Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397373.roa
File: AS397373.roa (raw, json)
Hash identifier: dfH439Twu5esGWexsK99s+DBdFobsH/sFiFGZkMNGBU=
Subject key identifier: E3:B0:69:8C:5D:B5:8D:83:E1:C3:CD:87:16:F7:76:66:79:B2:04:01
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 4EAB840529A454C823749793ED6D84D111E2BF91
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397373.roa
Signing time: Mon 22 Apr 2024 10:23:52 +0000
ROA not before: Mon 22 Apr 2024 10:18:52 +0000
ROA not after: Mon 21 Apr 2025 10:23:52 +0000
asID: 397373
IP address blocks: 179.61.166.0/24 maxlen: 24
179.61.176.0/24 maxlen: 24
179.61.223.0/24 maxlen: 24
179.61.252.0/24 maxlen: 24
181.41.215.0/24 maxlen: 24
181.214.41.0/24 maxlen: 24
181.214.217.0/24 maxlen: 24
181.215.5.0/24 maxlen: 24
181.215.248.0/24 maxlen: 24
185.172.64.0/24 maxlen: 24
185.172.67.0/24 maxlen: 24
191.96.25.0/24 maxlen: 24
191.96.32.0/24 maxlen: 24
191.96.131.0/24 maxlen: 24
191.96.177.0/24 maxlen: 24
191.96.194.0/24 maxlen: 24
191.96.221.0/24 maxlen: 24
191.96.246.0/24 maxlen: 24
191.101.16.0/24 maxlen: 24
191.101.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:ab:84:05:29:a4:54:c8:23:74:97:93:ed:6d:84:d1:11:e2:bf:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 22 10:18:52 2024 GMT
Not After : Apr 21 10:23:52 2025 GMT
Subject: CN=E3B0698C5DB58D83E1C3CD8716F7766679B20401
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:66:d7:a1:f9:5a:bd:61:d5:1e:09:07:5b:82:
6b:86:85:98:e6:7f:44:96:45:7f:21:95:6e:86:81:
65:ce:c4:c6:69:5a:b7:51:d5:8a:f5:56:13:06:d0:
d3:e8:54:4a:5e:1c:be:e6:8a:ac:67:16:60:6e:da:
74:b7:97:ec:2d:3c:7d:6d:f4:93:c2:d8:04:27:fe:
10:31:e9:d3:b5:45:e7:5c:38:ec:bb:0d:7f:83:fb:
59:bf:0f:59:4c:05:45:02:a8:c0:c6:ca:63:d5:5f:
c8:f2:98:77:d0:66:0a:16:85:9c:80:41:79:1b:e7:
cb:86:bc:c4:cb:c7:c7:99:d9:75:f0:e5:1d:60:ed:
12:23:12:ae:ae:0b:73:65:ae:37:23:2c:82:9a:26:
48:ab:38:16:0d:66:30:c1:87:9a:b1:cb:78:67:b4:
59:5d:4e:83:56:ba:5b:47:e4:a6:b4:7c:b8:5d:54:
ec:6d:2e:f6:d0:93:97:57:bf:98:d0:31:11:7b:a5:
56:d4:1c:6d:76:25:38:5c:f5:a4:3f:1a:5a:5d:ce:
6b:1e:d4:29:e7:8e:ab:58:8c:50:41:8d:d5:7d:ec:
f5:c4:38:55:27:2b:b7:eb:fd:74:3c:d7:f0:93:49:
a8:c9:5c:53:c2:1f:7e:5c:db:46:0a:e3:a4:35:21:
f8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:B0:69:8C:5D:B5:8D:83:E1:C3:CD:87:16:F7:76:66:79:B2:04:01
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397373.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.166.0/24
179.61.176.0/24
179.61.223.0/24
179.61.252.0/24
181.41.215.0/24
181.214.41.0/24
181.214.217.0/24
181.215.5.0/24
181.215.248.0/24
185.172.64.0/24
185.172.67.0/24
191.96.25.0/24
191.96.32.0/24
191.96.131.0/24
191.96.177.0/24
191.96.194.0/24
191.96.221.0/24
191.96.246.0/24
191.101.16.0/24
191.101.191.0/24
Signature Algorithm: sha256WithRSAEncryption
98:fd:cf:37:4b:8f:ce:f9:6e:57:aa:89:a1:17:73:1b:15:2f:
2b:68:58:37:dc:ad:41:31:91:ce:07:bf:82:9d:54:31:cb:4a:
1b:d8:10:90:9f:09:64:d3:a8:a2:40:5c:b3:f3:c2:37:4d:a7:
0e:cd:41:07:7e:dd:5c:86:6f:7d:d5:94:07:30:3a:11:7a:dc:
3d:ea:b7:fd:a4:10:9f:52:e0:5e:5c:5b:fb:0f:af:db:a3:0d:
8e:ed:42:c3:2f:49:8a:ff:c8:6c:01:33:96:95:36:45:ad:e2:
ba:d6:00:dc:de:8b:f4:27:9d:88:ce:89:6d:02:1f:b5:cf:48:
dc:ae:6f:13:86:00:18:bb:e0:b3:dc:76:b6:9c:be:96:df:f6:
3d:f0:78:0f:a7:05:d7:c8:2a:e1:9a:c0:97:b9:e8:c9:4f:bb:
de:53:6d:8a:47:d7:40:26:84:7e:1c:3e:92:8a:df:cc:5b:eb:
d1:e3:5b:17:c1:06:81:7a:80:ed:01:6c:87:e8:e6:3b:1d:78:
8c:da:90:e4:af:bd:6f:41:6a:10:a0:26:a0:36:9d:b9:ba:00:
40:f4:e2:ee:23:20:db:20:13:07:a5:fd:92:62:fa:ff:f4:e3:
1d:d9:17:69:ab:da:57:6d:9f:87:62:47:b8:08:aa:ea:25:e7:
7d:a6:7b:5a
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgIUTquEBSmkVMgjdJeT7W2E0RHiv5EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA0MjIxMDE4NTJaFw0yNTA0MjExMDIzNTJaMDMxMTAvBgNV
BAMTKEUzQjA2OThDNURCNThEODNFMUMzQ0Q4NzE2Rjc3NjY2NzlCMjA0MDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQZteh+Vq9YdUeCQdbgmuGhZjm
f0SWRX8hlW6GgWXOxMZpWrdR1Yr1VhMG0NPoVEpeHL7miqxnFmBu2nS3l+wtPH1t
9JPC2AQn/hAx6dO1RedcOOy7DX+D+1m/D1lMBUUCqMDGymPVX8jymHfQZgoWhZyA
QXkb58uGvMTLx8eZ2XXw5R1g7RIjEq6uC3NlrjcjLIKaJkirOBYNZjDBh5qxy3hn
tFldToNWultH5Ka0fLhdVOxtLvbQk5dXv5jQMRF7pVbUHG12JThc9aQ/Glpdzmse
1CnnjqtYjFBBjdV97PXEOFUnK7fr/XQ81/CTSajJXFPCH35c20YK46Q1IfgHAgMB
AAGjggJ/MIICezAdBgNVHQ4EFgQU47BpjF21jYPhw82HFvd2ZnmyBAEwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk3MzczLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQA
sz2mAwQAsz2wAwQAsz3fAwQAsz38AwQAtSnXAwQAtdYpAwQAtdbZAwQAtdcFAwQA
tdf4AwQAuaxAAwQAuaxDAwQAv2AZAwQAv2AgAwQAv2CDAwQAv2CxAwQAv2DCAwQA
v2DdAwQAv2D2AwQAv2UQAwQAv2W/MA0GCSqGSIb3DQEBCwUAA4IBAQCY/c83S4/O
+W5XqomhF3MbFS8raFg33K1BMZHOB7+CnVQxy0ob2BCQnwlk06iiQFyz88I3TacO
zUEHft1chm991ZQHMDoRetw96rf9pBCfUuBeXFv7D6/bow2O7ULDL0mK/8hsATOW
lTZFreK61gDc3ov0J52IzoltAh+1z0jcrm8ThgAYu+Cz3Ha2nL6W3/Y98HgPpwXX
yCrhmsCXuejJT7veU22KR9dAJoR+HD6Sit/MW+vR41sXwQaBeoDtAWyH6OY7HXiM
2pDkr71vQWoQoCagNp25ugBA9OLuIyDbIBMHpf2SYvr/9OMd2Rdpq9pXbZ+HYke4
CKrqJed9pnta
-----END CERTIFICATE-----
Generated at Thu May 2 16:58:34 2024 by rpki-client on console-fra.rpki-client.org