Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397630.roa
File: AS397630.roa (raw, json)
Hash identifier: iqa00+84aZgyNJSA1iN2tKDqmYd8uQsZqjm1caXF1tw=
Subject key identifier: C6:B2:B3:4E:BA:35:9B:18:43:9D:5B:83:2C:50:22:96:F1:5B:02:A6
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5410D43BDE1A4A2E9FDC6F773725C898662DDAB1
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397630.roa
Signing time: Wed 06 Nov 2024 00:00:23 +0000
ROA not before: Tue 05 Nov 2024 23:55:23 +0000
ROA not after: Wed 05 Nov 2025 00:00:23 +0000
asID: 397630
IP address blocks: 191.101.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:10:d4:3b:de:1a:4a:2e:9f:dc:6f:77:37:25:c8:98:66:2d:da:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Nov 5 23:55:23 2024 GMT
Not After : Nov 5 00:00:23 2025 GMT
Subject: CN=C6B2B34EBA359B18439D5B832C502296F15B02A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:25:c0:3c:b4:44:0c:44:23:3b:80:06:c3:f0:
5b:11:0f:63:20:f8:94:f9:d9:5c:9f:28:9f:84:ee:
11:98:f9:95:fd:4e:c8:94:39:da:75:fb:f8:ef:f1:
8d:35:1e:2d:db:e5:09:8a:2f:5e:ba:ef:df:3d:47:
35:80:73:c9:32:6f:e5:51:2c:a9:c6:aa:de:51:e7:
56:84:45:a8:6b:34:4e:3d:79:39:4c:36:33:5b:f7:
69:48:52:85:fd:9a:39:41:6a:99:af:d6:d3:85:a1:
3d:53:61:af:6b:29:6f:6b:96:22:25:a7:8f:51:4d:
36:bd:9f:9a:22:07:64:28:08:66:e3:19:a8:99:a5:
74:45:85:16:22:7f:05:5b:46:da:96:cc:fa:d4:a7:
4a:0e:9a:94:3d:a8:fa:55:08:a4:15:00:4f:cc:05:
08:e4:6c:db:a5:73:65:8b:79:a8:d6:2d:c4:ef:9e:
a1:11:2c:b5:22:16:99:05:5d:11:38:81:4e:0b:a1:
5c:31:3f:42:1b:a8:22:4e:7e:6a:6c:35:53:2b:26:
b8:2e:48:e4:d6:94:85:6c:a2:bb:e1:c0:1b:be:64:
88:a3:e0:9b:aa:2c:a3:98:03:4b:3f:79:bf:ed:b0:
b7:f1:f4:75:c6:ac:1f:37:67:ea:3d:9b:f1:1f:02:
65:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:B2:B3:4E:BA:35:9B:18:43:9D:5B:83:2C:50:22:96:F1:5B:02:A6
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.101.123.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:ac:36:7f:ce:fe:a5:a0:f0:4f:f1:87:a1:2b:90:47:86:49:
0b:e1:36:11:76:f7:23:f5:90:dd:93:4a:9b:63:46:11:e5:98:
43:b6:4d:e0:d5:79:00:ca:3d:b7:fe:e2:5c:37:06:a8:6f:82:
c1:9e:89:77:45:4c:19:86:ab:ca:d9:ee:f0:40:98:24:ef:8b:
3d:76:bf:b1:ad:e2:a1:9f:30:94:ca:f8:13:14:fb:a1:57:15:
7d:55:98:5a:1c:af:9b:c4:59:2f:5b:a2:80:c8:93:58:8a:5d:
72:ba:e4:73:85:3e:9c:a1:11:02:80:1c:16:f2:6b:ff:cc:2f:
a9:de:2d:ef:a2:d9:6b:bf:b4:6c:1a:2d:51:21:45:28:db:0e:
a1:67:e5:65:78:04:91:8a:a3:9a:fd:ef:97:2b:f9:0e:d4:8d:
c1:64:d1:96:0c:d5:fc:83:f1:b8:61:1c:35:0c:24:ce:92:75:
6a:b7:5e:c5:5c:ff:5c:de:53:a2:34:1f:22:f0:98:3f:02:4f:
2b:23:d1:56:91:86:7c:72:c3:3d:eb:a4:f9:b9:07:b3:e2:82:
07:ed:19:92:fd:68:d2:62:47:34:3a:15:3a:70:38:60:6a:75:
1d:44:fa:5e:c5:19:cc:d4:5d:f3:40:90:85:e3:eb:fa:81:9d:
93:f1:52:ec
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUVBDUO94aSi6f3G93NyXImGYt2rEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDExMDUyMzU1MjNaFw0yNTExMDUwMDAwMjNaMDMxMTAvBgNV
BAMTKEM2QjJCMzRFQkEzNTlCMTg0MzlENUI4MzJDNTAyMjk2RjE1QjAyQTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4JcA8tEQMRCM7gAbD8FsRD2Mg
+JT52VyfKJ+E7hGY+ZX9TsiUOdp1+/jv8Y01Hi3b5QmKL1667989RzWAc8kyb+VR
LKnGqt5R51aERahrNE49eTlMNjNb92lIUoX9mjlBapmv1tOFoT1TYa9rKW9rliIl
p49RTTa9n5oiB2QoCGbjGaiZpXRFhRYifwVbRtqWzPrUp0oOmpQ9qPpVCKQVAE/M
BQjkbNulc2WLeajWLcTvnqERLLUiFpkFXRE4gU4LoVwxP0IbqCJOfmpsNVMrJrgu
SOTWlIVsorvhwBu+ZIij4JuqLKOYA0s/eb/tsLfx9HXGrB83Z+o9m/EfAmXzAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUxrKzTro1mxhDnVuDLFAilvFbAqYwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk3NjMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2V7
MA0GCSqGSIb3DQEBCwUAA4IBAQAtrDZ/zv6loPBP8YehK5BHhkkL4TYRdvcj9ZDd
k0qbY0YR5ZhDtk3g1XkAyj23/uJcNwaob4LBnol3RUwZhqvK2e7wQJgk74s9dr+x
reKhnzCUyvgTFPuhVxV9VZhaHK+bxFkvW6KAyJNYil1yuuRzhT6coRECgBwW8mv/
zC+p3i3votlrv7RsGi1RIUUo2w6hZ+VleASRiqOa/e+XK/kO1I3BZNGWDNX8g/G4
YRw1DCTOknVqt17FXP9c3lOiNB8i8Jg/Ak8rI9FWkYZ8csM966T5uQez4oIH7RmS
/WjSYkc0OhU6cDhganUdRPpexRnM1F3zQJCF4+v6gZ2T8VLs
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:44:48 2024 by rpki-client on console-fra.rpki-client.org