Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215224.roa
File: AS215224.roa (raw, json)
Hash identifier: 1cmzoRkcsvhy1DF2LUFnt/iw1gdtFZQgC91qNWy2juQ=
Subject key identifier: A1:1A:C8:93:CC:43:46:D2:F6:F9:17:02:C1:26:04:05:F2:CE:06:35
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 7D3D94A99E2BA0970AE2E18F0CE32D287AAB8D4F
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215224.roa
Signing time: Tue 08 Oct 2024 09:07:59 +0000
ROA not before: Tue 08 Oct 2024 09:02:59 +0000
ROA not after: Tue 07 Oct 2025 09:07:59 +0000
asID: 215224
IP address blocks: 92.119.34.0/24 maxlen: 24
181.215.178.0/24 maxlen: 24
191.96.100.0/24 maxlen: 24
191.96.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 07:05:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:3d:94:a9:9e:2b:a0:97:0a:e2:e1:8f:0c:e3:2d:28:7a:ab:8d:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 8 09:02:59 2024 GMT
Not After : Oct 7 09:07:59 2025 GMT
Subject: CN=A11AC893CC4346D2F6F91702C1260405F2CE0635
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:3c:f2:88:ad:e5:11:1f:1f:3e:e1:5c:1a:1f:
40:40:82:c3:0b:d6:ff:c9:16:af:98:ac:d9:2a:fb:
b4:ae:1c:0d:21:38:e3:30:fe:dc:57:76:b1:89:e3:
b0:bd:42:d0:96:7d:99:d5:e5:e0:ca:ee:34:19:bc:
98:29:5b:df:b7:6b:5c:76:1d:13:04:54:7c:d5:fd:
2e:72:1b:a2:ed:1f:6c:ed:b8:63:1a:60:8b:0e:36:
d6:54:ba:bb:51:59:1f:a3:ff:fa:c8:de:0b:30:60:
a3:c7:be:53:5d:22:42:d8:63:6b:e9:a9:f5:d8:d3:
66:20:b8:83:fc:a8:98:05:89:42:43:d9:41:76:c3:
73:81:0d:c2:79:81:17:cb:7a:c7:55:10:80:09:9d:
5d:e5:0c:bf:4e:c0:cd:95:ab:6a:8b:ad:83:b6:f3:
17:7c:85:ae:ee:95:f6:7b:62:62:09:41:a9:15:24:
7f:5d:e2:6f:7a:07:97:76:9b:1d:26:e7:a5:a2:41:
d7:64:21:39:dc:98:3d:cf:46:bf:ce:c6:79:4c:01:
bf:a4:ac:03:ce:2f:81:59:34:8e:4f:c7:a2:a2:8a:
bb:28:74:e5:7b:53:4f:9e:4d:8c:72:f2:20:eb:b7:
6a:20:0f:e1:44:ef:97:77:6b:88:63:4e:b3:7b:75:
3d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:1A:C8:93:CC:43:46:D2:F6:F9:17:02:C1:26:04:05:F2:CE:06:35
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215224.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.34.0/24
181.215.178.0/24
191.96.100.0/24
191.96.136.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:46:bd:97:da:01:eb:d2:df:f4:e4:2f:b2:41:17:ae:75:f7:
72:0e:82:b8:e6:00:46:e7:c2:49:6d:5d:07:8b:c6:f8:79:50:
3d:20:6d:4d:7b:58:0a:ab:55:c9:78:d5:40:a6:e1:5f:ef:64:
1b:47:35:d3:a0:ba:02:04:b6:7c:14:6e:8a:ad:b5:58:05:3a:
f0:5d:3c:d3:74:8e:44:95:ec:9e:2e:c1:85:db:57:89:de:e8:
ed:01:c1:9b:e6:65:7f:82:dd:16:00:9e:cc:e2:1f:a5:e4:f6:
97:1b:0e:b3:8e:64:ff:5d:da:ca:74:eb:ea:dc:82:fd:33:72:
ee:7c:5a:ed:dc:d3:26:9f:66:06:60:d4:63:91:94:4c:f7:25:
81:27:e8:9d:ac:52:16:d2:fc:8b:d7:08:4f:bb:29:47:f9:b4:
52:fe:f8:d3:50:d0:4d:39:5d:b0:dc:1b:2f:8d:37:c0:83:55:
b9:bf:63:0d:d0:3a:12:4f:e0:bb:51:88:27:4b:18:f8:3e:e2:
81:45:ad:23:4f:7d:76:4a:e9:ed:df:41:75:f3:d8:10:1a:b2:
11:d2:c2:bf:62:ad:59:91:c5:f7:4f:07:fb:6a:d8:37:61:be:
86:87:b0:db:fa:7c:f1:10:30:f1:c2:75:0e:e3:1e:86:bc:78:
b6:88:62:38
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUfT2UqZ4roJcK4uGPDOMtKHqrjU8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDEwMDgwOTAyNTlaFw0yNTEwMDcwOTA3NTlaMDMxMTAvBgNV
BAMTKEExMUFDODkzQ0M0MzQ2RDJGNkY5MTcwMkMxMjYwNDA1RjJDRTA2MzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkPPKIreURHx8+4VwaH0BAgsML
1v/JFq+YrNkq+7SuHA0hOOMw/txXdrGJ47C9QtCWfZnV5eDK7jQZvJgpW9+3a1x2
HRMEVHzV/S5yG6LtH2ztuGMaYIsONtZUurtRWR+j//rI3gswYKPHvlNdIkLYY2vp
qfXY02YguIP8qJgFiUJD2UF2w3OBDcJ5gRfLesdVEIAJnV3lDL9OwM2Vq2qLrYO2
8xd8ha7ulfZ7YmIJQakVJH9d4m96B5d2mx0m56WiQddkITncmD3PRr/OxnlMAb+k
rAPOL4FZNI5Px6KiirsodOV7U0+eTYxy8iDrt2ogD+FE75d3a4hjTrN7dT0jAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUoRrIk8xDRtL2+RcCwSYEBfLOBjUwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjE1MjI0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXHci
AwQAtdeyAwQAv2BkAwQAv2CIMA0GCSqGSIb3DQEBCwUAA4IBAQCdRr2X2gHr0t/0
5C+yQReudfdyDoK45gBG58JJbV0Hi8b4eVA9IG1Ne1gKq1XJeNVApuFf72QbRzXT
oLoCBLZ8FG6KrbVYBTrwXTzTdI5EleyeLsGF21eJ3ujtAcGb5mV/gt0WAJ7M4h+l
5PaXGw6zjmT/XdrKdOvq3IL9M3LufFrt3NMmn2YGYNRjkZRM9yWBJ+idrFIW0vyL
1whPuylH+bRS/vjTUNBNOV2w3BsvjTfAg1W5v2MN0DoST+C7UYgnSxj4PuKBRa0j
T312Sunt30F189gQGrIR0sK/Yq1ZkcX3Twf7atg3Yb6Gh7Db+nzxEDDxwnUO4x6G
vHi2iGI4
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:29:00 2025 by rpki-client