Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS396356.roa
File: AS396356.roa (raw, json)
Hash identifier: 4JEGv4mk+GWOCdOEPXF/bhQJ6EasFm+4N29Rqpmlw/8=
Subject key identifier: DC:18:05:B3:15:98:21:F2:34:9A:12:DC:22:65:A3:D0:FC:7F:E5:07
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 2587DC518CD1F2A3598470EE978401344734C710
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS396356.roa
Signing time: Mon 28 Oct 2024 13:31:28 +0000
ROA not before: Mon 28 Oct 2024 13:26:28 +0000
ROA not after: Mon 27 Oct 2025 13:31:28 +0000
asID: 396356
IP address blocks: 46.202.4.0/22 maxlen: 24
46.202.20.0/22 maxlen: 24
46.202.108.0/22 maxlen: 24
46.203.8.0/22 maxlen: 24
46.203.64.0/22 maxlen: 24
92.112.201.0/24 maxlen: 24
92.113.231.0/24 maxlen: 24
92.113.236.0/24 maxlen: 24
92.113.241.0/24 maxlen: 24
92.113.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:87:dc:51:8c:d1:f2:a3:59:84:70:ee:97:84:01:34:47:34:c7:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 28 13:26:28 2024 GMT
Not After : Oct 27 13:31:28 2025 GMT
Subject: CN=DC1805B3159821F2349A12DC2265A3D0FC7FE507
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:42:d0:1f:88:1f:68:88:96:f3:e7:a4:4e:52:
8c:46:c4:3b:ef:a4:95:f3:9a:55:e0:ee:ca:a5:42:
84:01:b2:7d:3a:0e:29:4a:bf:86:0a:82:62:2e:02:
55:72:51:72:5e:9c:b7:50:9f:71:45:ae:eb:e3:31:
92:73:64:78:97:1e:98:f8:fd:02:44:35:91:ea:4b:
64:bb:fa:c9:63:67:8d:35:d2:52:a1:f1:09:66:25:
42:0d:42:7d:d2:c5:c9:ae:ae:7e:bf:20:45:c5:77:
0e:8a:50:96:58:d7:3f:1b:b1:84:04:f5:4b:83:3d:
88:73:ae:10:48:85:30:bd:e6:38:12:2d:b6:c2:1d:
e8:a7:2d:d9:7c:cf:1a:6e:2f:65:ca:f7:b3:53:f9:
12:fe:cb:1b:39:81:73:4b:48:64:d3:47:7c:c9:8d:
ab:c4:fc:d0:95:14:17:3f:22:60:11:f7:5d:94:45:
dd:14:85:f3:7c:9c:b4:44:30:51:55:1e:ee:92:20:
09:99:b5:40:7c:eb:cb:fb:c7:9c:fb:ca:51:35:2f:
8b:5c:6b:ab:8f:56:d2:37:4e:93:2c:22:b1:71:bc:
c8:b8:c8:c2:11:5b:c3:47:93:ba:2f:6c:d4:c1:fd:
24:0d:34:59:6a:7a:9c:5f:f3:68:6e:a9:2c:96:89:
65:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:18:05:B3:15:98:21:F2:34:9A:12:DC:22:65:A3:D0:FC:7F:E5:07
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS396356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.4.0/22
46.202.20.0/22
46.202.108.0/22
46.203.8.0/22
46.203.64.0/22
92.112.201.0/24
92.113.231.0/24
92.113.236.0/24
92.113.241.0/24
92.113.246.0/24
Signature Algorithm: sha256WithRSAEncryption
18:c0:79:35:d2:a1:82:4a:bf:ea:48:24:e6:68:cb:8f:d6:63:
d0:60:26:6e:2d:5a:e0:69:a1:31:0f:64:63:09:37:cb:9a:86:
d6:b8:ba:dd:45:66:50:b5:b3:2c:c6:96:25:47:99:3f:57:dc:
0a:c3:62:32:b2:2f:d4:34:ed:9d:7b:65:d4:4c:e6:6f:dc:e2:
b4:b0:0e:75:5e:5f:4d:97:dd:6f:12:bd:6d:92:02:db:4b:93:
26:06:42:10:1f:26:3a:e9:c0:27:f4:6e:52:07:89:ea:90:10:
50:a9:91:03:27:77:e4:94:77:3d:b3:2b:fb:46:dd:28:87:57:
15:86:50:84:6c:24:88:65:16:94:e7:ca:fa:9b:c3:4c:62:3f:
f9:63:fa:4e:72:10:92:2f:11:5a:b7:14:5d:62:e1:02:ac:d7:
97:14:4d:58:4a:ee:45:1a:b8:11:d7:3f:6d:e4:f8:c3:c7:65:
c0:3f:c8:10:d5:52:de:c9:d1:57:20:5c:5f:90:24:12:ed:0f:
fa:4e:90:63:0c:0a:50:ef:c0:55:16:0e:09:e0:da:d8:8c:b2:
71:5d:21:cc:a3:76:be:11:9a:9d:29:2c:d2:84:3e:76:3b:2e:
c8:df:80:6c:b3:e7:38:d2:8a:f6:9e:17:22:bc:8a:64:c7:dc:
45:8a:56:26
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUJYfcUYzR8qNZhHDul4QBNEc0xxAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDEwMjgxMzI2MjhaFw0yNTEwMjcxMzMxMjhaMDMxMTAvBgNV
BAMTKERDMTgwNUIzMTU5ODIxRjIzNDlBMTJEQzIyNjVBM0QwRkM3RkU1MDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAQtAfiB9oiJbz56ROUoxGxDvv
pJXzmlXg7sqlQoQBsn06DilKv4YKgmIuAlVyUXJenLdQn3FFruvjMZJzZHiXHpj4
/QJENZHqS2S7+sljZ4010lKh8QlmJUINQn3Sxcmurn6/IEXFdw6KUJZY1z8bsYQE
9UuDPYhzrhBIhTC95jgSLbbCHeinLdl8zxpuL2XK97NT+RL+yxs5gXNLSGTTR3zJ
javE/NCVFBc/ImAR912URd0UhfN8nLREMFFVHu6SIAmZtUB868v7x5z7ylE1L4tc
a6uPVtI3TpMsIrFxvMi4yMIRW8NHk7ovbNTB/SQNNFlqepxf82huqSyWiWURAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQU3BgFsxWYIfI0mhLcImWj0Px/5QcwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzk2MzU2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCLsoE
AwQCLsoUAwQCLspsAwQCLssIAwQCLstAAwQAXHDJAwQAXHHnAwQAXHHsAwQAXHHx
AwQAXHH2MA0GCSqGSIb3DQEBCwUAA4IBAQAYwHk10qGCSr/qSCTmaMuP1mPQYCZu
LVrgaaExD2RjCTfLmobWuLrdRWZQtbMsxpYlR5k/V9wKw2Iysi/UNO2de2XUTOZv
3OK0sA51Xl9Nl91vEr1tkgLbS5MmBkIQHyY66cAn9G5SB4nqkBBQqZEDJ3fklHc9
syv7Rt0oh1cVhlCEbCSIZRaU58r6m8NMYj/5Y/pOchCSLxFatxRdYuECrNeXFE1Y
Su5FGrgR1z9t5PjDx2XAP8gQ1VLeydFXIFxfkCQS7Q/6TpBjDApQ78BVFg4J4NrY
jLJxXSHMo3a+EZqdKSzShD52Oy7I34Bss+c40or2nhcivIpkx9xFilYm
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:40:01 2024 by rpki-client on console-ams.rpki-client.org