLMdO+
x+BsPQEnZuzBNfhD6+dJIm3p3KA72sX4KZmbHydrPlqUFIVIB4Hgy9XpshwUnp6x
wwVvkgONuPmpU4whmRdn2JOvjIxpB6u/i/P9Vayir8Zpz+XC2vaw+UQxspqrAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUjJZkqoMN4vKevwm6haomkPWYT+owHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzA4NjAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAAuy58D
BAAuy7oDBABccIcDBABccIowDQYJKoZIhvcNAQELBQADggEBAHMbu7taBecMfBjr
1m+vrsojyeiODTeD5/qK3y+weNA2GsufNnv1gB1EB6CW2uTD9EE0TfqvZroXuWEK
Kw/hcAmu1hiNYInBt1oRdK+qm+UiMXrsl620EgWeuqjfR4KFUmYMyuzIBIyMgSX0
8WkpfbpsOY1SloLBIutKWffkdujRAR8lMBGvRGiLhOxbfKlK8mhfVm0w1dW6NEfh
08Y12o+iRjeLhFIvj3Ft7OT6daxBNoTVLuAHXy2Qtd0SyVwA1NQUqc5rH3oy3b6h
iuLgC38RdNOvTCaleNswtREkY2fDjKiKutHOHsBFNT+6MAHVz/8nBkoBJlK467NG
NE3UP1I=
-----END CERTIFICATE-----
Generated at Wed Feb 5 16:45:15 2025 by rpki-client