Route Origin Authorization
$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS44421.roa
File: AS44421.roa (raw, json)
Hash identifier: eg7iPMfAofLJEos8I9Z70/Sh3LUMrIlAjU9WtIShNp8=
Subject key identifier: 9A:15:9A:A6:15:A7:9C:BD:7C:07:B6:D1:B4:19:9E:0A:73:97:A9:35
Certificate issuer: /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial: 3C73FE76185A99EF4368989169E823303224190A
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access: rsync://rsync.rp.ki/repo/misakaio/2/AS44421.roa
Signing time: Wed 20 Dec 2023 21:30:07 +0000
ROA not before: Wed 20 Dec 2023 21:25:07 +0000
ROA not after: Wed 18 Dec 2024 21:30:07 +0000
asID: 44421
IP address blocks: 185.234.214.0/24 maxlen: 24
2a0b:4340:c0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:73:fe:76:18:5a:99:ef:43:68:98:91:69:e8:23:30:32:24:19:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
Validity
Not Before: Dec 20 21:25:07 2023 GMT
Not After : Dec 18 21:30:07 2024 GMT
Subject: CN=9A159AA615A79CBD7C07B6D1B4199E0A7397A935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:0b:55:12:de:38:7b:1b:26:57:d9:af:e4:19:
a0:21:d5:29:f2:1c:20:63:b2:9c:ff:07:4b:59:bb:
31:99:a5:a0:4f:2d:06:ba:97:06:34:fb:e6:dc:45:
0f:9a:9f:74:80:7e:67:dd:24:53:c2:cd:c1:b3:40:
bf:fc:48:45:ca:c8:07:4d:6c:3e:e3:8a:8a:30:35:
6c:1e:83:fc:4e:5f:67:50:a2:5b:2e:d4:ba:86:11:
3b:ee:64:82:a5:16:b0:19:80:e9:d0:9c:10:0b:38:
a2:e7:36:69:1a:97:05:c9:ae:8c:19:47:8b:be:83:
a7:19:d3:1b:9b:0a:7e:e0:2f:07:b8:29:ea:9b:ab:
b0:f3:00:f0:87:db:e0:2f:ec:62:2e:84:a3:1c:dd:
f8:14:bf:5b:65:b6:61:97:16:1a:0b:5c:99:9f:62:
1f:67:e4:4e:38:1b:8a:98:4d:43:c3:a7:72:c4:4b:
03:b3:f0:e7:41:10:fa:e9:8b:af:0e:82:ea:75:63:
c3:7f:08:a6:dc:d7:87:e7:07:01:77:8a:94:30:55:
4e:59:22:e1:f2:cc:85:32:b4:15:05:89:4f:27:33:
87:db:77:7c:c2:74:b0:b3:81:70:2d:45:50:31:43:
e4:c0:fc:52:58:e9:a3:7e:7c:c5:a0:55:2b:9a:cd:
47:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:15:9A:A6:15:A7:9C:BD:7C:07:B6:D1:B4:19:9E:0A:73:97:A9:35
X509v3 Authority Key Identifier:
keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS44421.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.214.0/24
IPv6:
2a0b:4340:c0::/44
Signature Algorithm: sha256WithRSAEncryption
b4:98:57:e0:0c:17:5f:6f:62:fa:a2:ba:c8:07:f7:02:a7:6f:
22:bd:49:e8:73:f8:41:99:e5:b0:77:fa:06:c8:14:83:97:13:
b8:90:21:4e:33:bb:e1:97:62:57:96:2a:c6:bd:bc:6f:06:f7:
fb:6e:52:99:12:41:33:fa:5c:46:37:21:c8:2e:77:4a:43:f1:
e5:6f:8b:2e:83:b8:2a:3d:ec:76:54:0d:93:69:74:d5:92:06:
f7:23:e6:af:f9:45:7e:1e:63:55:63:f7:3a:d2:3c:c4:a5:ad:
2b:86:1d:73:89:1f:4d:b0:aa:a1:94:78:70:f5:11:fc:98:e8:
ef:97:77:4b:37:c5:b8:7a:e5:c1:3c:61:7f:e9:b1:30:61:ef:
e4:88:11:9b:0b:41:47:e7:0b:71:69:61:f4:a5:8c:f7:e7:b2:
5f:80:06:c8:b2:72:cf:88:1f:88:c2:b7:98:bb:77:3b:38:25:
c0:b8:7d:43:9e:70:fb:c4:85:9b:3f:fc:7d:fd:bc:8b:3a:78:
66:91:ed:4a:f8:ab:be:6a:79:68:57:f6:3b:e0:85:46:7e:ae:
80:a1:c5:5a:8b:55:64:69:5d:64:5a:23:19:a3:b5:22:36:e9:
ad:28:92:50:fe:06:20:46:5b:fa:ac:7a:0b:88:05:9c:32:34:
1c:13:3a:4f
-----BEGIN CERTIFICATE-----
MIIErDCCA5SgAwIBAgIUPHP+dhhame9DaJiRaegjMDIkGQowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yMzEyMjAyMTI1MDdaFw0yNDEyMTgyMTMwMDdaMDMxMTAvBgNV
BAMTKDlBMTU5QUE2MTVBNzlDQkQ3QzA3QjZEMUI0MTk5RTBBNzM5N0E5MzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzC1US3jh7GyZX2a/kGaAh1Sny
HCBjspz/B0tZuzGZpaBPLQa6lwY0++bcRQ+an3SAfmfdJFPCzcGzQL/8SEXKyAdN
bD7jioowNWweg/xOX2dQolsu1LqGETvuZIKlFrAZgOnQnBALOKLnNmkalwXJrowZ
R4u+g6cZ0xubCn7gLwe4Keqbq7DzAPCH2+Av7GIuhKMc3fgUv1tltmGXFhoLXJmf
Yh9n5E44G4qYTUPDp3LESwOz8OdBEPrpi68Ogup1Y8N/CKbc14fnBwF3ipQwVU5Z
IuHyzIUytBUFiU8nM4fbd3zCdLCzgXAtRVAxQ+TA/FJY6aN+fMWgVSuazUd7AgMB
AAGjggG2MIIBsjAdBgNVHQ4EFgQUmhWaphWnnL18B7bRtBmeCnOXqTUwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVM0NDQyMS5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEALnq1jAPBAIA
AjAJAwcEKgtDQADAMA0GCSqGSIb3DQEBCwUAA4IBAQC0mFfgDBdfb2L6orrIB/cC
p28ivUnoc/hBmeWwd/oGyBSDlxO4kCFOM7vhl2JXlirGvbxvBvf7blKZEkEz+lxG
NyHILndKQ/Hlb4sug7gqPex2VA2TaXTVkgb3I+av+UV+HmNVY/c60jzEpa0rhh1z
iR9NsKqhlHhw9RH8mOjvl3dLN8W4euXBPGF/6bEwYe/kiBGbC0FH5wtxaWH0pYz3
57JfgAbIsnLPiB+IwreYu3c7OCXAuH1DnnD7xIWbP/x9/byLOnhmke1K+Ku+anlo
V/Y74IVGfq6AocVai1VkaV1kWiMZo7UiNumtKJJQ/gYgRlv6rHoLiAWcMjQcEzpP
-----END CERTIFICATE-----
Generated at Sun May 19 10:59:18 2024 by rpki-client on console-fra.rpki-client.org