Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS133296.roa
File: AS133296.roa (raw, json)
Hash identifier: MN+4eE5rc4RKr5eEIgGf6n5P6NmF+OItMKhOn62HCok=
Subject key identifier: AE:DE:28:17:AE:E8:9E:8B:4D:EC:CE:A7:63:DD:E6:F9:3F:C6:07:DA
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5E0932B82E971A94A34D85980C791BECA7ABE525
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS133296.roa
Signing time: Fri 04 Oct 2024 08:15:38 +0000
ROA not before: Fri 04 Oct 2024 08:10:38 +0000
ROA not after: Fri 03 Oct 2025 08:15:38 +0000
asID: 133296
IP address blocks: 181.215.36.0/24 maxlen: 24
181.215.57.0/24 maxlen: 24
181.215.59.0/24 maxlen: 24
181.215.67.0/24 maxlen: 24
181.215.90.0/24 maxlen: 24
181.215.166.0/24 maxlen: 24
181.215.173.0/24 maxlen: 24
181.215.194.0/24 maxlen: 24
181.215.233.0/24 maxlen: 24
181.215.255.0/24 maxlen: 24
191.96.0.0/24 maxlen: 24
191.96.10.0/24 maxlen: 24
191.96.12.0/24 maxlen: 24
191.96.26.0/24 maxlen: 24
191.96.28.0/24 maxlen: 24
191.96.34.0/24 maxlen: 24
191.96.66.0/24 maxlen: 24
191.96.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:09:32:b8:2e:97:1a:94:a3:4d:85:98:0c:79:1b:ec:a7:ab:e5:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 4 08:10:38 2024 GMT
Not After : Oct 3 08:15:38 2025 GMT
Subject: CN=AEDE2817AEE89E8B4DECCEA763DDE6F93FC607DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:26:d3:37:a4:89:63:97:74:47:61:bb:d1:aa:
2b:2c:e1:c7:f7:af:f4:a6:28:d2:0e:78:75:a5:d3:
8e:df:74:18:e5:f3:b4:a5:39:81:dd:75:ed:fe:1a:
25:cc:24:8a:95:06:c7:35:32:3f:dc:e6:e4:5c:3b:
2c:9c:92:3e:05:86:50:07:dc:06:a1:46:91:8d:41:
ef:b7:a9:29:1e:44:dd:0f:56:44:27:c9:3f:ee:26:
d1:ee:1d:cf:3f:42:05:e7:98:4f:d4:c3:8d:8d:a9:
85:9c:28:65:2c:39:aa:65:aa:97:41:a7:e2:f4:d5:
ed:dc:64:e1:e6:a5:61:27:5a:1f:7b:c4:f6:e7:89:
8c:47:fe:fe:31:8a:58:90:c8:0e:ff:bc:78:3d:06:
b9:04:e3:cc:04:4b:3f:4d:d2:f5:19:1f:f0:27:95:
55:94:60:83:9a:7c:08:f3:6b:90:ed:19:0e:14:8a:
0b:9f:80:1e:a6:b1:42:a7:02:32:a6:91:34:db:f7:
7f:18:90:b1:67:53:58:e2:b9:53:9a:b3:17:8a:90:
8a:b5:b1:6c:87:e8:8a:b7:9a:1d:39:73:62:b7:9b:
60:d5:2f:e4:c2:06:e2:4a:be:6b:9e:32:d3:78:5c:
b3:36:f3:fd:72:3e:cd:aa:14:b3:a0:ec:86:92:e3:
ff:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:DE:28:17:AE:E8:9E:8B:4D:EC:CE:A7:63:DD:E6:F9:3F:C6:07:DA
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS133296.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.215.36.0/24
181.215.57.0/24
181.215.59.0/24
181.215.67.0/24
181.215.90.0/24
181.215.166.0/24
181.215.173.0/24
181.215.194.0/24
181.215.233.0/24
181.215.255.0/24
191.96.0.0/24
191.96.10.0/24
191.96.12.0/24
191.96.26.0/24
191.96.28.0/24
191.96.34.0/24
191.96.66.0/24
191.96.75.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:b4:b1:20:eb:34:29:ce:99:96:44:75:05:51:84:d2:e0:e0:
5f:80:7c:39:7d:d1:f9:99:27:8a:f9:a4:58:0c:7a:d0:6f:98:
f2:4e:c0:c0:f3:0e:6b:d6:d9:f9:a0:f5:c4:e3:8b:18:bf:e4:
8a:22:95:2b:bc:cd:2c:0d:cd:50:82:60:87:62:58:65:21:66:
af:06:bd:11:6c:17:1f:4b:2c:d0:a6:f5:15:e7:6e:fc:ef:93:
a2:0d:f7:7a:59:8e:07:f0:1b:c9:68:5c:bf:7f:7a:b5:a4:bc:
33:3d:bf:97:0f:63:43:bc:f2:dc:a5:67:b7:74:4f:9f:1c:f7:
ec:01:08:26:bf:d0:59:98:84:40:8d:68:25:6b:e4:15:d8:ef:
51:96:4c:57:35:34:1e:68:c9:71:36:57:d8:05:31:00:b8:b9:
23:61:25:17:16:77:0d:b9:5e:67:ff:6c:b0:36:93:24:1b:80:
eb:4f:6a:9e:ef:42:9a:b8:96:1e:e3:ed:92:df:d1:84:d4:b9:
6f:de:2e:9e:c3:a5:83:a7:65:3a:14:c0:00:bd:b9:50:49:5f:
7a:3b:ea:64:bd:ee:ef:6f:0c:48:ca:61:c0:bc:01:8f:53:80:
34:c2:78:a7:f5:aa:0f:f0:0d:bd:9f:b4:d5:17:28:37:ac:e1:
eb:43:89:22
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIUXgkyuC6XGpSjTYWYDHkb7Ker5SUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDEwMDQwODEwMzhaFw0yNTEwMDMwODE1MzhaMDMxMTAvBgNV
BAMTKEFFREUyODE3QUVFODlFOEI0REVDQ0VBNzYzRERFNkY5M0ZDNjA3REEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZJtM3pIljl3RHYbvRqiss4cf3
r/SmKNIOeHWl047fdBjl87SlOYHdde3+GiXMJIqVBsc1Mj/c5uRcOyyckj4FhlAH
3AahRpGNQe+3qSkeRN0PVkQnyT/uJtHuHc8/QgXnmE/Uw42NqYWcKGUsOaplqpdB
p+L01e3cZOHmpWEnWh97xPbniYxH/v4xiliQyA7/vHg9BrkE48wESz9N0vUZH/An
lVWUYIOafAjza5DtGQ4UigufgB6msUKnAjKmkTTb938YkLFnU1jiuVOasxeKkIq1
sWyH6Iq3mh05c2K3m2DVL+TCBuJKvmueMtN4XLM28/1yPs2qFLOg7IaS4/+FAgMB
AAGjggJxMIICbTAdBgNVHQ4EFgQUrt4oF67onotN7M6nY93m+T/GB9owHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTMzMjk2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEALXX
JAMEALXXOQMEALXXOwMEALXXQwMEALXXWgMEALXXpgMEALXXrQMEALXXwgMEALXX
6QMEALXX/wMEAL9gAAMEAL9gCgMEAL9gDAMEAL9gGgMEAL9gHAMEAL9gIgMEAL9g
QgMEAL9gSzANBgkqhkiG9w0BAQsFAAOCAQEASrSxIOs0Kc6ZlkR1BVGE0uDgX4B8
OX3R+ZknivmkWAx60G+Y8k7AwPMOa9bZ+aD1xOOLGL/kiiKVK7zNLA3NUIJgh2JY
ZSFmrwa9EWwXH0ss0Kb1Fedu/O+Tog33elmOB/AbyWhcv396taS8Mz2/lw9jQ7zy
3KVnt3RPnxz37AEIJr/QWZiEQI1oJWvkFdjvUZZMVzU0HmjJcTZX2AUxALi5I2El
FxZ3DbleZ/9ssDaTJBuA609qnu9CmriWHuPtkt/RhNS5b94unsOlg6dlOhTAAL25
UElfejvqZL3u728MSMphwLwBj1OANMJ4p/WqD/ANvZ+01RcoN6zh60OJIg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:14:33 2024 by rpki-client on console-ams.rpki-client.org