Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212504.roa
File: AS212504.roa (raw, json)
Hash identifier: LWNThKNKdlYhjLaVsdDgRfSXd+e1I+PK1g4Ea0uo5XQ=
Subject key identifier: D3:79:3F:6A:E8:17:59:A3:9E:DB:FF:CA:2D:38:12:7F:C3:7A:C4:46
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 724ED9A9A106BA233DEE2404AE13DD6891993358
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212504.roa
Signing time: Fri 02 May 2025 14:29:32 +0000
ROA not before: Fri 02 May 2025 14:24:32 +0000
ROA not after: Fri 01 May 2026 14:29:32 +0000
asID: 212504
IP address blocks: 155.117.44.0/22 maxlen: 24
155.117.156.0/22 maxlen: 24
155.117.212.0/22 maxlen: 24
155.117.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 15:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:4e:d9:a9:a1:06:ba:23:3d:ee:24:04:ae:13:dd:68:91:99:33:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 2 14:24:32 2025 GMT
Not After : May 1 14:29:32 2026 GMT
Subject: CN=D3793F6AE81759A39EDBFFCA2D38127FC37AC446
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:99:13:02:d4:20:36:73:50:b3:85:bf:06:3d:
75:c7:7e:cb:11:40:66:f9:9d:78:7d:58:b8:9b:46:
c9:e1:9c:e2:f3:ec:b4:56:fd:30:5e:c1:39:0a:9c:
b7:9f:5e:d4:ca:8b:c7:05:79:0f:28:dd:ea:2f:cd:
31:2d:85:4a:8c:ce:0c:ea:fe:09:f2:e9:18:4f:19:
b6:54:2a:a4:d4:ed:e9:90:e1:a7:27:bd:ec:6f:25:
8a:e2:35:5e:a7:ea:74:55:f6:60:e5:b4:67:a4:61:
c2:26:ce:19:bd:aa:5b:a6:d2:66:4d:37:db:e3:e7:
2d:e8:4e:50:eb:5f:17:5a:22:be:8f:15:f3:7b:38:
e4:dd:69:7d:4f:9e:03:72:6e:e3:67:20:e9:e9:ed:
71:7d:08:e4:ca:77:2a:c7:d1:c8:2b:7b:cb:6a:4b:
ef:f8:6f:30:1a:d1:b1:5c:25:81:d7:be:4c:b7:b7:
16:bb:86:87:4a:ae:d5:d7:84:15:82:ae:72:b1:22:
be:b0:6d:58:8b:4f:f1:4b:e8:e2:39:90:f9:e0:32:
fd:09:bf:dd:7d:4a:a6:3d:ed:db:35:68:52:80:86:
ad:50:8a:20:15:4f:a9:ca:9f:7a:c5:89:db:3b:80:
a8:97:16:8d:e1:51:6f:9b:22:7b:8b:29:ac:f6:f2:
56:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:79:3F:6A:E8:17:59:A3:9E:DB:FF:CA:2D:38:12:7F:C3:7A:C4:46
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212504.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.117.44.0/22
155.117.156.0/22
155.117.212.0/22
155.117.220.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:62:78:ea:2e:09:d1:c3:92:23:f1:eb:85:65:1e:5f:e7:73:
42:5f:d8:9d:ee:ce:08:56:d1:7e:b1:ab:3e:19:bf:79:1f:4f:
a4:46:75:5a:96:1b:0c:58:6f:56:19:95:4f:f8:ee:f1:65:f5:
dd:b3:4e:62:73:a2:d4:4b:63:1e:10:6a:c4:72:4a:99:67:e8:
8e:f6:a2:9a:ef:3f:95:99:66:33:61:34:db:53:bd:2e:90:1b:
a6:e6:c9:57:f6:5e:e2:a5:cc:61:ff:53:72:59:ac:2f:dc:b2:
73:f7:dd:8c:d5:c5:0b:11:27:28:75:49:6c:2b:d3:f7:46:d4:
b4:e3:80:1c:50:7c:ec:57:1d:84:a5:d7:f5:d5:3f:d4:fe:39:
fa:69:82:96:59:1a:f4:a6:fb:15:1f:4c:20:5c:9e:3f:47:7f:
29:d1:4a:5e:c5:e4:a0:7f:0a:89:07:e1:25:bc:9f:96:55:7a:
cd:2d:1f:c0:d1:73:5c:19:3f:db:70:33:dc:19:f8:82:a7:b2:
7d:be:db:2c:9f:0e:34:c7:40:dd:46:f5:64:e8:64:64:98:07:
23:dc:5a:95:a1:0d:05:97:0d:9c:f8:87:05:38:01:e4:76:f5:
16:0c:e1:17:ce:39:a9:d1:b5:b4:84:73:4f:aa:30:55:c7:20:
43:4e:cf:43
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUck7ZqaEGuiM97iQErhPdaJGZM1gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MDIxNDI0MzJaFw0yNjA1MDExNDI5MzJaMDMxMTAvBgNV
BAMTKEQzNzkzRjZBRTgxNzU5QTM5RURCRkZDQTJEMzgxMjdGQzM3QUM0NDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYmRMC1CA2c1Czhb8GPXXHfssR
QGb5nXh9WLibRsnhnOLz7LRW/TBewTkKnLefXtTKi8cFeQ8o3eovzTEthUqMzgzq
/gny6RhPGbZUKqTU7emQ4acnvexvJYriNV6n6nRV9mDltGekYcImzhm9qlum0mZN
N9vj5y3oTlDrXxdaIr6PFfN7OOTdaX1PngNybuNnIOnp7XF9COTKdyrH0cgre8tq
S+/4bzAa0bFcJYHXvky3txa7hodKrtXXhBWCrnKxIr6wbViLT/FL6OI5kPngMv0J
v919SqY97ds1aFKAhq1QiiAVT6nKn3rFids7gKiXFo3hUW+bInuLKaz28lb1AgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQU03k/augXWaOe2//KLTgSf8N6xEYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEyNTA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCm3Us
AwQCm3WcAwQCm3XUAwQCm3XcMA0GCSqGSIb3DQEBCwUAA4IBAQAKYnjqLgnRw5Ij
8euFZR5f53NCX9id7s4IVtF+sas+Gb95H0+kRnValhsMWG9WGZVP+O7xZfXds05i
c6LUS2MeEGrEckqZZ+iO9qKa7z+VmWYzYTTbU70ukBum5slX9l7ipcxh/1NyWawv
3LJz992M1cULEScodUlsK9P3RtS044AcUHzsVx2Epdf11T/U/jn6aYKWWRr0pvsV
H0wgXJ4/R38p0UpexeSgfwqJB+ElvJ+WVXrNLR/A0XNcGT/bcDPcGfiCp7J9vtss
nw40x0DdRvVk6GRkmAcj3FqVoQ0Flw2c+IcFOAHkdvUWDOEXzjmp0bW0hHNPqjBV
xyBDTs9D
-----END CERTIFICATE-----
Generated at Thu May 8 23:00:31 2025 by rpki-client