Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3356.roa
File: AS3356.roa (raw, json)
Hash identifier: GM6PVeTjFUloAHOVtUaJKI3YkMlpiZfqqEF9e+CoBIY=
Subject key identifier: 4C:3D:A6:9D:DD:C3:4D:24:A6:E0:79:04:D1:05:A9:00:10:F5:22:28
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 210CE9242234DFE7931F3E7A38FCDB80ECCB5E5A
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3356.roa
Signing time: Wed 27 Mar 2024 14:46:35 +0000
ROA not before: Wed 27 Mar 2024 14:41:35 +0000
ROA not after: Wed 26 Mar 2025 14:46:35 +0000
asID: 3356
IP address blocks: 91.124.48.0/24 maxlen: 24
91.124.129.0/24 maxlen: 24
91.124.139.0/24 maxlen: 24
91.124.144.0/24 maxlen: 24
91.124.176.0/24 maxlen: 24
91.124.187.0/24 maxlen: 24
91.124.201.0/24 maxlen: 24
91.124.209.0/24 maxlen: 24
91.124.220.0/24 maxlen: 24
91.124.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:0c:e9:24:22:34:df:e7:93:1f:3e:7a:38:fc:db:80:ec:cb:5e:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 27 14:41:35 2024 GMT
Not After : Mar 26 14:46:35 2025 GMT
Subject: CN=4C3DA69DDDC34D24A6E07904D105A90010F52228
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7e:b8:97:96:04:66:fa:5f:9e:ba:a3:98:f5:
60:26:71:0c:b5:32:c3:b3:84:c5:d2:92:6c:74:19:
1f:a5:88:28:33:65:b5:31:c1:de:5d:89:24:7b:ac:
56:54:22:30:6c:27:a7:84:62:77:ef:43:1a:42:16:
98:d9:bf:41:68:86:50:f2:f5:3f:40:0d:2b:34:39:
87:52:e5:4f:2f:b5:90:54:8d:9c:4e:25:31:3a:08:
22:a2:91:16:e8:77:e7:82:44:4b:30:f3:5f:04:d8:
65:a8:c6:35:f3:33:61:86:15:16:ca:16:9b:ed:13:
15:73:14:79:df:97:2b:63:96:39:c3:ba:fe:8c:14:
d6:58:08:06:c7:c6:35:75:a7:26:48:39:48:c7:21:
1d:78:57:4d:17:9b:37:9b:91:18:b1:3e:4c:0b:44:
8d:09:d2:56:07:09:09:2e:17:b8:46:6c:f3:66:f5:
b9:05:ca:73:d9:d3:cc:76:ab:fb:6b:bf:2d:e4:06:
41:e1:14:cd:e5:3a:58:28:6d:13:ad:e5:be:f1:40:
54:c4:f3:f3:77:48:5e:aa:95:03:fa:ca:f6:44:b1:
5b:22:78:2e:a8:d6:06:b4:12:82:a8:01:1c:d7:2a:
65:09:c3:a4:22:6b:45:e1:dc:bc:9d:ec:f3:cc:a1:
3d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:3D:A6:9D:DD:C3:4D:24:A6:E0:79:04:D1:05:A9:00:10:F5:22:28
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.48.0/24
91.124.129.0/24
91.124.139.0/24
91.124.144.0/24
91.124.176.0/24
91.124.187.0/24
91.124.201.0/24
91.124.209.0/24
91.124.220.0/24
91.124.238.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:c3:ba:b8:e4:82:8e:8c:52:3c:51:99:ce:90:95:cf:d9:6a:
0a:d0:7e:2b:42:3b:21:70:9b:4c:cf:08:0d:b6:42:eb:c9:b2:
da:02:2b:45:56:cd:6b:16:41:8e:d2:61:27:db:c7:ad:ec:f0:
f8:6a:b0:3d:f8:30:7d:1a:7b:d1:d1:19:83:36:31:b7:d8:8b:
63:0c:37:4a:55:0c:15:1d:bf:6b:71:83:71:01:2f:3c:a4:cd:
54:2f:fc:55:43:06:ff:62:b1:25:a3:b8:43:00:1a:b4:be:d5:
18:35:d7:cb:dc:23:de:c8:0f:93:a7:de:23:6b:c2:2e:9c:2d:
ab:45:a8:37:02:e5:d6:e2:4c:36:43:90:53:b8:e7:d0:a0:9e:
64:26:c4:6e:99:56:8d:b7:0e:bd:e5:82:16:d4:6e:ce:ef:29:
8d:7f:b7:ba:d0:b0:fa:b4:68:e8:ee:a2:1e:25:0e:a6:a6:08:
19:63:f5:ab:24:a9:13:23:e6:7d:70:b5:96:a2:30:f2:1a:c1:
41:f9:f3:69:d5:fa:67:e8:30:3d:e2:cc:80:bd:3e:4a:dd:43:
f6:ec:e7:64:8b:ee:66:f2:2f:f8:da:e8:c1:2d:b6:58:e7:3d:
48:01:28:ae:d3:13:98:90:0e:5c:6e:c9:ff:a7:1c:b5:de:5b:
ba:08:f5:39
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUIQzpJCI03+eTHz56OPzbgOzLXlowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAzMjcxNDQxMzVaFw0yNTAzMjYxNDQ2MzVaMDMxMTAvBgNV
BAMTKDRDM0RBNjlERERDMzREMjRBNkUwNzkwNEQxMDVBOTAwMTBGNTIyMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxfriXlgRm+l+euqOY9WAmcQy1
MsOzhMXSkmx0GR+liCgzZbUxwd5diSR7rFZUIjBsJ6eEYnfvQxpCFpjZv0FohlDy
9T9ADSs0OYdS5U8vtZBUjZxOJTE6CCKikRbod+eCREsw818E2GWoxjXzM2GGFRbK
FpvtExVzFHnflytjljnDuv6MFNZYCAbHxjV1pyZIOUjHIR14V00XmzebkRixPkwL
RI0J0lYHCQkuF7hGbPNm9bkFynPZ08x2q/trvy3kBkHhFM3lOlgobROt5b7xQFTE
8/N3SF6qlQP6yvZEsVsieC6o1ga0EoKoARzXKmUJw6Qia0Xh3Lyd7PPMoT1DAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUTD2mnd3DTSSm4HkE0QWpABD1IigwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzM1Ni5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBVBggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAFt8MAME
AFt8gQMEAFt8iwMEAFt8kAMEAFt8sAMEAFt8uwMEAFt8yQMEAFt80QMEAFt83AME
AFt87jANBgkqhkiG9w0BAQsFAAOCAQEAjsO6uOSCjoxSPFGZzpCVz9lqCtB+K0I7
IXCbTM8IDbZC68my2gIrRVbNaxZBjtJhJ9vHrezw+GqwPfgwfRp70dEZgzYxt9iL
Yww3SlUMFR2/a3GDcQEvPKTNVC/8VUMG/2KxJaO4QwAatL7VGDXXy9wj3sgPk6fe
I2vCLpwtq0WoNwLl1uJMNkOQU7jn0KCeZCbEbplWjbcOveWCFtRuzu8pjX+3utCw
+rRo6O6iHiUOpqYIGWP1qySpEyPmfXC1lqIw8hrBQfnzadX6Z+gwPeLMgL0+St1D
9uznZIvuZvIv+NrowS22WOc9SAEortMTmJAOXG7J/6cctd5bugj1OQ==
-----END CERTIFICATE-----
Generated at Thu May 2 02:26:23 2024 by rpki-client on console-ams.rpki-client.org