Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212384.roa
File: AS212384.roa (raw, json)
Hash identifier: eAZLWFeKZkxzkjCeJ1cOy0h/vtAvGlQ7OXSvz3Zc6ws=
Subject key identifier: 61:2A:41:B1:02:D9:D8:16:A5:2B:39:3D:91:67:B5:F3:A7:B4:ED:3F
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 02C9B9F91E3C065A5EEF66129044507AA420E85E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212384.roa
Signing time: Thu 16 May 2024 09:25:18 +0000
ROA not before: Thu 16 May 2024 09:20:18 +0000
ROA not after: Thu 15 May 2025 09:25:18 +0000
asID: 212384
IP address blocks: 85.209.179.0/24 maxlen: 24
181.214.63.0/24 maxlen: 24
181.214.169.0/24 maxlen: 24
181.214.241.0/24 maxlen: 24
185.139.239.0/24 maxlen: 24
185.170.42.0/24 maxlen: 24
191.96.211.0/24 maxlen: 24
191.101.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 13:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:c9:b9:f9:1e:3c:06:5a:5e:ef:66:12:90:44:50:7a:a4:20:e8:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 16 09:20:18 2024 GMT
Not After : May 15 09:25:18 2025 GMT
Subject: CN=612A41B102D9D816A52B393D9167B5F3A7B4ED3F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:46:38:a7:be:98:88:d9:e5:68:a2:21:96:7a:
27:c3:4d:5a:f9:fe:c0:c0:4c:62:45:98:07:6c:d3:
d9:ea:f0:04:84:bc:19:8f:4f:0a:df:53:d7:81:8d:
93:ef:e0:ea:57:b0:7c:8b:28:6c:1d:b3:b1:78:3a:
61:93:cd:40:22:67:0e:03:8e:f0:0e:9c:f1:6a:ef:
a0:d2:f2:1f:29:91:e5:eb:95:39:eb:50:0e:6a:4c:
58:f3:8d:bd:66:97:35:df:c5:4b:1c:9b:82:7d:9c:
7e:76:01:de:91:98:c0:38:38:6b:86:6c:f5:4f:43:
6f:3b:df:15:97:ad:95:87:3f:91:57:3d:b8:6e:93:
79:69:dc:e0:ee:44:d1:0a:43:51:83:af:b4:f3:e4:
22:cd:e5:e0:79:c5:67:30:b3:d8:ad:f6:8a:f3:1f:
57:e9:4f:ef:c4:61:a1:27:e9:9e:9c:fd:cf:5b:0f:
12:0e:05:69:63:dc:9c:93:92:52:90:8f:d5:eb:00:
9a:00:b6:a1:84:c1:81:25:d4:f4:b4:14:7a:bf:64:
e0:c7:d2:aa:f3:61:2b:c7:8d:32:35:94:b1:ac:3e:
ff:4e:26:23:c9:34:f2:56:76:f1:68:77:33:8e:d9:
7b:7a:2c:94:f9:cb:0f:16:2e:84:3c:83:60:97:c4:
9a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:2A:41:B1:02:D9:D8:16:A5:2B:39:3D:91:67:B5:F3:A7:B4:ED:3F
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212384.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.179.0/24
181.214.63.0/24
181.214.169.0/24
181.214.241.0/24
185.139.239.0/24
185.170.42.0/24
191.96.211.0/24
191.101.122.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:0d:14:61:0b:f0:96:9a:6d:c8:04:66:56:34:04:e9:1b:bb:
ea:3a:c1:0a:06:5e:a1:51:a8:04:8c:ea:44:a9:b8:bb:dc:7a:
f0:b4:69:d1:27:e3:4e:94:b2:17:ab:51:42:02:5d:6c:e2:4c:
34:a9:91:64:47:59:4b:76:ee:96:5a:97:d5:4a:1b:d8:27:38:
e6:cf:6c:2a:2e:74:bf:0f:ea:4b:6e:e0:ba:3c:06:6c:da:fb:
26:3b:d7:1f:18:4e:8c:25:c4:98:b5:c6:2c:eb:8c:b4:31:b8:
03:43:70:e8:4a:7f:7e:69:b5:33:a0:c8:39:16:f5:a3:6e:8f:
ec:b6:56:3b:01:29:4b:7c:a6:29:83:74:cf:ad:03:36:8b:73:
59:ba:6b:14:8a:a8:95:af:43:d0:31:eb:6d:d9:89:b9:40:08:
98:75:d8:0c:69:c9:d8:2e:f3:a5:b4:73:75:93:02:a8:66:54:
aa:fd:98:fb:28:51:fd:33:6f:a8:96:68:a4:03:4e:fa:fd:ad:
b1:69:94:7e:99:2f:d6:e0:b1:1b:dc:b6:76:44:29:35:68:f2:
21:8e:2c:c5:27:3d:24:63:bd:91:dc:ee:f2:af:87:dd:43:44:
42:b2:e2:50:24:89:94:39:29:af:a1:0e:e7:37:25:c4:93:71:
74:71:a4:7e
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUAsm5+R48Blpe72YSkERQeqQg6F4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA1MTYwOTIwMThaFw0yNTA1MTUwOTI1MThaMDMxMTAvBgNV
BAMTKDYxMkE0MUIxMDJEOUQ4MTZBNTJCMzkzRDkxNjdCNUYzQTdCNEVEM0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgRjinvpiI2eVooiGWeifDTVr5
/sDATGJFmAds09nq8ASEvBmPTwrfU9eBjZPv4OpXsHyLKGwds7F4OmGTzUAiZw4D
jvAOnPFq76DS8h8pkeXrlTnrUA5qTFjzjb1mlzXfxUscm4J9nH52Ad6RmMA4OGuG
bPVPQ2873xWXrZWHP5FXPbhuk3lp3ODuRNEKQ1GDr7Tz5CLN5eB5xWcws9it9orz
H1fpT+/EYaEn6Z6c/c9bDxIOBWlj3JyTklKQj9XrAJoAtqGEwYEl1PS0FHq/ZODH
0qrzYSvHjTI1lLGsPv9OJiPJNPJWdvFodzOO2Xt6LJT5yw8WLoQ8g2CXxJqtAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUYSpBsQLZ2BalKzk9kWe186e07T8wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEyMzg0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVdGz
AwQAtdY/AwQAtdapAwQAtdbxAwQAuYvvAwQAuaoqAwQAv2DTAwQAv2V6MA0GCSqG
SIb3DQEBCwUAA4IBAQCoDRRhC/CWmm3IBGZWNATpG7vqOsEKBl6hUagEjOpEqbi7
3HrwtGnRJ+NOlLIXq1FCAl1s4kw0qZFkR1lLdu6WWpfVShvYJzjmz2wqLnS/D+pL
buC6PAZs2vsmO9cfGE6MJcSYtcYs64y0MbgDQ3DoSn9+abUzoMg5FvWjbo/stlY7
ASlLfKYpg3TPrQM2i3NZumsUiqiVr0PQMett2Ym5QAiYddgMacnYLvOltHN1kwKo
ZlSq/Zj7KFH9M2+olmikA076/a2xaZR+mS/W4LEb3LZ2RCk1aPIhjizFJz0kY72R
3O7yr4fdQ0RCsuJQJImUOSmvoQ7nNyXEk3F0caR+
-----END CERTIFICATE-----
Generated at Sun Jun 2 17:21:09 2024 by rpki-client on console-fra.rpki-client.org