Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: lFMgt/lfU8i4W1SwEME78BzTuJPYfLLx8jF7eeF7968=
Subject key identifier: 38:61:87:08:C3:A7:6C:3F:38:BF:09:24:C9:9B:08:F8:5A:C6:22:D4
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 43186774856CC6ECE3DDA0B9B6A94FCC462B9650
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
Signing time: Sun 02 Jun 2024 14:11:13 +0000
ROA not before: Sun 02 Jun 2024 14:06:13 +0000
ROA not after: Sun 01 Jun 2025 14:11:13 +0000
asID: 16509
IP address blocks: 45.89.249.0/24 maxlen: 24
181.214.236.0/23 maxlen: 24
181.215.206.0/23 maxlen: 24
185.151.58.0/24 maxlen: 24
191.96.204.0/24 maxlen: 24
191.101.94.0/24 maxlen: 24
191.101.223.0/24 maxlen: 24
191.101.242.0/24 maxlen: 24
213.109.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 13:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:18:67:74:85:6c:c6:ec:e3:dd:a0:b9:b6:a9:4f:cc:46:2b:96:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 2 14:06:13 2024 GMT
Not After : Jun 1 14:11:13 2025 GMT
Subject: CN=38618708C3A76C3F38BF0924C99B08F85AC622D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:be:68:d6:12:8a:62:e9:4b:d7:9f:e2:9f:c8:
39:bf:9a:13:ad:65:ca:f1:4a:d4:1d:bf:c7:77:67:
f8:ad:5c:44:a0:33:2b:76:d5:46:10:09:0e:30:91:
fc:1e:23:30:de:e4:6c:b1:18:47:91:79:c8:54:09:
c9:21:46:d7:78:7c:e4:b7:4c:08:92:45:aa:97:49:
3b:54:5b:c5:70:a1:fa:1a:f9:f6:28:75:a2:b2:c3:
62:6c:c7:5e:f9:68:d6:cb:a2:3d:ac:34:af:f9:f1:
48:91:56:e7:ef:33:f3:df:f8:65:dd:ba:c9:d9:45:
49:27:93:f4:07:a0:bf:e0:ce:0b:55:a1:b5:5a:0e:
33:47:5f:99:c3:34:01:03:67:b4:ab:be:00:b3:6a:
5c:07:59:97:53:5c:ef:34:bd:7f:ef:01:a1:03:61:
5e:dc:8e:b0:4a:b2:cf:2a:3c:f9:0e:4c:e2:55:f9:
de:f6:6b:56:b8:6c:39:1f:42:78:32:0b:d2:68:e9:
a3:7f:c8:35:fd:f5:6f:57:a1:df:d7:17:be:64:f6:
e6:68:f3:4b:bc:d3:a6:f2:03:d2:1e:ac:8b:0d:05:
1b:bd:5e:a2:d1:43:b0:22:86:4e:06:21:82:c7:0a:
8f:bb:01:69:fd:67:5a:50:ea:d5:ec:44:c2:7f:d2:
6e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:61:87:08:C3:A7:6C:3F:38:BF:09:24:C9:9B:08:F8:5A:C6:22:D4
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.249.0/24
181.214.236.0/23
181.215.206.0/23
185.151.58.0/24
191.96.204.0/24
191.101.94.0/24
191.101.223.0/24
191.101.242.0/24
213.109.169.0/24
Signature Algorithm: sha256WithRSAEncryption
99:cb:66:38:28:19:c0:cf:6f:3e:b4:df:c9:b4:7a:64:da:a0:
98:04:d6:dd:ba:bb:7a:d3:71:e8:88:45:84:37:f1:c1:86:80:
a2:25:8a:a8:c3:4d:ae:9a:96:7e:e3:08:03:59:43:54:cf:dc:
f3:8c:7d:07:55:36:25:6b:44:4c:54:77:d5:1b:26:1f:de:00:
39:3c:6d:d8:93:43:90:8e:a7:8c:09:b8:e1:0e:b4:a0:8d:fc:
cc:ad:c0:c4:c2:98:4e:ca:a4:5b:b2:61:54:5f:df:97:3a:79:
f1:7a:23:5a:9e:a7:48:20:54:cf:ea:43:99:b1:44:9d:c6:e4:
16:55:ed:41:65:cf:54:e9:36:0a:04:20:69:be:67:12:c6:7a:
68:4b:a1:96:4c:f8:8e:a1:95:56:78:33:af:3d:ed:85:56:52:
e1:48:6c:6a:02:11:1b:b3:51:6a:a1:a2:4e:98:ac:3e:87:c8:
9b:96:38:8d:6e:28:e9:7f:1b:8e:18:a4:1e:91:ba:ee:0d:22:
ca:f8:f0:d2:4f:fc:8c:63:b9:51:1e:37:d2:46:28:88:d6:2d:
d7:04:b5:17:fc:a4:bc:cf:3a:e9:2b:bc:56:e2:d7:f9:66:fc:
e8:43:b1:ca:ff:13:9d:b5:2c:91:7f:87:e8:23:93:9f:1e:89:
5d:a4:fd:64
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUQxhndIVsxuzj3aC5tqlPzEYrllAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA2MDIxNDA2MTNaFw0yNTA2MDExNDExMTNaMDMxMTAvBgNV
BAMTKDM4NjE4NzA4QzNBNzZDM0YzOEJGMDkyNEM5OUIwOEY4NUFDNjIyRDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDevmjWEopi6UvXn+KfyDm/mhOt
ZcrxStQdv8d3Z/itXESgMyt21UYQCQ4wkfweIzDe5GyxGEeRechUCckhRtd4fOS3
TAiSRaqXSTtUW8Vwofoa+fYodaKyw2Jsx175aNbLoj2sNK/58UiRVufvM/Pf+GXd
usnZRUknk/QHoL/gzgtVobVaDjNHX5nDNAEDZ7SrvgCzalwHWZdTXO80vX/vAaED
YV7cjrBKss8qPPkOTOJV+d72a1a4bDkfQngyC9Jo6aN/yDX99W9Xod/XF75k9uZo
80u806byA9IerIsNBRu9XqLRQ7Aihk4GIYLHCo+7AWn9Z1pQ6tXsRMJ/0m49AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUOGGHCMOnbD84vwkkyZsI+FrGItQwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTwYIKwYBBQUHAQcBAf8EQDA+MDwEAgABMDYDBAAtWfkD
BAG11uwDBAG1184DBAC5lzoDBAC/YMwDBAC/ZV4DBAC/Zd8DBAC/ZfIDBADVbakw
DQYJKoZIhvcNAQELBQADggEBAJnLZjgoGcDPbz6038m0emTaoJgE1t26u3rTceiI
RYQ38cGGgKIliqjDTa6aln7jCANZQ1TP3POMfQdVNiVrRExUd9UbJh/eADk8bdiT
Q5COp4wJuOEOtKCN/MytwMTCmE7KpFuyYVRf35c6efF6I1qep0ggVM/qQ5mxRJ3G
5BZV7UFlz1TpNgoEIGm+ZxLGemhLoZZM+I6hlVZ4M6897YVWUuFIbGoCERuzUWqh
ok6YrD6HyJuWOI1uKOl/G44YpB6Ruu4NIsr48NJP/IxjuVEeN9JGKIjWLdcEtRf8
pLzPOukrvFbi1/lm/OhDscr/E521LJF/h+gjk58eiV2k/WQ=
-----END CERTIFICATE-----
Generated at Sun Jun 2 19:59:28 2024 by rpki-client on console-ams.rpki-client.org