Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS138156.roa
File: AS138156.roa (raw, json)
Hash identifier: qZF1QsKy6PFU8PrKXZ5YezGa9ZaFGwDSuYOcpOlRHeM=
Subject key identifier: 35:A2:34:1F:25:74:1F:EA:ED:42:35:01:1F:C4:25:B9:6B:CE:78:F2
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 75087373CE2EB7E3F8CFD2290D9725186CA5B687
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS138156.roa
Signing time: Wed 04 Oct 2023 15:21:32 +0000
ROA not before: Wed 04 Oct 2023 15:16:32 +0000
ROA not after: Wed 02 Oct 2024 15:21:32 +0000
asID: 138156
IP address blocks: 191.96.92.0/24 maxlen: 24
191.96.93.0/24 maxlen: 24
191.101.212.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:08:73:73:ce:2e:b7:e3:f8:cf:d2:29:0d:97:25:18:6c:a5:b6:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 4 15:16:32 2023 GMT
Not After : Oct 2 15:21:32 2024 GMT
Subject: CN=35A2341F25741FEAED4235011FC425B96BCE78F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9d:dc:f5:d6:e8:1b:95:10:d8:d9:f5:e6:a0:
ac:d9:32:d6:d3:dd:34:64:fa:53:1b:05:b6:4c:03:
a9:d2:2d:b0:db:39:23:6a:a8:1f:1c:57:81:08:73:
88:af:fe:b6:94:c7:82:52:1d:c3:2e:66:a0:b5:90:
4b:9d:eb:3c:f1:35:54:4d:4a:cc:f7:f5:49:26:76:
2b:ed:bf:7f:76:e5:ce:f2:36:06:30:a5:4e:71:24:
9e:ca:82:c5:90:2c:64:a4:a8:11:27:f2:19:39:e3:
97:43:21:c3:fb:6e:bb:7d:54:d9:36:71:6c:0a:80:
d4:1a:e8:74:c6:02:f2:e5:b6:f1:cd:91:48:aa:95:
89:54:e8:54:72:13:8a:53:51:b0:87:01:be:7b:a5:
10:64:21:a7:6e:99:2e:d4:58:11:15:75:14:4f:a8:
6f:56:ec:03:eb:5c:82:18:7a:a1:97:50:9d:d9:17:
e8:36:97:aa:44:24:0a:f2:f7:39:4e:fa:64:69:cb:
69:db:93:4e:d3:92:3c:4e:8b:d9:a9:e2:35:ff:3c:
16:5d:3c:0e:c7:e9:00:7b:aa:4e:9b:43:5f:b1:dd:
cc:d5:f8:30:f0:56:51:6b:4c:69:1f:b9:9f:3d:34:
bc:ea:d6:db:3a:a5:fc:d6:68:83:78:c5:d1:92:0a:
d0:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:A2:34:1F:25:74:1F:EA:ED:42:35:01:1F:C4:25:B9:6B:CE:78:F2
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS138156.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.92.0/23
191.101.212.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:c2:2d:29:79:41:23:43:01:8b:d4:3c:4f:06:28:f9:77:26:
1f:6f:8d:dc:f0:60:20:38:f8:c3:9a:9d:ce:e8:ca:38:98:6a:
4e:94:b8:69:e6:a8:4d:6c:3c:42:f4:f2:09:9b:ee:e9:78:74:
b3:9f:68:ab:4a:fc:2a:7c:15:4a:d2:2e:bd:1a:67:01:8c:5a:
b7:30:9f:29:75:b6:0e:8b:3a:1b:67:d9:17:4f:d3:a3:fe:3d:
6c:7d:68:e0:77:b0:17:99:b4:6f:fd:61:a0:f1:0d:c4:04:a8:
20:0c:ed:53:e2:2f:fe:5f:b1:53:52:c9:23:1f:4f:ed:7b:56:
01:ca:71:c7:cb:5a:54:68:b9:52:fb:b8:ab:5a:00:35:ab:2b:
92:3b:85:3d:76:eb:41:f9:53:32:7f:db:6b:bb:a2:52:3b:f2:
33:53:17:c3:2a:c4:d3:4a:b6:05:6e:4d:f1:16:9d:a2:bf:eb:
34:fc:41:3b:73:ff:a2:54:21:07:59:cd:ca:70:55:7e:a9:e6:
19:e9:32:04:f2:21:5b:86:8b:1f:9d:a1:bc:c2:71:61:fb:7e:
af:cc:b0:eb:e6:69:09:81:7b:01:cc:95:e2:3a:0c:f0:c9:c0:
db:1c:f2:e2:4c:55:e3:21:64:00:77:9f:af:4b:85:54:b1:f2:
84:a6:57:03
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUdQhzc84ut+P4z9IpDZclGGyltocwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzEwMDQxNTE2MzJaFw0yNDEwMDIxNTIxMzJaMDMxMTAvBgNV
BAMTKDM1QTIzNDFGMjU3NDFGRUFFRDQyMzUwMTFGQzQyNUI5NkJDRTc4RjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBndz11ugblRDY2fXmoKzZMtbT
3TRk+lMbBbZMA6nSLbDbOSNqqB8cV4EIc4iv/raUx4JSHcMuZqC1kEud6zzxNVRN
Ssz39Ukmdivtv3925c7yNgYwpU5xJJ7KgsWQLGSkqBEn8hk545dDIcP7brt9VNk2
cWwKgNQa6HTGAvLltvHNkUiqlYlU6FRyE4pTUbCHAb57pRBkIadumS7UWBEVdRRP
qG9W7APrXIIYeqGXUJ3ZF+g2l6pEJAry9zlO+mRpy2nbk07TkjxOi9mp4jX/PBZd
PA7H6QB7qk6bQ1+x3czV+DDwVlFrTGkfuZ89NLzq1ts6pfzWaIN4xdGSCtAVAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUNaI0HyV0H+rtQjUBH8QluWvOePIwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTM4MTU2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBv2Bc
AwQCv2XUMA0GCSqGSIb3DQEBCwUAA4IBAQCywi0peUEjQwGL1DxPBij5dyYfb43c
8GAgOPjDmp3O6Mo4mGpOlLhp5qhNbDxC9PIJm+7peHSzn2irSvwqfBVK0i69GmcB
jFq3MJ8pdbYOizobZ9kXT9Oj/j1sfWjgd7AXmbRv/WGg8Q3EBKggDO1T4i/+X7FT
UskjH0/te1YBynHHy1pUaLlS+7irWgA1qyuSO4U9dutB+VMyf9tru6JSO/IzUxfD
KsTTSrYFbk3xFp2iv+s0/EE7c/+iVCEHWc3KcFV+qeYZ6TIE8iFbhosfnaG8wnFh
+36vzLDr5mkJgXsBzJXiOgzwycDbHPLiTFXjIWQAd5+vS4VUsfKEplcD
-----END CERTIFICATE-----
Generated at Sun May 5 10:57:35 2024 by rpki-client on console-ams.rpki-client.org