Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: voPxi9JJhohBlqrRZDVlyQZD8RRu9wKicDWA5VJuMyw=
Subject key identifier: 9E:D0:E2:73:F5:31:A3:BD:FF:7F:F8:98:12:EC:FF:B5:2F:6A:6A:6A
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 6A0F30929BE35EEE09BF5CF5950AFC5558C07D7F
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa
Signing time: Sat 04 May 2024 00:01:09 +0000
ROA not before: Fri 03 May 2024 23:56:09 +0000
ROA not after: Sat 03 May 2025 00:01:09 +0000
asID: 20473
IP address blocks: 181.41.214.0/24 maxlen: 24
181.215.70.0/24 maxlen: 24
191.96.58.0/24 maxlen: 24
191.96.64.0/24 maxlen: 24
191.101.20.0/24 maxlen: 24
191.101.58.0/24 maxlen: 24
191.101.82.0/24 maxlen: 24
191.101.111.0/24 maxlen: 24
2a0b:500::/32 maxlen: 48
2a0b:501::/32 maxlen: 48
2a0b:502::/32 maxlen: 48
2a0b:503::/32 maxlen: 48
2a0b:504::/32 maxlen: 48
2a0b:505::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:0f:30:92:9b:e3:5e:ee:09:bf:5c:f5:95:0a:fc:55:58:c0:7d:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 3 23:56:09 2024 GMT
Not After : May 3 00:01:09 2025 GMT
Subject: CN=9ED0E273F531A3BDFF7FF89812ECFFB52F6A6A6A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8c:b1:76:44:dd:34:2f:74:a0:71:1a:54:91:
29:95:2e:2b:65:98:5d:f2:e6:2a:64:83:ac:c5:32:
37:32:26:bc:bf:9f:22:fb:00:61:76:e6:5d:11:17:
71:78:c1:a9:ee:c7:44:d6:eb:9c:da:3a:e7:d5:b0:
dd:e0:bd:88:50:63:db:81:dc:65:ab:78:6b:e9:34:
17:83:df:d9:68:52:bb:39:0c:4e:61:5d:40:dc:2a:
17:fd:5b:bc:e0:16:02:70:51:02:cc:a6:66:84:68:
2d:ee:8f:5f:4a:56:57:b1:af:58:6b:64:d8:8d:4d:
33:da:09:83:84:0f:43:d7:c6:c0:fd:66:a4:b7:2b:
74:d3:19:da:08:27:00:b6:46:1a:59:96:dd:a5:44:
b3:45:bf:e6:65:1e:1f:43:c1:d3:94:42:d3:aa:a5:
26:b7:f9:44:26:f3:73:9a:e3:05:84:5f:06:04:44:
2e:b7:bf:24:55:70:d8:df:28:c0:81:3e:a2:be:62:
8f:13:c3:ae:42:d4:b1:b0:6b:4f:1b:42:dd:b3:68:
6c:c6:53:50:22:b0:6e:65:d4:2a:fd:30:af:f1:f5:
42:c7:ac:d7:af:65:12:13:7e:26:52:53:f3:c7:88:
10:ec:f1:81:8c:3c:a5:f7:75:4f:a5:99:48:56:6d:
00:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D0:E2:73:F5:31:A3:BD:FF:7F:F8:98:12:EC:FF:B5:2F:6A:6A:6A
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.41.214.0/24
181.215.70.0/24
191.96.58.0/24
191.96.64.0/24
191.101.20.0/24
191.101.58.0/24
191.101.82.0/24
191.101.111.0/24
IPv6:
2a0b:500::-2a0b:505:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
59:a7:60:b4:ac:cf:62:1c:c1:10:6e:2e:7b:fe:b3:20:c1:39:
f4:0a:0e:ce:18:0b:05:df:20:a1:7a:5d:a1:a2:07:3f:45:49:
34:0b:17:8a:c4:86:b3:53:f0:db:28:c8:ef:9e:e8:49:f9:cd:
29:1c:24:c6:c1:f2:b8:43:eb:83:9e:04:38:02:cc:21:c5:2e:
50:f5:5f:52:29:a7:bb:91:84:5e:2e:3c:4f:cc:41:db:a8:6a:
ac:71:c5:3c:59:19:55:f2:98:60:8a:83:77:fd:81:39:9d:a0:
fc:d1:89:98:8b:19:e4:58:a9:1f:1f:cc:18:90:5a:d4:d0:85:
b1:df:44:9d:d3:95:cf:b0:dc:21:87:21:dd:ea:ad:2b:22:6c:
50:f9:9a:56:6c:5e:80:27:ef:e3:2d:70:8d:df:54:e0:ba:89:
4c:98:a9:19:d5:30:9b:59:f8:0a:0f:bb:3f:20:03:0c:a8:83:
b6:52:cf:b9:79:d7:17:8d:65:03:14:be:8b:c7:20:a5:26:1a:
e8:8a:c4:be:52:e5:7e:71:dc:3d:95:3f:01:64:9b:d5:7a:68:
66:06:95:0d:04:78:f7:81:53:fe:82:2d:39:8d:59:09:03:f5:
e1:63:fd:c6:09:c5:d9:4f:3e:5c:52:54:ab:7e:1a:a2:b1:ed:
68:0f:1b:8c
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUag8wkpvjXu4Jv1z1lQr8VVjAfX8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA1MDMyMzU2MDlaFw0yNTA1MDMwMDAxMDlaMDMxMTAvBgNV
BAMTKDlFRDBFMjczRjUzMUEzQkRGRjdGRjg5ODEyRUNGRkI1MkY2QTZBNkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpjLF2RN00L3SgcRpUkSmVLitl
mF3y5ipkg6zFMjcyJry/nyL7AGF25l0RF3F4wanux0TW65zaOufVsN3gvYhQY9uB
3GWreGvpNBeD39loUrs5DE5hXUDcKhf9W7zgFgJwUQLMpmaEaC3uj19KVlexr1hr
ZNiNTTPaCYOED0PXxsD9ZqS3K3TTGdoIJwC2RhpZlt2lRLNFv+ZlHh9DwdOUQtOq
pSa3+UQm83Oa4wWEXwYERC63vyRVcNjfKMCBPqK+Yo8Tw65C1LGwa08bQt2zaGzG
U1AisG5l1Cr9MK/x9ULHrNevZRITfiZSU/PHiBDs8YGMPKX3dU+lmUhWbQC/AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUntDic/Uxo73/f/iYEuz/tS9qamowHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwYAYIKwYBBQUHAQcBAf8EUTBPMDYEAgABMDADBAC1KdYD
BAC110YDBAC/YDoDBAC/YEADBAC/ZRQDBAC/ZToDBAC/ZVIDBAC/ZW8wFQQCAAIw
DzANAwQAKgsFAwUBKgsFBDANBgkqhkiG9w0BAQsFAAOCAQEAWadgtKzPYhzBEG4u
e/6zIME59AoOzhgLBd8goXpdoaIHP0VJNAsXisSGs1Pw2yjI757oSfnNKRwkxsHy
uEPrg54EOALMIcUuUPVfUimnu5GEXi48T8xB26hqrHHFPFkZVfKYYIqDd/2BOZ2g
/NGJmIsZ5FipHx/MGJBa1NCFsd9EndOVz7DcIYch3eqtKyJsUPmaVmxegCfv4y1w
jd9U4LqJTJipGdUwm1n4Cg+7PyADDKiDtlLPuXnXF41lAxS+i8cgpSYa6IrEvlLl
fnHcPZU/AWSb1XpoZgaVDQR494FT/oItOY1ZCQP14WP9xgnF2U8+XFJUq34aorHt
aA8bjA==
-----END CERTIFICATE-----
Generated at Tue May 7 21:04:19 2024 by rpki-client on console-fra.rpki-client.org