Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS209642.roa
File: AS209642.roa (raw, json)
Hash identifier: 4/YMgqqObLHOZCuV9wSr/4ZPNSipAtRBAH2zYY1Sn1U=
Subject key identifier: DE:63:37:B3:CD:87:B3:C7:B5:B9:28:80:ED:ED:1B:EE:F9:48:65:B0
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 07816C937C68C8731C8288FC69E231E66118498F
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS209642.roa
Signing time: Fri 02 May 2025 13:22:29 +0000
ROA not before: Fri 02 May 2025 13:17:29 +0000
ROA not after: Fri 01 May 2026 13:22:29 +0000
asID: 209642
IP address blocks: 155.117.2.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 16:09:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:81:6c:93:7c:68:c8:73:1c:82:88:fc:69:e2:31:e6:61:18:49:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 2 13:17:29 2025 GMT
Not After : May 1 13:22:29 2026 GMT
Subject: CN=DE6337B3CD87B3C7B5B92880EDED1BEEF94865B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:f5:ce:5b:01:30:1b:46:1b:55:b0:c1:42:ee:
6e:b7:6f:5c:5f:ad:4e:59:e1:f0:48:ae:c1:70:d1:
ce:94:da:53:75:2d:d3:1e:15:a5:dc:63:8d:20:0c:
b2:b1:46:f5:ec:92:94:4e:14:fe:9b:54:2f:fd:b2:
bc:e6:1b:de:c8:60:3f:4f:3f:cb:58:59:44:f6:54:
b1:46:3e:f8:77:fa:d3:53:54:25:07:88:ea:5e:2f:
db:4f:ce:13:11:40:08:e2:ab:c5:74:91:43:08:56:
41:09:a6:27:b6:77:c7:20:1c:38:8b:9e:45:50:85:
2e:15:f8:ed:8c:30:c3:15:8d:41:f6:49:85:05:0a:
91:f7:f2:09:7f:47:2d:60:66:3f:12:b7:0f:43:4c:
1d:48:88:27:7f:12:4f:f4:f9:e5:1b:4f:0d:40:50:
c2:80:57:61:15:40:6e:a3:92:1c:a6:de:a7:5b:f3:
9f:de:16:cb:ca:8b:4a:08:8d:9a:b6:1c:18:74:72:
65:fa:bb:c7:50:97:a0:b6:26:b2:c3:b6:18:6c:8f:
31:38:16:e2:08:de:2e:ae:14:7f:27:d6:36:5d:33:
63:a6:2b:2a:57:60:eb:9e:75:de:62:1a:86:ff:0d:
f8:3c:0e:27:72:38:e6:3c:3c:b2:46:7a:f6:22:5a:
41:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:63:37:B3:CD:87:B3:C7:B5:B9:28:80:ED:ED:1B:EE:F9:48:65:B0
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS209642.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.117.2.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:ee:4c:c0:19:c3:db:e4:84:81:53:1d:44:d9:1c:4f:7b:64:
83:6a:09:95:d0:c1:b9:57:18:89:db:db:b7:ec:de:75:9f:7e:
ec:69:22:3b:9c:59:03:c7:c1:ac:19:5c:d9:34:b9:48:b4:e5:
a1:52:fd:5c:f5:74:f3:a7:65:4e:55:9e:5c:5e:db:c0:9f:a3:
9b:2f:a4:44:97:46:08:94:80:5c:5d:ea:7a:de:b3:06:52:5c:
13:3f:c0:7a:39:ef:05:9f:9a:92:81:8c:8c:37:eb:44:79:03:
8b:e7:81:1b:58:8e:7c:15:d4:58:c6:3a:cd:88:ce:09:d8:3b:
9f:90:8a:f4:e9:c0:7b:85:bb:2c:08:08:d1:2e:2b:a2:e7:25:
a0:cb:8b:31:78:aa:0f:a4:1c:56:f1:33:8d:40:5f:7f:19:d1:
fe:f5:d2:21:22:5f:d7:71:64:8c:34:68:3e:c2:a8:42:24:6b:
11:74:35:6e:da:e5:c7:1f:f2:7c:8b:37:2b:0b:32:b6:3f:de:
66:5a:69:62:c5:0a:55:76:e1:ef:1b:1b:df:77:bc:cc:10:84:
50:4b:16:28:28:b1:29:35:0c:e0:ba:39:a2:06:c1:ce:2b:b2:
99:6b:c9:4d:80:30:c3:d5:92:c9:13:12:c0:01:a1:01:34:0f:
0a:84:b1:9f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUB4Fsk3xoyHMcgoj8aeIx5mEYSY8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MDIxMzE3MjlaFw0yNjA1MDExMzIyMjlaMDMxMTAvBgNV
BAMTKERFNjMzN0IzQ0Q4N0IzQzdCNUI5Mjg4MEVERUQxQkVFRjk0ODY1QjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDu9c5bATAbRhtVsMFC7m63b1xf
rU5Z4fBIrsFw0c6U2lN1LdMeFaXcY40gDLKxRvXskpROFP6bVC/9srzmG97IYD9P
P8tYWUT2VLFGPvh3+tNTVCUHiOpeL9tPzhMRQAjiq8V0kUMIVkEJpie2d8cgHDiL
nkVQhS4V+O2MMMMVjUH2SYUFCpH38gl/Ry1gZj8Stw9DTB1IiCd/Ek/0+eUbTw1A
UMKAV2EVQG6jkhym3qdb85/eFsvKi0oIjZq2HBh0cmX6u8dQl6C2JrLDthhsjzE4
FuII3i6uFH8n1jZdM2OmKypXYOuedd5iGob/Dfg8DidyOOY8PLJGevYiWkGzAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU3mM3s82Hs8e1uSiA7e0b7vlIZbAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjA5NjQyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBm3UC
MA0GCSqGSIb3DQEBCwUAA4IBAQCO7kzAGcPb5ISBUx1E2RxPe2SDagmV0MG5VxiJ
29u37N51n37saSI7nFkDx8GsGVzZNLlItOWhUv1c9XTzp2VOVZ5cXtvAn6ObL6RE
l0YIlIBcXep63rMGUlwTP8B6Oe8Fn5qSgYyMN+tEeQOL54EbWI58FdRYxjrNiM4J
2DufkIr06cB7hbssCAjRLiui5yWgy4sxeKoPpBxW8TONQF9/GdH+9dIhIl/XcWSM
NGg+wqhCJGsRdDVu2uXHH/J8izcrCzK2P95mWmlixQpVduHvGxvfd7zMEIRQSxYo
KLEpNQzgujmiBsHOK7KZa8lNgDDD1ZLJExLAAaEBNA8KhLGf
-----END CERTIFICATE-----
Generated at Sat May 10 08:19:20 2025 by rpki-client