Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS25369.roa
File: AS25369.roa (raw, json)
Hash identifier: +i2WqHipQ0bTOAn7tQsEETLQdZdDezl+JKruBsUEY/4=
Subject key identifier: 42:C5:EF:6D:5A:CA:54:EB:27:4A:3E:B9:A9:FE:A8:D7:AB:4C:C3:2A
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 6D8F74CC3F52379BD34D3CC322189358BAE2F41E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS25369.roa
Signing time: Fri 10 May 2024 12:28:21 +0000
ROA not before: Fri 10 May 2024 12:23:21 +0000
ROA not after: Fri 09 May 2025 12:28:21 +0000
asID: 25369
IP address blocks: 179.61.185.0/24 maxlen: 24
179.61.198.0/24 maxlen: 24
191.96.66.0/24 maxlen: 24
191.96.153.0/24 maxlen: 24
191.96.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:8f:74:cc:3f:52:37:9b:d3:4d:3c:c3:22:18:93:58:ba:e2:f4:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 10 12:23:21 2024 GMT
Not After : May 9 12:28:21 2025 GMT
Subject: CN=42C5EF6D5ACA54EB274A3EB9A9FEA8D7AB4CC32A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d2:94:ad:91:1a:e9:e7:12:9d:be:ca:90:e2:
39:83:17:a7:cc:df:f3:5e:71:84:30:a0:77:d9:de:
fa:a5:92:cd:b7:d6:b7:b0:58:ee:8b:00:8d:f1:a0:
f0:06:9a:bd:0f:b9:58:b7:94:f4:35:18:35:b3:f7:
6a:03:fe:fe:7e:49:b4:d0:0b:73:a0:99:84:29:6a:
97:9a:ae:82:0e:76:18:c4:7c:30:f9:0a:27:d8:cd:
ab:a0:7e:d8:66:a8:c2:82:86:a7:a8:0e:f0:94:a3:
89:e2:e6:a1:32:f2:20:64:81:84:8d:03:8b:8f:6f:
54:9d:dd:38:ee:0d:96:d4:1a:10:6b:09:21:8c:96:
68:9a:b8:96:8d:16:8f:0e:57:72:46:0b:19:57:e9:
d3:2b:3b:70:6b:38:ac:5f:1e:6c:3c:3a:2c:25:e3:
59:ad:72:b0:19:8b:a2:a0:d2:ce:30:63:62:69:4a:
e9:6d:24:c3:35:21:12:aa:d9:f6:a0:a9:72:85:d7:
01:55:3b:62:14:a1:df:26:6f:c3:76:4e:86:fa:37:
c0:c9:d3:bf:42:84:e4:43:fd:95:75:e2:52:70:e3:
a0:c9:4d:fc:90:11:9d:f4:48:1e:ae:62:a3:e1:ec:
a0:fc:59:4b:a6:2e:90:fd:c2:9d:07:35:1e:c8:84:
ca:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:C5:EF:6D:5A:CA:54:EB:27:4A:3E:B9:A9:FE:A8:D7:AB:4C:C3:2A
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS25369.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.185.0/24
179.61.198.0/24
191.96.66.0/24
191.96.153.0/24
191.96.202.0/24
Signature Algorithm: sha256WithRSAEncryption
94:8e:f1:e1:e7:db:65:bf:29:04:21:05:f8:a4:b7:1c:15:5b:
74:4b:2f:e2:58:ef:18:f4:b8:9c:15:c8:0c:be:c7:74:14:99:
0a:fe:c6:4e:4e:82:8b:44:3d:d6:09:b2:54:28:88:2e:21:2f:
a0:01:a4:2b:63:83:14:13:0a:fb:8b:b2:b7:7e:21:71:fc:37:
f6:f6:07:2a:e9:5a:1a:5b:1f:b2:28:64:7a:68:de:79:80:29:
76:7f:c2:e3:22:9d:14:9e:a5:02:75:0a:8a:ec:6f:00:6e:b3:
6b:6f:2e:a5:f1:48:28:90:a6:03:41:bc:cd:7b:10:43:68:4d:
15:e1:ce:0a:8e:7b:69:3f:e0:c5:d5:10:38:f7:1d:a9:68:bc:
99:5f:ce:eb:b4:b8:df:f5:58:7c:f6:b2:33:0e:1e:d9:39:9e:
1f:b8:8d:ed:a6:38:a2:39:be:68:f8:36:06:8e:20:6c:23:84:
cb:83:17:4a:37:4a:89:38:a1:9b:ae:21:e6:6c:eb:77:c8:e1:
6c:3c:be:dd:2a:98:73:73:f1:ce:c9:7c:b2:37:c0:15:53:7c:
29:6b:b6:39:fe:a3:57:81:69:ae:88:68:af:98:30:b4:1f:13:
fd:25:d3:dd:0a:80:cd:fe:23:59:60:0a:28:bb:7f:00:80:b5:
56:b4:12:29
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUbY90zD9SN5vTTTzDIhiTWLri9B4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA1MTAxMjIzMjFaFw0yNTA1MDkxMjI4MjFaMDMxMTAvBgNV
BAMTKDQyQzVFRjZENUFDQTU0RUIyNzRBM0VCOUE5RkVBOEQ3QUI0Q0MzMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC50pStkRrp5xKdvsqQ4jmDF6fM
3/NecYQwoHfZ3vqlks231rewWO6LAI3xoPAGmr0PuVi3lPQ1GDWz92oD/v5+SbTQ
C3OgmYQpapearoIOdhjEfDD5CifYzaugfthmqMKChqeoDvCUo4ni5qEy8iBkgYSN
A4uPb1Sd3TjuDZbUGhBrCSGMlmiauJaNFo8OV3JGCxlX6dMrO3BrOKxfHmw8Oiwl
41mtcrAZi6Kg0s4wY2JpSultJMM1IRKq2fagqXKF1wFVO2IUod8mb8N2Tob6N8DJ
079ChORD/ZV14lJw46DJTfyQEZ30SB6uYqPh7KD8WUumLpD9wp0HNR7IhMpzAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUQsXvbVrKVOsnSj65qf6o16tMwyowHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjUzNjkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBACzPbkD
BACzPcYDBAC/YEIDBAC/YJkDBAC/YMowDQYJKoZIhvcNAQELBQADggEBAJSO8eHn
22W/KQQhBfiktxwVW3RLL+JY7xj0uJwVyAy+x3QUmQr+xk5OgotEPdYJslQoiC4h
L6ABpCtjgxQTCvuLsrd+IXH8N/b2ByrpWhpbH7IoZHpo3nmAKXZ/wuMinRSepQJ1
CorsbwBus2tvLqXxSCiQpgNBvM17EENoTRXhzgqOe2k/4MXVEDj3HalovJlfzuu0
uN/1WHz2sjMOHtk5nh+4je2mOKI5vmj4NgaOIGwjhMuDF0o3Sok4oZuuIeZs63fI
4Ww8vt0qmHNz8c7JfLI3wBVTfClrtjn+o1eBaa6IaK+YMLQfE/0l090KgM3+I1lg
Cii7fwCAtVa0Eik=
-----END CERTIFICATE-----
Generated at Sun Jun 2 13:16:18 2024 by rpki-client on console-ams.rpki-client.org