Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS399486.roa
File: AS399486.roa (raw, json)
Hash identifier: aB9OKFvFJCZBH24FoKIHVZRCtGQ0MmM+rJn9xf2LT8o=
Subject key identifier: BC:C5:9C:E3:BC:E9:FB:30:D5:67:60:AB:3F:7B:6A:56:43:B6:2E:C4
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5C7864AB9C6B309EF8E269DF666F8D12631F5EEF
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS399486.roa
Signing time: Tue 11 Feb 2025 00:01:59 +0000
ROA not before: Mon 10 Feb 2025 23:56:59 +0000
ROA not after: Tue 10 Feb 2026 00:01:59 +0000
asID: 399486
IP address blocks: 85.209.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 07:05:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:78:64:ab:9c:6b:30:9e:f8:e2:69:df:66:6f:8d:12:63:1f:5e:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Feb 10 23:56:59 2025 GMT
Not After : Feb 10 00:01:59 2026 GMT
Subject: CN=BCC59CE3BCE9FB30D56760AB3F7B6A5643B62EC4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:97:13:ad:82:6d:33:70:d9:95:d4:38:15:bf:
5f:f3:00:2b:5d:9b:8c:62:5e:8f:3e:76:dc:af:ae:
67:45:ad:6b:99:df:06:fe:2e:32:41:1b:0e:44:af:
28:6d:06:cd:cc:f2:21:d0:ad:61:c3:87:6d:a2:d1:
35:f4:12:b4:19:d4:4f:da:2a:e2:39:ae:07:c7:82:
9e:22:81:52:59:45:68:2e:00:2b:0f:10:0b:87:a4:
f8:46:63:4d:f4:bf:7d:5d:43:e0:b3:f9:62:8b:42:
d0:08:7e:d5:cd:60:db:33:3e:9b:d7:c7:9e:13:6f:
1f:8e:a0:06:df:1c:ea:a9:fd:11:fa:53:0a:f3:1a:
ec:85:1f:28:2b:d6:a5:06:da:75:4c:fb:36:1a:c8:
4f:d6:e0:ee:eb:49:96:4c:a1:31:c3:8e:5d:b7:6a:
33:65:26:78:8c:ff:a5:fb:08:1b:39:11:df:63:b4:
83:99:0b:89:6f:ed:46:c2:bb:80:61:84:69:d0:a6:
8e:79:a9:5b:0a:a5:23:8f:d3:61:9f:e7:56:42:ec:
84:03:97:50:41:bb:b8:a3:03:8a:b3:7e:80:c4:9c:
61:4e:17:b2:0f:90:a3:21:fc:1b:4b:7b:e7:09:ab:
35:79:1c:49:4d:df:e5:31:f6:a2:57:bb:f3:2a:fd:
d7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:C5:9C:E3:BC:E9:FB:30:D5:67:60:AB:3F:7B:6A:56:43:B6:2E:C4
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS399486.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.176.0/24
Signature Algorithm: sha256WithRSAEncryption
38:85:44:07:70:d9:9c:a3:67:d9:17:96:3f:73:16:f9:a1:83:
ea:2d:eb:72:3b:23:ee:b4:05:7e:01:79:25:bd:55:08:b3:75:
1a:b4:c5:9f:39:5c:fe:64:3c:1e:38:85:27:29:34:4c:50:66:
86:98:a6:9f:e0:3a:7b:a8:54:97:08:c4:09:2c:38:70:54:a1:
21:cb:75:65:15:bd:ba:ce:c1:37:98:61:c3:38:20:c2:48:06:
55:ff:a2:d0:30:a3:ad:b3:3c:58:49:38:28:e5:fc:32:a8:05:
65:c1:33:49:f4:21:83:b4:db:be:e5:d3:61:76:70:40:19:40:
2a:ce:82:85:07:87:1e:6f:b2:05:cd:e6:e3:f6:42:8e:b4:7a:
6f:c5:1d:b1:ec:35:fa:3e:59:86:41:35:57:4e:a7:bd:13:04:
02:b7:d7:65:89:04:b1:de:ef:6a:e6:01:1d:bb:15:3d:98:2a:
e2:87:c5:b3:3f:de:e8:b1:c7:ee:52:b6:d0:bd:7f:2c:c7:e5:
82:bc:ef:77:b8:26:b7:61:6b:e9:8d:b9:a1:84:fe:83:75:bf:
d0:fd:4d:01:98:ef:6c:02:92:ae:96:0d:ce:2b:3c:5f:9e:54:
b9:d7:a2:1a:f8:55:ae:c6:f3:5f:2b:1e:c7:02:2f:65:fb:39:
d4:2d:06:d3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUXHhkq5xrMJ744mnfZm+NEmMfXu8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAyMTAyMzU2NTlaFw0yNjAyMTAwMDAxNTlaMDMxMTAvBgNV
BAMTKEJDQzU5Q0UzQkNFOUZCMzBENTY3NjBBQjNGN0I2QTU2NDNCNjJFQzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmlxOtgm0zcNmV1DgVv1/zACtd
m4xiXo8+dtyvrmdFrWuZ3wb+LjJBGw5EryhtBs3M8iHQrWHDh22i0TX0ErQZ1E/a
KuI5rgfHgp4igVJZRWguACsPEAuHpPhGY030v31dQ+Cz+WKLQtAIftXNYNszPpvX
x54Tbx+OoAbfHOqp/RH6UwrzGuyFHygr1qUG2nVM+zYayE/W4O7rSZZMoTHDjl23
ajNlJniM/6X7CBs5Ed9jtIOZC4lv7UbCu4BhhGnQpo55qVsKpSOP02Gf51ZC7IQD
l1BBu7ijA4qzfoDEnGFOF7IPkKMh/BtLe+cJqzV5HElN3+Ux9qJXu/Mq/dfRAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUvMWc47zp+zDVZ2CrP3tqVkO2LsQwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk5NDg2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdGw
MA0GCSqGSIb3DQEBCwUAA4IBAQA4hUQHcNmco2fZF5Y/cxb5oYPqLetyOyPutAV+
AXklvVUIs3UatMWfOVz+ZDweOIUnKTRMUGaGmKaf4Dp7qFSXCMQJLDhwVKEhy3Vl
Fb26zsE3mGHDOCDCSAZV/6LQMKOtszxYSTgo5fwyqAVlwTNJ9CGDtNu+5dNhdnBA
GUAqzoKFB4ceb7IFzebj9kKOtHpvxR2x7DX6PlmGQTVXTqe9EwQCt9dliQSx3u9q
5gEduxU9mCrih8WzP97oscfuUrbQvX8sx+WCvO93uCa3YWvpjbmhhP6Ddb/Q/U0B
mO9sApKulg3OKzxfnlS516Ia+FWuxvNfKx7HAi9l+znULQbT
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:25:02 2025 by rpki-client