Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS207821.roa
File: AS207821.roa (raw, json)
Hash identifier: ARqadjlaAa2L4HsVTy1kXyqZcLMkIRlRFMww16MsKmE=
Subject key identifier: E0:68:3D:3C:4B:E3:20:C9:74:E6:2E:80:69:B1:1A:A4:80:19:AE:AB
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 4423F788AB94DC05BA4A34C78F7D46863EB32886
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS207821.roa
Signing time: Thu 24 Oct 2024 11:48:19 +0000
ROA not before: Thu 24 Oct 2024 11:43:19 +0000
ROA not after: Thu 23 Oct 2025 11:48:19 +0000
asID: 207821
IP address blocks: 185.137.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 07:05:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:23:f7:88:ab:94:dc:05:ba:4a:34:c7:8f:7d:46:86:3e:b3:28:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 24 11:43:19 2024 GMT
Not After : Oct 23 11:48:19 2025 GMT
Subject: CN=E0683D3C4BE320C974E62E8069B11AA48019AEAB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:18:10:d2:2a:66:77:bc:b4:72:ba:15:f1:1c:
dc:d3:32:53:cb:d4:4b:e0:d6:f6:39:7f:ae:36:71:
9e:4a:bf:ba:b5:2b:a5:2d:c1:52:e4:ef:f0:c7:75:
89:c5:e6:02:38:7c:cb:e9:a9:d2:7f:c6:df:05:31:
11:a0:e7:be:4e:3c:02:96:32:15:69:42:83:b3:26:
92:ce:8c:ef:39:90:0c:20:17:ae:e2:ab:f7:7a:98:
21:ed:2d:1c:65:3a:bc:11:65:43:19:1f:cf:d5:97:
12:54:fe:0d:51:a5:e5:5f:1f:f8:5a:87:4c:67:23:
bb:84:e1:fe:b2:de:ce:48:fd:53:c4:93:3f:02:74:
a9:f8:78:21:ff:65:b0:0e:91:40:b5:72:b6:fa:f0:
a2:be:f4:41:94:c3:6c:57:20:68:43:02:22:0c:57:
69:cb:1d:80:bc:2f:20:1f:b0:09:24:8b:e6:94:76:
e1:b4:7b:46:2b:2a:d9:99:39:aa:d1:3c:b2:19:ba:
25:7d:62:50:40:5d:03:89:d9:6b:8e:b5:0b:e6:9f:
5c:d1:65:49:1d:85:d9:30:fe:e4:68:42:bf:55:d9:
d0:57:fb:4a:0b:3d:e2:b8:f8:97:74:77:a6:97:1a:
b5:ff:8b:8d:60:d6:3c:a2:33:3c:d2:3f:78:77:b6:
03:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:68:3D:3C:4B:E3:20:C9:74:E6:2E:80:69:B1:1A:A4:80:19:AE:AB
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS207821.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.15.0/24
Signature Algorithm: sha256WithRSAEncryption
18:17:af:1e:af:83:70:5b:50:eb:e5:a5:14:f2:ca:3d:a4:b3:
7d:11:b5:d5:74:91:67:0d:e7:ca:f9:e5:54:bc:3b:6d:52:50:
93:48:84:28:c9:71:70:6b:36:4e:be:55:72:e0:7a:eb:2b:99:
9f:12:a1:34:4b:ed:80:7a:58:55:aa:35:8f:9c:b6:62:8d:cb:
2e:67:c9:84:aa:33:5f:b0:1e:73:70:5f:ae:bd:ed:1e:b0:48:
93:d8:6b:a1:4a:9a:88:ec:f4:b9:e4:bb:1a:cb:ec:4e:6d:3d:
97:1e:05:6e:37:62:85:44:04:b9:d2:af:49:07:07:33:4a:0a:
d5:d5:39:85:19:db:97:ca:99:10:13:2e:6d:8b:35:9f:8e:f6:
9d:b9:fd:60:83:35:7a:b3:41:22:66:ef:45:92:7f:e0:d7:9b:
65:5f:3f:13:9c:6a:cf:02:2d:50:15:dc:0e:ff:a2:e5:1f:0c:
b7:89:46:de:48:6a:fa:82:75:80:8b:a9:c0:fd:55:01:27:9d:
a4:a9:2b:89:ab:3e:fe:72:fd:c4:76:47:28:15:0d:d1:4e:6c:
19:4e:f7:55:e2:31:ff:a1:99:07:ea:5f:64:d8:8f:85:28:2c:
00:79:e1:5e:c1:d7:28:7f:07:6e:5d:e2:19:7a:4c:4b:3b:b7:
fc:21:e2:a9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIURCP3iKuU3AW6SjTHj31Ghj6zKIYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDEwMjQxMTQzMTlaFw0yNTEwMjMxMTQ4MTlaMDMxMTAvBgNV
BAMTKEUwNjgzRDNDNEJFMzIwQzk3NEU2MkU4MDY5QjExQUE0ODAxOUFFQUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2GBDSKmZ3vLRyuhXxHNzTMlPL
1Evg1vY5f642cZ5Kv7q1K6UtwVLk7/DHdYnF5gI4fMvpqdJ/xt8FMRGg575OPAKW
MhVpQoOzJpLOjO85kAwgF67iq/d6mCHtLRxlOrwRZUMZH8/VlxJU/g1RpeVfH/ha
h0xnI7uE4f6y3s5I/VPEkz8CdKn4eCH/ZbAOkUC1crb68KK+9EGUw2xXIGhDAiIM
V2nLHYC8LyAfsAkki+aUduG0e0YrKtmZOarRPLIZuiV9YlBAXQOJ2WuOtQvmn1zR
ZUkdhdkw/uRoQr9V2dBX+0oLPeK4+Jd0d6aXGrX/i41g1jyiMzzSP3h3tgORAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU4Gg9PEvjIMl05i6AabEapIAZrqswHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA3ODIxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYkP
MA0GCSqGSIb3DQEBCwUAA4IBAQAYF68er4NwW1Dr5aUU8so9pLN9EbXVdJFnDefK
+eVUvDttUlCTSIQoyXFwazZOvlVy4HrrK5mfEqE0S+2AelhVqjWPnLZijcsuZ8mE
qjNfsB5zcF+uve0esEiT2GuhSpqI7PS55Lsay+xObT2XHgVuN2KFRAS50q9JBwcz
SgrV1TmFGduXypkQEy5tizWfjvaduf1ggzV6s0EiZu9Fkn/g15tlXz8TnGrPAi1Q
FdwO/6LlHwy3iUbeSGr6gnWAi6nA/VUBJ52kqSuJqz7+cv3EdkcoFQ3RTmwZTvdV
4jH/oZkH6l9k2I+FKCwAeeFewdcofwduXeIZekxLO7f8IeKp
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:11:39 2025 by rpki-client