Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS152179.roa
File: AS152179.roa (raw, json)
Hash identifier: 95DXy4y4INCG0GOENHQ2P3NFF0q378fderFbqCPezT8=
Subject key identifier: DC:0D:BC:DA:6B:0C:E4:3B:EE:EA:0C:AC:29:FF:86:30:29:79:8E:CD
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 334C6AC4A06D1D814B52CA72AF3B40D175D47168
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS152179.roa
Signing time: Sun 15 Sep 2024 00:01:09 +0000
ROA not before: Sat 14 Sep 2024 23:56:09 +0000
ROA not after: Sun 14 Sep 2025 00:01:09 +0000
asID: 152179
IP address blocks: 179.61.173.0/24 maxlen: 24
181.214.2.0/24 maxlen: 24
181.214.25.0/24 maxlen: 24
181.214.33.0/24 maxlen: 24
181.214.75.0/24 maxlen: 24
181.214.130.0/24 maxlen: 24
181.214.132.0/24 maxlen: 24
181.214.185.0/24 maxlen: 24
181.214.205.0/24 maxlen: 24
181.214.250.0/24 maxlen: 24
181.215.110.0/24 maxlen: 24
181.215.127.0/24 maxlen: 24
181.215.136.0/24 maxlen: 24
181.215.148.0/24 maxlen: 24
181.215.154.0/24 maxlen: 24
181.215.190.0/24 maxlen: 24
181.215.239.0/24 maxlen: 24
185.173.27.0/24 maxlen: 24
191.96.111.0/24 maxlen: 24
194.53.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:4c:6a:c4:a0:6d:1d:81:4b:52:ca:72:af:3b:40:d1:75:d4:71:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Sep 14 23:56:09 2024 GMT
Not After : Sep 14 00:01:09 2025 GMT
Subject: CN=DC0DBCDA6B0CE43BEEEA0CAC29FF863029798ECD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:2f:22:b0:e4:e8:84:69:56:29:f7:dc:16:8b:
9d:e4:e7:62:19:dc:bc:f4:5e:7b:04:44:53:0f:7c:
bd:93:d5:34:28:de:d6:79:a7:58:a6:65:f1:5b:ab:
fb:6a:11:b8:9b:0f:f4:15:52:91:fb:d0:f8:a5:d6:
d9:d8:74:f7:b5:71:b3:f9:97:05:7d:64:a3:b0:8b:
3e:c7:fe:d1:a0:a3:f8:63:3d:0c:b6:c9:99:ad:53:
48:9f:57:6a:21:6f:58:cb:a2:30:37:cc:71:b0:b4:
10:60:36:cd:8f:37:20:05:ca:9e:1f:48:20:34:f0:
1a:a2:7e:9f:14:d8:42:ac:fa:be:26:3f:dc:bc:9f:
76:7c:5f:25:ae:54:76:66:42:9e:d2:a6:d1:e3:fc:
17:50:33:4d:90:32:7f:43:ad:a4:48:9a:16:8e:2c:
5d:aa:a9:7d:e1:7b:dd:75:f2:89:c2:70:bd:79:10:
f8:ca:80:c2:83:73:80:fa:ed:f9:b1:2c:6c:7a:d4:
e6:d5:51:2d:31:f7:24:19:f2:e1:4e:42:67:56:de:
74:1c:f6:2f:dc:35:4b:f5:83:1b:cd:f6:0b:83:00:
0c:47:12:9c:72:dc:ee:e9:20:17:fb:73:b6:74:cf:
97:b4:0a:61:7e:82:46:5c:cd:3b:21:1a:69:f9:72:
85:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:0D:BC:DA:6B:0C:E4:3B:EE:EA:0C:AC:29:FF:86:30:29:79:8E:CD
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS152179.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.173.0/24
181.214.2.0/24
181.214.25.0/24
181.214.33.0/24
181.214.75.0/24
181.214.130.0/24
181.214.132.0/24
181.214.185.0/24
181.214.205.0/24
181.214.250.0/24
181.215.110.0/24
181.215.127.0/24
181.215.136.0/24
181.215.148.0/24
181.215.154.0/24
181.215.190.0/24
181.215.239.0/24
185.173.27.0/24
191.96.111.0/24
194.53.142.0/24
Signature Algorithm: sha256WithRSAEncryption
51:b0:7c:43:ec:ef:32:47:4d:42:e1:3f:6c:4a:8d:42:64:69:
f9:39:33:5e:13:a8:f8:b9:01:03:34:5a:49:4c:f5:a4:56:1b:
c0:7f:7f:96:0d:41:4e:c6:3e:b7:aa:00:e1:b8:0c:57:22:0a:
a9:08:0b:d5:9c:2e:bf:22:53:e0:01:f0:8b:c4:fb:d2:a2:24:
58:29:a5:0e:53:dc:80:28:d1:de:a5:5f:bf:35:53:b8:58:77:
38:9c:bc:d9:32:b0:d0:bc:cb:63:b2:dd:18:6e:bd:ec:03:10:
de:a7:4e:fd:6d:2c:a3:77:f7:e2:25:f8:bc:ee:90:ef:b5:60:
a0:bf:d4:4f:f8:9e:84:a3:80:ae:61:8d:91:b1:e1:67:84:63:
f8:f0:95:e7:50:dd:71:a6:c6:c0:20:89:f5:c2:47:b1:9b:52:
af:c1:94:22:21:27:b3:08:1a:dc:0d:f6:aa:9a:37:c8:4b:a5:
de:dd:99:d8:04:15:94:b8:4e:e1:b0:b1:91:18:0c:90:e4:28:
4a:e3:27:f8:7e:a9:e7:08:01:3b:33:9e:56:59:c5:06:7d:37:
ca:39:f7:32:da:03:96:62:14:68:d0:12:51:7e:6c:b8:51:a0:
1e:99:c5:9f:60:f4:a8:4c:85:0d:5b:07:b4:2e:47:94:04:49:
01:f2:b3:fa
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgIUM0xqxKBtHYFLUspyrztA0XXUcWgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA5MTQyMzU2MDlaFw0yNTA5MTQwMDAxMDlaMDMxMTAvBgNV
BAMTKERDMERCQ0RBNkIwQ0U0M0JFRUVBMENBQzI5RkY4NjMwMjk3OThFQ0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXLyKw5OiEaVYp99wWi53k52IZ
3Lz0XnsERFMPfL2T1TQo3tZ5p1imZfFbq/tqEbibD/QVUpH70Pil1tnYdPe1cbP5
lwV9ZKOwiz7H/tGgo/hjPQy2yZmtU0ifV2ohb1jLojA3zHGwtBBgNs2PNyAFyp4f
SCA08Bqifp8U2EKs+r4mP9y8n3Z8XyWuVHZmQp7SptHj/BdQM02QMn9DraRImhaO
LF2qqX3he9118onCcL15EPjKgMKDc4D67fmxLGx61ObVUS0x9yQZ8uFOQmdW3nQc
9i/cNUv1gxvN9guDAAxHEpxy3O7pIBf7c7Z0z5e0CmF+gkZczTshGmn5coWpAgMB
AAGjggJ/MIICezAdBgNVHQ4EFgQU3A282msM5Dvu6gysKf+GMCl5js0wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTUyMTc5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQA
sz2tAwQAtdYCAwQAtdYZAwQAtdYhAwQAtdZLAwQAtdaCAwQAtdaEAwQAtda5AwQA
tdbNAwQAtdb6AwQAtdduAwQAtdd/AwQAtdeIAwQAtdeUAwQAtdeaAwQAtde+AwQA
tdfvAwQAua0bAwQAv2BvAwQAwjWOMA0GCSqGSIb3DQEBCwUAA4IBAQBRsHxD7O8y
R01C4T9sSo1CZGn5OTNeE6j4uQEDNFpJTPWkVhvAf3+WDUFOxj63qgDhuAxXIgqp
CAvVnC6/IlPgAfCLxPvSoiRYKaUOU9yAKNHepV+/NVO4WHc4nLzZMrDQvMtjst0Y
br3sAxDep079bSyjd/fiJfi87pDvtWCgv9RP+J6Eo4CuYY2RseFnhGP48JXnUN1x
psbAIIn1wkexm1KvwZQiISezCBrcDfaqmjfIS6Xe3ZnYBBWUuE7hsLGRGAyQ5ChK
4yf4fqnnCAE7M55WWcUGfTfKOfcy2gOWYhRo0BJRfmy4UaAemcWfYPSoTIUNWwe0
LkeUBEkB8rP6
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:44:44 2024 by rpki-client on console-fra.rpki-client.org