Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7029.roa
File: AS7029.roa (raw, json)
Hash identifier: UjoufoqMCk7bMn7WH8A+IdRYpdnKyyMvjduWpOKaGEQ=
Subject key identifier: 99:84:B7:68:42:58:97:F4:D4:71:E6:77:A6:9B:F3:9D:8D:8E:11:52
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 3FC0C57FE1B136B0E380EFF23663C6F0B161FD05
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7029.roa
Signing time: Wed 13 Nov 2024 19:55:35 +0000
ROA not before: Wed 13 Nov 2024 19:50:35 +0000
ROA not after: Wed 12 Nov 2025 19:55:35 +0000
asID: 7029
IP address blocks: 46.202.200.0/24 maxlen: 24
46.202.206.0/24 maxlen: 24
46.203.6.0/24 maxlen: 24
92.112.32.0/24 maxlen: 24
92.112.33.0/24 maxlen: 24
92.112.34.0/24 maxlen: 24
92.112.35.0/24 maxlen: 24
92.112.36.0/23 maxlen: 24
92.112.38.0/23 maxlen: 24
92.112.40.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:c0:c5:7f:e1:b1:36:b0:e3:80:ef:f2:36:63:c6:f0:b1:61:fd:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Nov 13 19:50:35 2024 GMT
Not After : Nov 12 19:55:35 2025 GMT
Subject: CN=9984B768425897F4D471E677A69BF39D8D8E1152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:10:43:f3:ec:bf:2f:4e:56:ab:75:f8:da:f6:
fa:3d:58:ee:43:9e:8b:57:83:c4:b6:d3:49:1a:35:
9d:53:b0:9b:29:2a:3b:ac:ff:37:c9:c8:8c:32:74:
3a:ca:d8:98:15:6f:ca:89:32:2f:d3:22:69:a2:4c:
e5:5d:03:a8:cc:1e:9e:41:2d:5d:c4:71:d2:c7:28:
ac:4b:61:f1:63:d3:29:9f:f4:8e:43:0c:67:d5:9a:
8d:e4:78:9b:f1:46:13:70:88:4f:cc:4e:5e:b6:7b:
da:e4:bb:05:79:6d:1d:be:79:30:e5:f0:a0:3b:33:
77:38:e8:f3:49:91:47:4d:e5:8b:fd:e9:df:9b:f1:
7a:3b:70:f0:c1:b0:e5:a7:60:c0:7c:8c:3a:08:d4:
f8:26:d2:39:57:48:67:b6:46:35:36:5b:6f:29:4d:
3d:8a:36:2a:9d:6a:ad:9e:84:46:ee:ac:22:70:e2:
61:46:31:31:cb:92:84:27:ac:76:de:e2:5b:6b:34:
ac:1f:e7:cd:06:9e:6f:53:7f:ed:c3:74:76:7a:0c:
2b:35:fd:15:62:9e:5a:20:e7:59:2c:ce:ca:a7:36:
51:e3:fd:eb:de:83:0d:34:fd:d8:bf:ce:8b:65:eb:
58:23:35:8a:b0:7d:56:d4:c4:16:30:91:7f:e5:cc:
cf:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:84:B7:68:42:58:97:F4:D4:71:E6:77:A6:9B:F3:9D:8D:8E:11:52
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7029.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.200.0/24
46.202.206.0/24
46.203.6.0/24
92.112.32.0/20
Signature Algorithm: sha256WithRSAEncryption
09:12:fe:f7:47:cd:b8:e2:3f:07:0a:fc:6f:f7:27:3f:c9:73:
e1:51:30:1b:ef:23:1a:ec:f6:a5:ab:d7:7c:b8:34:a7:ef:e5:
45:e4:f9:21:f8:c2:4c:26:a2:89:ef:fc:c7:07:f7:56:a3:fc:
cf:5a:d7:8c:e1:a1:d1:0c:cf:7d:97:ef:c5:c5:58:e1:49:49:
85:7d:56:34:c8:20:ec:93:34:4e:ac:3e:d9:2f:97:dd:9c:17:
bc:7a:f3:01:e7:7e:0b:47:a0:be:1a:2c:88:71:ca:dd:89:7c:
17:be:0b:b1:1f:b7:fe:2d:eb:14:46:50:93:a7:a0:a8:b7:b7:
2d:47:56:3a:68:26:70:fc:2a:26:61:8c:bc:cf:34:59:08:32:
4c:70:1d:49:c1:af:b5:8c:d8:38:cc:8d:88:4d:a3:d0:5e:c0:
05:a2:42:92:ff:8d:67:ff:49:b2:65:4a:58:e0:24:8a:3d:95:
f5:36:e1:1c:c1:c2:f4:f1:c1:ce:bf:ce:20:da:2f:ba:e1:7d:
18:1d:2a:d2:37:8f:f6:20:39:7a:51:0d:89:9d:f3:0d:7b:1d:
40:6d:2a:09:f1:91:7c:e2:e9:5a:dc:95:81:a0:1a:50:72:80:
6f:fb:0d:a8:b2:82:66:9a:55:36:c5:cc:b2:5e:82:f0:a4:ed:
01:a2:b3:a8
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIUP8DFf+GxNrDjgO/yNmPG8LFh/QUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDExMTMxOTUwMzVaFw0yNTExMTIxOTU1MzVaMDMxMTAvBgNV
BAMTKDk5ODRCNzY4NDI1ODk3RjRENDcxRTY3N0E2OUJGMzlEOEQ4RTExNTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuEEPz7L8vTlardfja9vo9WO5D
notXg8S200kaNZ1TsJspKjus/zfJyIwydDrK2JgVb8qJMi/TImmiTOVdA6jMHp5B
LV3EcdLHKKxLYfFj0ymf9I5DDGfVmo3keJvxRhNwiE/MTl62e9rkuwV5bR2+eTDl
8KA7M3c46PNJkUdN5Yv96d+b8Xo7cPDBsOWnYMB8jDoI1Pgm0jlXSGe2RjU2W28p
TT2KNiqdaq2ehEburCJw4mFGMTHLkoQnrHbe4ltrNKwf580Gnm9Tf+3DdHZ6DCs1
/RVinlog51kszsqnNlHj/evegw00/di/zotl61gjNYqwfVbUxBYwkX/lzM8lAgMB
AAGjggIaMIICFjAdBgNVHQ4EFgQUmYS3aEJYl/TUceZ3ppvznY2OEVIwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNzAyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAC7KyAME
AC7KzgMEAC7LBgMEBFxwIDANBgkqhkiG9w0BAQsFAAOCAQEACRL+90fNuOI/Bwr8
b/cnP8lz4VEwG+8jGuz2pavXfLg0p+/lReT5IfjCTCaiie/8xwf3VqP8z1rXjOGh
0QzPfZfvxcVY4UlJhX1WNMgg7JM0Tqw+2S+X3ZwXvHrzAed+C0egvhosiHHK3Yl8
F74LsR+3/i3rFEZQk6egqLe3LUdWOmgmcPwqJmGMvM80WQgyTHAdScGvtYzYOMyN
iE2j0F7ABaJCkv+NZ/9JsmVKWOAkij2V9TbhHMHC9PHBzr/OINovuuF9GB0q0jeP
9iA5elENiZ3zDXsdQG0qCfGRfOLpWtyVgaAaUHKAb/sNqLKCZppVNsXMsl6C8KTt
AaKzqA==
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:02:14 2024 by rpki-client on console-fra.rpki-client.org