Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS209854.roa
File: AS209854.roa (raw, json)
Hash identifier: 8UNFkJBgQ73DZnCum8n1PI2M7MeVPwKcWXU33yMxUEs=
Subject key identifier: E1:14:43:95:5A:92:33:F0:E5:9A:42:51:08:E4:09:B9:40:82:5E:63
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 48D75635DFA515FCDA372BB4F218410A4F3A1732
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS209854.roa
Signing time: Wed 04 Dec 2024 09:24:27 +0000
ROA not before: Wed 04 Dec 2024 09:19:27 +0000
ROA not after: Wed 03 Dec 2025 09:24:27 +0000
asID: 209854
IP address blocks: 45.137.29.0/24 maxlen: 24
181.41.195.0/24 maxlen: 24
181.41.197.0/24 maxlen: 24
181.214.177.0/24 maxlen: 24
181.214.246.0/24 maxlen: 24
181.215.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 07:05:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:d7:56:35:df:a5:15:fc:da:37:2b:b4:f2:18:41:0a:4f:3a:17:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Dec 4 09:19:27 2024 GMT
Not After : Dec 3 09:24:27 2025 GMT
Subject: CN=E11443955A9233F0E59A425108E409B940825E63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b4:98:36:85:5a:f6:3b:5e:0d:d2:55:7d:ec:
a1:a2:8f:f7:ff:02:e6:98:0d:48:e1:fb:22:7c:27:
1f:20:7e:bd:05:40:d1:57:f1:fb:10:04:01:c6:6f:
d3:d1:5b:4f:3e:fe:5b:d6:b0:8f:2b:48:40:25:5b:
7c:4a:37:37:78:63:3b:38:93:ed:69:76:9e:5f:06:
bf:49:a5:b9:71:9b:b8:67:b3:f9:de:69:a1:07:2a:
20:d4:08:7c:88:c0:ca:0c:9d:3f:f7:fd:c6:b1:03:
c5:c6:b2:e0:4c:f4:75:69:e7:fb:33:ef:a9:45:2b:
56:32:96:00:ba:12:7f:a6:18:8e:6d:6d:18:61:00:
bb:1e:d3:0d:2d:f5:7c:35:ba:c5:ee:97:95:15:d8:
7b:66:02:7d:e7:8a:39:0b:80:75:a2:e8:93:eb:1b:
63:a9:dc:70:f0:37:c4:af:72:dd:2b:1f:e1:b8:32:
3b:74:72:c9:42:cc:65:9a:8c:1f:39:29:36:b8:e4:
a1:aa:b1:92:a8:90:01:2c:6d:0c:fa:7b:fb:da:1f:
16:cd:29:3a:e9:0a:98:70:1b:5c:28:4c:12:d1:81:
26:64:d7:db:86:79:45:39:13:fa:37:8e:db:fe:df:
be:0d:cb:ce:e1:33:9d:86:e4:7d:dd:72:da:12:bd:
10:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:14:43:95:5A:92:33:F0:E5:9A:42:51:08:E4:09:B9:40:82:5E:63
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS209854.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.29.0/24
181.41.195.0/24
181.41.197.0/24
181.214.177.0/24
181.214.246.0/24
181.215.7.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:0c:e5:1b:8f:14:7f:d6:0e:de:72:59:da:f5:15:48:dc:c9:
17:c9:78:fd:95:0e:76:f4:2d:be:59:11:18:f7:be:67:e4:65:
0c:4e:09:4a:0a:b5:70:e6:d7:1c:36:9c:43:40:82:c8:47:8a:
b4:cf:da:2a:12:fd:6e:b5:58:09:e9:47:d3:03:fb:f7:47:09:
4c:04:6d:ad:1e:77:c1:dd:3b:c6:84:5e:95:31:42:f4:f0:e4:
99:bd:c5:6a:3d:0b:04:41:34:e9:1c:31:a5:e1:e9:72:15:27:
11:93:ee:48:f3:48:cf:ba:e9:f1:c6:0a:96:9f:c1:ea:9b:28:
e7:f7:38:2d:2a:f7:15:86:a4:9a:6f:6f:76:f7:8f:e4:27:07:
67:3a:d0:82:e8:12:bd:7c:2b:53:d6:b9:dd:dc:f0:16:1f:05:
ed:29:95:42:89:64:97:8f:a4:d8:ad:ef:16:90:9b:e0:b0:1d:
2f:13:81:a2:40:dd:6b:18:eb:ad:1d:04:6c:a5:f2:d2:ce:44:
7a:94:31:32:3f:56:43:f1:58:65:82:03:e6:73:d3:59:96:ad:
18:79:42:58:9c:5b:67:4d:47:3e:dd:05:79:ac:50:34:8c:55:
e0:a8:74:8c:ab:28:d2:4f:00:6d:e4:8a:ac:c9:92:1c:ed:a2:
04:e9:a4:d6
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUSNdWNd+lFfzaNyu08hhBCk86FzIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDEyMDQwOTE5MjdaFw0yNTEyMDMwOTI0MjdaMDMxMTAvBgNV
BAMTKEUxMTQ0Mzk1NUE5MjMzRjBFNTlBNDI1MTA4RTQwOUI5NDA4MjVFNjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvtJg2hVr2O14N0lV97KGij/f/
AuaYDUjh+yJ8Jx8gfr0FQNFX8fsQBAHGb9PRW08+/lvWsI8rSEAlW3xKNzd4Yzs4
k+1pdp5fBr9Jpblxm7hns/neaaEHKiDUCHyIwMoMnT/3/caxA8XGsuBM9HVp5/sz
76lFK1YylgC6En+mGI5tbRhhALse0w0t9Xw1usXul5UV2HtmAn3nijkLgHWi6JPr
G2Op3HDwN8Svct0rH+G4Mjt0cslCzGWajB85KTa45KGqsZKokAEsbQz6e/vaHxbN
KTrpCphwG1woTBLRgSZk19uGeUU5E/o3jtv+374Ny87hM52G5H3dctoSvRC3AgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQU4RRDlVqSM/DlmkJRCOQJuUCCXmMwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA5ODU0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALYkd
AwQAtSnDAwQAtSnFAwQAtdaxAwQAtdb2AwQAtdcHMA0GCSqGSIb3DQEBCwUAA4IB
AQC2DOUbjxR/1g7eclna9RVI3MkXyXj9lQ529C2+WREY975n5GUMTglKCrVw5tcc
NpxDQILIR4q0z9oqEv1utVgJ6UfTA/v3RwlMBG2tHnfB3TvGhF6VMUL08OSZvcVq
PQsEQTTpHDGl4elyFScRk+5I80jPuunxxgqWn8Hqmyjn9zgtKvcVhqSab29294/k
JwdnOtCC6BK9fCtT1rnd3PAWHwXtKZVCiWSXj6TYre8WkJvgsB0vE4GiQN1rGOut
HQRspfLSzkR6lDEyP1ZD8VhlggPmc9NZlq0YeUJYnFtnTUc+3QV5rFA0jFXgqHSM
qyjSTwBt5IqsyZIc7aIE6aTW
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:26:03 2025 by rpki-client