Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395793.roa
File: AS395793.roa (raw, json)
Hash identifier: aFt/sEdgRopemtOLkcnxyZLN+PbCjkDucwUVDsKo3Yw=
Subject key identifier: 8D:81:83:B0:D2:8D:EF:CA:5F:17:60:B5:3A:89:5D:B1:31:EB:70:88
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 47E55FC4F39167BF7B3A4186E457A68C39944BD2
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395793.roa
Signing time: Sun 20 Apr 2025 00:00:10 +0000
ROA not before: Sat 19 Apr 2025 23:55:10 +0000
ROA not after: Sun 19 Apr 2026 00:00:10 +0000
asID: 395793
IP address blocks: 82.23.128.0/24 maxlen: 24
82.23.129.0/24 maxlen: 24
82.23.130.0/24 maxlen: 24
82.23.131.0/24 maxlen: 24
82.23.132.0/24 maxlen: 24
82.23.133.0/24 maxlen: 24
82.23.147.0/24 maxlen: 24
82.24.42.0/24 maxlen: 24
82.24.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:e5:5f:c4:f3:91:67:bf:7b:3a:41:86:e4:57:a6:8c:39:94:4b:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 19 23:55:10 2025 GMT
Not After : Apr 19 00:00:10 2026 GMT
Subject: CN=8D8183B0D28DEFCA5F1760B53A895DB131EB7088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:51:d8:21:35:cf:fa:3d:ec:c4:6a:1f:b0:2d:
f4:aa:18:a0:19:8c:c1:13:b4:05:aa:58:53:af:c9:
3f:67:8e:cd:b3:b3:12:a1:de:f5:0b:10:97:00:b1:
fe:69:fa:55:94:8b:dd:c5:4d:73:7d:be:6b:f5:c4:
18:16:4f:b5:f6:56:ee:76:e8:49:de:e7:37:fe:a9:
20:23:75:9a:bc:72:2e:f2:8d:02:d3:41:b2:02:ad:
82:2c:39:98:11:1e:aa:67:f1:ad:d6:6d:5b:ca:dd:
13:b4:a3:df:93:59:e8:dd:d4:88:bf:1e:d6:ad:5e:
dd:65:59:48:5a:a3:8c:54:7e:41:7f:b2:39:ea:da:
43:80:32:ab:9d:c2:f0:fb:ea:d2:f2:06:aa:cf:13:
c1:53:6b:23:65:d3:40:90:0e:16:a8:70:d3:cf:29:
1d:d7:7a:0a:d8:f2:82:72:bc:6d:7c:a2:99:48:20:
29:34:f2:94:a4:e3:3d:4f:c4:d3:5c:61:d4:b4:2c:
17:fd:34:12:22:5f:93:9e:23:d2:75:37:9f:54:c3:
38:6f:a3:fd:fe:6a:7f:5e:de:e2:9e:a0:64:d6:e7:
84:6b:67:35:3c:32:a3:8a:bc:43:b9:f5:02:e9:24:
50:88:c4:da:80:08:fc:49:f6:90:0f:bc:88:20:18:
91:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:81:83:B0:D2:8D:EF:CA:5F:17:60:B5:3A:89:5D:B1:31:EB:70:88
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395793.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.128.0-82.23.133.255
82.23.147.0/24
82.24.42.0/24
82.24.121.0/24
Signature Algorithm: sha256WithRSAEncryption
70:bb:0e:97:10:22:e4:a0:20:7b:d6:96:49:bb:c2:19:dd:58:
40:6e:4c:86:cd:19:65:34:51:9a:33:03:3c:5c:3d:86:49:0f:
67:bc:5b:f5:4d:91:9a:7a:6f:a0:7a:0a:7c:35:b5:7a:ce:ff:
fc:ee:fb:9b:eb:49:4e:2a:d1:e6:9a:d7:3b:e4:eb:b7:22:79:
3c:32:0f:f0:13:a4:98:a8:e9:17:a7:75:f4:0e:d3:0c:7e:1d:
16:c5:fc:71:23:96:e7:91:89:91:88:7e:03:94:80:c1:ee:f7:
d8:c6:3f:d2:c2:9e:85:c7:50:65:3c:52:3e:55:68:07:4b:1f:
c2:fa:5a:2d:83:18:31:1c:ab:d9:a4:c2:6c:30:6b:94:48:14:
74:ae:6e:e2:20:ea:ea:06:10:9e:c4:3e:20:3e:b9:82:bf:05:
ff:62:24:10:13:ad:b0:70:3a:ba:c2:6f:37:89:8d:04:45:49:
19:75:07:91:5d:66:a2:92:6b:0f:51:4d:94:4e:cf:7d:a1:31:
79:df:c5:43:d0:c2:d3:54:4c:fa:27:33:30:93:fe:df:5a:17:
e4:b7:ad:d7:78:ba:eb:6b:92:1e:a2:51:ba:f1:72:47:fa:9a:
fe:29:60:d8:7f:0c:93:e7:77:1f:84:9c:e2:e4:8f:57:74:da:
2c:79:84:42
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIUR+VfxPORZ797OkGG5FemjDmUS9IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA0MTkyMzU1MTBaFw0yNjA0MTkwMDAwMTBaMDMxMTAvBgNV
BAMTKDhEODE4M0IwRDI4REVGQ0E1RjE3NjBCNTNBODk1REIxMzFFQjcwODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnUdghNc/6PezEah+wLfSqGKAZ
jMETtAWqWFOvyT9njs2zsxKh3vULEJcAsf5p+lWUi93FTXN9vmv1xBgWT7X2Vu52
6Ene5zf+qSAjdZq8ci7yjQLTQbICrYIsOZgRHqpn8a3WbVvK3RO0o9+TWejd1Ii/
HtatXt1lWUhao4xUfkF/sjnq2kOAMqudwvD76tLyBqrPE8FTayNl00CQDhaocNPP
KR3XegrY8oJyvG18oplIICk08pSk4z1PxNNcYdS0LBf9NBIiX5OeI9J1N59Uwzhv
o/3+an9e3uKeoGTW54RrZzU8MqOKvEO59QLpJFCIxNqACPxJ9pAPvIggGJHvAgMB
AAGjggIkMIICIDAdBgNVHQ4EFgQUjYGDsNKN78pfF2C1OoldsTHrcIgwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk1NzkzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAdS
F4ADBAFSF4QDBABSF5MDBABSGCoDBABSGHkwDQYJKoZIhvcNAQELBQADggEBAHC7
DpcQIuSgIHvWlkm7whndWEBuTIbNGWU0UZozAzxcPYZJD2e8W/VNkZp6b6B6Cnw1
tXrO//zu+5vrSU4q0eaa1zvk67cieTwyD/ATpJio6RendfQO0wx+HRbF/HEjlueR
iZGIfgOUgMHu99jGP9LCnoXHUGU8Uj5VaAdLH8L6Wi2DGDEcq9mkwmwwa5RIFHSu
buIg6uoGEJ7EPiA+uYK/Bf9iJBATrbBwOrrCbzeJjQRFSRl1B5FdZqKSaw9RTZRO
z32hMXnfxUPQwtNUTPonMzCT/t9aF+S3rdd4uutrkh6iUbrxckf6mv4pYNh/DJPn
dx+EnOLkj1d02ix5hEI=
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:15:16 2025 by rpki-client