Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397423.roa
File: AS397423.roa (raw, json)
Hash identifier: 2JP2eTCgtgIG896rRQ0hx5QqH2sZ+wgKfclf2ut0U6M=
Subject key identifier: 2E:7E:D6:A3:5B:AD:B1:1F:FC:D3:5B:9C:37:EC:0F:5E:00:BA:8E:96
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 278EA0DFE46DD230A8E71E6096C891F81CC9A3CC
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397423.roa
Signing time: Mon 27 May 2024 09:34:45 +0000
ROA not before: Mon 27 May 2024 09:29:45 +0000
ROA not after: Mon 26 May 2025 09:34:45 +0000
asID: 397423
IP address blocks: 179.61.194.0/24 maxlen: 24
181.214.133.0/24 maxlen: 24
181.214.152.0/24 maxlen: 24
181.215.22.0/24 maxlen: 24
181.215.47.0/24 maxlen: 24
181.215.49.0/24 maxlen: 24
181.215.242.0/24 maxlen: 24
181.215.243.0/24 maxlen: 24
181.215.244.0/24 maxlen: 24
191.96.101.0/24 maxlen: 24
191.96.155.0/24 maxlen: 24
191.96.166.0/24 maxlen: 24
191.96.186.0/24 maxlen: 24
191.96.233.0/24 maxlen: 24
191.101.30.0/24 maxlen: 24
191.101.166.0/24 maxlen: 24
191.101.172.0/24 maxlen: 24
191.101.207.0/24 maxlen: 24
191.101.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:8e:a0:df:e4:6d:d2:30:a8:e7:1e:60:96:c8:91:f8:1c:c9:a3:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 27 09:29:45 2024 GMT
Not After : May 26 09:34:45 2025 GMT
Subject: CN=2E7ED6A35BADB11FFCD35B9C37EC0F5E00BA8E96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:40:17:ef:e3:92:b0:91:99:6a:90:48:67:1b:
78:d6:c3:bd:dd:28:79:80:b5:37:17:6f:67:7f:49:
50:e6:49:98:f0:a4:6a:4f:eb:a5:0d:22:66:9c:95:
78:89:36:0a:df:b5:04:f7:1f:6a:c1:c8:c7:fb:cc:
d1:0e:a0:96:d7:90:59:15:df:2a:57:cc:d7:9c:79:
ec:84:f4:a4:67:5b:ac:25:49:d2:9e:8a:e3:34:12:
b0:95:43:2a:92:52:35:91:39:fe:28:23:24:8f:63:
37:0d:7e:14:b3:3a:33:46:9e:9a:7d:c6:26:11:d2:
6d:ab:37:e4:3d:6a:5c:ab:d7:fb:96:02:ad:95:cd:
c3:43:a2:c5:5a:0c:f5:42:34:f0:e2:84:5d:43:0d:
75:5f:b2:6d:39:f6:9c:1e:bd:07:0f:dd:b1:08:aa:
65:13:45:ba:50:d1:fd:85:ee:53:ca:ef:72:cd:95:
05:57:e2:d5:2a:15:f3:8e:46:a1:b0:61:e6:75:b3:
72:94:48:55:36:2b:e1:dc:92:3f:69:30:22:6b:1d:
50:d7:e3:c6:55:56:bd:95:5d:22:78:3c:74:76:41:
96:19:74:44:21:53:0a:4f:aa:0d:3d:8f:e1:8b:96:
dc:58:7f:8e:14:2f:e9:8d:d1:65:a4:6f:42:f6:02:
36:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:7E:D6:A3:5B:AD:B1:1F:FC:D3:5B:9C:37:EC:0F:5E:00:BA:8E:96
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397423.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.194.0/24
181.214.133.0/24
181.214.152.0/24
181.215.22.0/24
181.215.47.0/24
181.215.49.0/24
181.215.242.0-181.215.244.255
191.96.101.0/24
191.96.155.0/24
191.96.166.0/24
191.96.186.0/24
191.96.233.0/24
191.101.30.0/24
191.101.166.0/24
191.101.172.0/24
191.101.207.0/24
191.101.227.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:ea:b7:80:96:3d:0c:d6:b3:85:ed:a3:bc:76:ca:d4:12:89:
8e:a1:6a:e7:a1:35:6c:eb:68:97:c5:13:aa:e2:59:3f:9e:6c:
1f:e3:5e:7f:4e:c3:73:38:c8:69:30:15:7b:d1:c6:2e:45:4e:
d0:ba:43:0b:17:cd:7f:1c:e4:99:5b:26:1d:78:67:35:ba:38:
c2:e1:60:6f:fa:13:f2:b8:6d:ee:81:77:c8:b1:4d:50:5a:3e:
d5:36:9c:67:06:90:85:14:36:e0:4b:25:d5:db:3c:b1:d0:e1:
66:30:03:67:a6:72:69:a8:da:9d:0b:53:6f:7b:d8:f9:c5:5c:
58:ed:89:ec:68:34:72:d3:9f:da:a4:2f:6f:b6:ec:b5:e5:be:
1f:d5:4a:d4:cb:6f:8d:59:66:5a:88:43:4c:bc:97:f6:c7:46:
2b:b5:63:f7:de:10:19:4b:6f:74:e7:52:87:57:76:f9:d6:62:
f4:b7:97:4c:99:e3:d8:58:d1:1b:c1:cb:a6:6a:b2:98:6f:cb:
a1:d4:a5:a5:7a:f9:94:11:fb:39:6a:8b:d2:52:e6:cc:e3:70:
1b:17:ba:b6:8b:4d:19:97:df:44:03:f9:78:67:fc:f4:a9:68:
17:56:1f:b1:53:83:94:ad:56:cc:e3:9a:9a:88:4e:19:ec:71:
38:2b:5f:3b
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgIUJ46g3+Rt0jCo5x5glsiR+BzJo8wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA1MjcwOTI5NDVaFw0yNTA1MjYwOTM0NDVaMDMxMTAvBgNV
BAMTKDJFN0VENkEzNUJBREIxMUZGQ0QzNUI5QzM3RUMwRjVFMDBCQThFOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1QBfv45KwkZlqkEhnG3jWw73d
KHmAtTcXb2d/SVDmSZjwpGpP66UNImaclXiJNgrftQT3H2rByMf7zNEOoJbXkFkV
3ypXzNeceeyE9KRnW6wlSdKeiuM0ErCVQyqSUjWROf4oIySPYzcNfhSzOjNGnpp9
xiYR0m2rN+Q9alyr1/uWAq2VzcNDosVaDPVCNPDihF1DDXVfsm059pwevQcP3bEI
qmUTRbpQ0f2F7lPK73LNlQVX4tUqFfOORqGwYeZ1s3KUSFU2K+Hckj9pMCJrHVDX
48ZVVr2VXSJ4PHR2QZYZdEQhUwpPqg09j+GLltxYf44UL+mN0WWkb0L2AjalAgMB
AAGjggJzMIICbzAdBgNVHQ4EFgQULn7Wo1utsR/801ucN+wPXgC6jpYwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk3NDIzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEALM9
wgMEALXWhQMEALXWmAMEALXXFgMEALXXLwMEALXXMTAMAwQBtdfyAwQAtdf0AwQA
v2BlAwQAv2CbAwQAv2CmAwQAv2C6AwQAv2DpAwQAv2UeAwQAv2WmAwQAv2WsAwQA
v2XPAwQAv2XjMA0GCSqGSIb3DQEBCwUAA4IBAQBa6reAlj0M1rOF7aO8dsrUEomO
oWrnoTVs62iXxROq4lk/nmwf415/TsNzOMhpMBV70cYuRU7QukMLF81/HOSZWyYd
eGc1ujjC4WBv+hPyuG3ugXfIsU1QWj7VNpxnBpCFFDbgSyXV2zyx0OFmMANnpnJp
qNqdC1Nve9j5xVxY7YnsaDRy05/apC9vtuy15b4f1UrUy2+NWWZaiENMvJf2x0Yr
tWP33hAZS29051KHV3b51mL0t5dMmePYWNEbwcumarKYb8uh1KWlevmUEfs5aovS
UubM43AbF7q2i00Zl99EA/l4Z/z0qWgXVh+xU4OUrVbM45qaiE4Z7HE4K187
-----END CERTIFICATE-----
Generated at Sun Jun 2 13:16:19 2024 by rpki-client on console-ams.rpki-client.org