Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3356.roa
File: AS3356.roa (raw, json)
Hash identifier: 71JCBbzMuXhxmj0S0mvk13R3pFlOrcRchc8Cx3qlhOk=
Subject key identifier: 0C:97:FD:FC:DF:92:C5:2E:46:4F:76:AD:5C:69:0B:0E:12:50:BB:9A
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 2A8839E5FF14E867FC0C4D8E16618116CCB8200E
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3356.roa
Signing time: Thu 21 Nov 2024 12:32:42 +0000
ROA not before: Thu 21 Nov 2024 12:27:42 +0000
ROA not after: Thu 20 Nov 2025 12:32:42 +0000
asID: 3356
IP address blocks: 46.202.16.0/22 maxlen: 24
46.202.24.0/22 maxlen: 24
46.202.28.0/24 maxlen: 24
46.202.29.0/24 maxlen: 24
46.202.31.0/24 maxlen: 24
46.202.33.0/24 maxlen: 24
46.202.34.0/24 maxlen: 24
46.202.35.0/24 maxlen: 24
46.202.37.0/24 maxlen: 24
46.202.38.0/24 maxlen: 24
46.202.39.0/24 maxlen: 24
46.202.40.0/24 maxlen: 24
46.202.42.0/24 maxlen: 24
46.202.43.0/24 maxlen: 24
46.202.44.0/24 maxlen: 24
46.202.45.0/24 maxlen: 24
46.202.47.0/24 maxlen: 24
46.202.48.0/24 maxlen: 24
46.202.52.0/24 maxlen: 24
46.202.55.0/24 maxlen: 24
46.202.58.0/24 maxlen: 24
46.202.62.0/24 maxlen: 24
46.202.65.0/24 maxlen: 24
46.202.69.0/24 maxlen: 24
46.202.73.0/24 maxlen: 24
46.202.76.0/24 maxlen: 24
46.202.80.0/24 maxlen: 24
46.202.104.0/22 maxlen: 24
46.202.112.0/22 maxlen: 24
46.202.120.0/22 maxlen: 24
46.203.24.0/22 maxlen: 24
46.203.48.0/22 maxlen: 24
46.203.68.0/22 maxlen: 24
91.124.48.0/24 maxlen: 24
91.124.129.0/24 maxlen: 24
91.124.139.0/24 maxlen: 24
91.124.144.0/24 maxlen: 24
91.124.176.0/24 maxlen: 24
91.124.187.0/24 maxlen: 24
91.124.201.0/24 maxlen: 24
91.124.209.0/24 maxlen: 24
91.124.220.0/24 maxlen: 24
91.124.238.0/24 maxlen: 24
92.112.87.0/24 maxlen: 24
92.112.88.0/24 maxlen: 24
92.112.89.0/24 maxlen: 24
92.112.142.0/24 maxlen: 24
92.112.147.0/24 maxlen: 24
92.113.156.0/24 maxlen: 24
92.113.157.0/24 maxlen: 24
92.113.163.0/24 maxlen: 24
92.113.164.0/24 maxlen: 24
92.113.165.0/24 maxlen: 24
92.113.168.0/24 maxlen: 24
92.113.225.0/24 maxlen: 24
92.113.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:88:39:e5:ff:14:e8:67:fc:0c:4d:8e:16:61:81:16:cc:b8:20:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Nov 21 12:27:42 2024 GMT
Not After : Nov 20 12:32:42 2025 GMT
Subject: CN=0C97FDFCDF92C52E464F76AD5C690B0E1250BB9A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b7:69:7c:71:05:72:b8:29:c4:7a:38:45:e7:
33:c2:f4:a4:28:29:a3:60:4d:a9:c4:cd:93:b3:e2:
91:5d:9b:94:7c:6d:87:08:e9:3c:38:ba:a8:db:7e:
e1:5e:46:c4:a3:88:11:7d:8c:c6:16:b4:d8:3f:d9:
a6:2b:c2:f6:e7:60:45:d3:a1:15:8a:b0:3b:58:69:
47:96:cc:53:b1:30:fb:9f:be:82:c0:64:bc:8e:61:
d4:29:5e:fd:a6:7f:aa:09:f6:dd:0c:47:bf:96:cb:
a2:6f:79:16:03:6c:0f:5f:a4:39:88:83:7d:35:f4:
44:ff:74:a4:44:04:e5:7f:51:bc:2c:8d:99:97:5c:
d9:55:63:8f:44:1e:9b:69:54:6e:dd:50:9e:45:fa:
d1:8a:88:2e:b8:15:20:52:e4:29:33:24:32:b3:65:
93:9b:67:fd:61:b0:93:fd:48:92:cc:11:1e:ea:b1:
2a:71:34:d1:51:09:97:4b:98:81:e5:f6:d0:cf:3b:
49:58:a1:32:68:b2:32:1d:fb:d7:16:0f:36:c2:a1:
b4:38:97:d4:7f:16:b5:0f:43:6a:0b:18:3a:d0:cf:
4b:30:04:4c:7b:6c:18:c7:01:77:bd:3a:43:93:69:
25:d5:de:10:78:09:58:d4:1a:71:71:25:85:7b:94:
58:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:97:FD:FC:DF:92:C5:2E:46:4F:76:AD:5C:69:0B:0E:12:50:BB:9A
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.16.0/22
46.202.24.0-46.202.29.255
46.202.31.0/24
46.202.33.0-46.202.35.255
46.202.37.0-46.202.40.255
46.202.42.0-46.202.45.255
46.202.47.0-46.202.48.255
46.202.52.0/24
46.202.55.0/24
46.202.58.0/24
46.202.62.0/24
46.202.65.0/24
46.202.69.0/24
46.202.73.0/24
46.202.76.0/24
46.202.80.0/24
46.202.104.0/22
46.202.112.0/22
46.202.120.0/22
46.203.24.0/22
46.203.48.0/22
46.203.68.0/22
91.124.48.0/24
91.124.129.0/24
91.124.139.0/24
91.124.144.0/24
91.124.176.0/24
91.124.187.0/24
91.124.201.0/24
91.124.209.0/24
91.124.220.0/24
91.124.238.0/24
92.112.87.0-92.112.89.255
92.112.142.0/24
92.112.147.0/24
92.113.156.0/23
92.113.163.0-92.113.165.255
92.113.168.0/24
92.113.225.0-92.113.226.255
Signature Algorithm: sha256WithRSAEncryption
21:5c:74:35:3e:48:88:51:e5:c7:19:05:d1:dc:7c:3b:c3:c5:
1f:63:1d:47:ac:45:47:f8:3c:81:80:c7:6f:06:52:21:41:16:
3e:81:14:97:ed:8d:a7:2b:e5:c8:08:75:58:9c:fb:61:dc:7f:
00:fe:b4:a6:9f:0a:85:06:9e:56:7e:1e:70:14:dd:8e:30:a0:
45:e6:a0:3e:7b:19:46:e9:ab:14:3a:7c:e3:c1:f9:e0:20:89:
b5:71:6e:a3:c8:63:86:d4:b1:0d:a7:02:39:14:08:da:ab:d7:
b0:82:0d:2c:26:17:d0:dc:f3:aa:d8:98:a2:94:4e:3a:6b:46:
23:f9:55:f9:12:17:42:ed:67:6b:41:f4:ce:f1:8c:77:e9:e0:
ee:fa:18:1c:e0:d6:46:bc:04:a9:75:5f:ac:1d:7a:01:80:6f:
98:ac:b6:2f:0d:9f:17:c5:88:fc:fe:4a:a9:6f:e5:a9:f8:d9:
e4:13:89:ef:cb:ad:9e:1c:80:26:34:0e:02:b8:95:c5:72:d8:
48:86:01:f8:bf:19:a9:4a:b2:06:10:99:74:59:e3:dd:25:43:
93:3a:47:3b:f2:fe:9a:6e:59:d9:ce:33:fd:54:d3:1d:4d:0b:
ec:f5:42:0b:c4:a9:84:af:b3:1f:51:9b:43:09:58:1a:c5:0d:
9b:cb:8a:5f
-----BEGIN CERTIFICATE-----
MIIGLDCCBRSgAwIBAgIUKog55f8U6Gf8DE2OFmGBFsy4IA4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDExMjExMjI3NDJaFw0yNTExMjAxMjMyNDJaMDMxMTAvBgNV
BAMTKDBDOTdGREZDREY5MkM1MkU0NjRGNzZBRDVDNjkwQjBFMTI1MEJCOUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSt2l8cQVyuCnEejhF5zPC9KQo
KaNgTanEzZOz4pFdm5R8bYcI6Tw4uqjbfuFeRsSjiBF9jMYWtNg/2aYrwvbnYEXT
oRWKsDtYaUeWzFOxMPufvoLAZLyOYdQpXv2mf6oJ9t0MR7+Wy6JveRYDbA9fpDmI
g3019ET/dKREBOV/UbwsjZmXXNlVY49EHptpVG7dUJ5F+tGKiC64FSBS5CkzJDKz
ZZObZ/1hsJP9SJLMER7qsSpxNNFRCZdLmIHl9tDPO0lYoTJosjId+9cWDzbCobQ4
l9R/FrUPQ2oLGDrQz0swBEx7bBjHAXe9OkOTaSXV3hB4CVjUGnFxJYV7lFhrAgMB
AAGjggM2MIIDMjAdBgNVHQ4EFgQUDJf9/N+SxS5GT3atXGkLDhJQu5owHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzM1Ni5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAUsGCCsGAQUFBwEHAQH/BIIBOjCCATYwggEyBAIAATCC
ASoDBAIuyhAwDAMEAy7KGAMEAS7KHAMEAC7KHzAMAwQALsohAwQCLsogMAwDBAAu
yiUDBAAuyigwDAMEAS7KKgMEAS7KLDAMAwQALsovAwQALsowAwQALso0AwQALso3
AwQALso6AwQALso+AwQALspBAwQALspFAwQALspJAwQALspMAwQALspQAwQCLspo
AwQCLspwAwQCLsp4AwQCLssYAwQCLsswAwQCLstEAwQAW3wwAwQAW3yBAwQAW3yL
AwQAW3yQAwQAW3ywAwQAW3y7AwQAW3zJAwQAW3zRAwQAW3zcAwQAW3zuMAwDBABc
cFcDBAFccFgDBABccI4DBABccJMDBAFccZwwDAMEAFxxowMEAVxxpAMEAFxxqDAM
AwQAXHHhAwQAXHHiMA0GCSqGSIb3DQEBCwUAA4IBAQAhXHQ1PkiIUeXHGQXR3Hw7
w8UfYx1HrEVH+DyBgMdvBlIhQRY+gRSX7Y2nK+XICHVYnPth3H8A/rSmnwqFBp5W
fh5wFN2OMKBF5qA+exlG6asUOnzjwfngIIm1cW6jyGOG1LENpwI5FAjaq9ewgg0s
JhfQ3POq2JiilE46a0Yj+VX5EhdC7WdrQfTO8Yx36eDu+hgc4NZGvASpdV+sHXoB
gG+YrLYvDZ8XxYj8/kqpb+Wp+NnkE4nvy62eHIAmNA4CuJXFcthIhgH4vxmpSrIG
EJl0WePdJUOTOkc78v6ablnZzjP9VNMdTQvs9UILxKmEr7MfUZtDCVgaxQ2by4pf
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:20 2024 by rpki-client on console-ams.rpki-client.org