Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400040.roa
File: AS400040.roa (raw, json)
Hash identifier: hB6OdRGp/CIWjWpT/b/bf04iBMA0UQXxA8Bf48Jy3jE=
Subject key identifier: 26:62:94:A6:DD:F9:D1:11:08:68:87:2F:AF:BC:E3:0E:59:CE:F7:AB
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 6BF1AFC58D5BC573A896156A24058BF4364DFED8
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400040.roa
Signing time: Wed 01 May 2024 00:00:33 +0000
ROA not before: Tue 30 Apr 2024 23:55:33 +0000
ROA not after: Wed 30 Apr 2025 00:00:33 +0000
asID: 400040
IP address blocks: 181.214.84.0/24 maxlen: 24
181.215.198.0/24 maxlen: 24
191.96.61.0/24 maxlen: 24
191.96.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:f1:af:c5:8d:5b:c5:73:a8:96:15:6a:24:05:8b:f4:36:4d:fe:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 30 23:55:33 2024 GMT
Not After : Apr 30 00:00:33 2025 GMT
Subject: CN=266294A6DDF9D1110868872FAFBCE30E59CEF7AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:15:82:ea:e4:f4:69:1e:54:e5:39:5c:52:ee:
47:bd:21:08:bc:d5:22:86:c2:40:bf:2b:a5:65:96:
a0:17:1f:cd:e2:a3:8f:b6:88:a0:b6:4c:4d:1f:d8:
b9:29:91:90:9d:f7:5c:1e:92:68:82:d2:68:51:ba:
eb:c3:de:80:b5:56:f5:88:ff:6a:50:af:6e:eb:f0:
53:84:42:b6:36:47:9c:2f:e4:b9:63:84:4e:1f:d1:
93:98:16:cc:ac:f5:0c:4a:ff:9b:30:b9:09:b5:ca:
0e:b9:1a:29:14:57:52:d1:a2:b8:0c:7c:74:ac:55:
aa:d6:d8:bf:e6:2c:81:0e:f5:1a:bf:c5:b1:00:3b:
5b:94:40:fa:69:cd:6c:72:ef:24:70:29:c3:ae:bd:
5d:f5:1a:6b:94:a0:ea:77:6b:d9:fa:d3:30:47:a1:
72:4f:09:82:1c:e1:ea:97:5a:85:0d:77:67:6e:91:
ab:9e:b9:48:3a:c6:6e:32:d3:d6:23:8a:1c:47:10:
27:7d:5b:d9:e2:aa:35:94:6b:db:55:ac:c0:9c:32:
4f:43:89:a0:69:58:11:b0:7a:2a:5e:f2:23:09:89:
2b:8b:6e:c2:dd:f0:e4:dd:a8:06:09:c8:db:ee:d2:
07:1a:19:94:e4:b8:cf:d4:b4:26:fa:1d:98:28:8e:
fc:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:62:94:A6:DD:F9:D1:11:08:68:87:2F:AF:BC:E3:0E:59:CE:F7:AB
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400040.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.84.0/24
181.215.198.0/24
191.96.61.0/24
191.96.223.0/24
Signature Algorithm: sha256WithRSAEncryption
56:70:e5:b0:5e:a0:ca:4f:99:5f:f9:60:38:93:3f:47:75:3a:
32:83:99:70:6f:17:9b:fc:cd:28:01:87:65:91:17:1a:a6:25:
62:d2:3c:d7:c3:f5:05:31:85:c9:4d:d8:a5:be:54:ba:3c:2a:
48:3b:5d:ae:35:b9:e9:78:e7:c2:84:b0:c6:d7:ce:12:e8:44:
05:36:56:ef:46:75:bb:31:9b:27:8a:72:6d:55:42:d8:a4:47:
73:59:08:af:71:35:ab:84:fd:23:c7:41:da:9a:5e:2d:2b:7e:
da:ba:24:bd:48:73:50:98:20:dc:05:70:ca:3c:be:7e:f0:0c:
ed:5c:e9:2c:dc:76:66:21:fa:2e:d7:2a:54:00:8e:b1:04:14:
3f:d0:e6:5f:b3:ab:92:db:37:d7:22:03:81:80:0c:fc:5c:53:
83:eb:8d:c2:32:28:5e:9e:48:79:5b:02:c3:97:0b:cf:31:65:
10:39:22:8e:d7:e3:6b:40:34:aa:4f:34:75:aa:d1:96:08:60:
bb:b6:d8:80:d6:11:1f:e5:b0:6d:9f:94:d5:29:00:b1:a2:2c:
bf:cc:07:ed:78:9b:f7:61:5d:a3:b4:eb:f8:2f:fe:54:1b:c9:
68:ac:27:b3:37:83:b4:aa:14:51:e9:14:bf:84:94:58:d9:8f:
e3:2e:f3:25
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUa/GvxY1bxXOolhVqJAWL9DZN/tgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA0MzAyMzU1MzNaFw0yNTA0MzAwMDAwMzNaMDMxMTAvBgNV
BAMTKDI2NjI5NEE2RERGOUQxMTEwODY4ODcyRkFGQkNFMzBFNTlDRUY3QUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrFYLq5PRpHlTlOVxS7ke9IQi8
1SKGwkC/K6VllqAXH83io4+2iKC2TE0f2LkpkZCd91wekmiC0mhRuuvD3oC1VvWI
/2pQr27r8FOEQrY2R5wv5LljhE4f0ZOYFsys9QxK/5swuQm1yg65GikUV1LRorgM
fHSsVarW2L/mLIEO9Rq/xbEAO1uUQPppzWxy7yRwKcOuvV31GmuUoOp3a9n60zBH
oXJPCYIc4eqXWoUNd2dukaueuUg6xm4y09YjihxHECd9W9niqjWUa9tVrMCcMk9D
iaBpWBGweipe8iMJiSuLbsLd8OTdqAYJyNvu0gcaGZTkuM/UtCb6HZgojvw5AgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUJmKUpt350REIaIcvr7zjDlnO96swHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDAwMDQwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAtdZU
AwQAtdfGAwQAv2A9AwQAv2DfMA0GCSqGSIb3DQEBCwUAA4IBAQBWcOWwXqDKT5lf
+WA4kz9HdToyg5lwbxeb/M0oAYdlkRcapiVi0jzXw/UFMYXJTdilvlS6PCpIO12u
NbnpeOfChLDG184S6EQFNlbvRnW7MZsninJtVULYpEdzWQivcTWrhP0jx0Haml4t
K37auiS9SHNQmCDcBXDKPL5+8AztXOks3HZmIfou1ypUAI6xBBQ/0OZfs6uS2zfX
IgOBgAz8XFOD643CMihenkh5WwLDlwvPMWUQOSKO1+NrQDSqTzR1qtGWCGC7ttiA
1hEf5bBtn5TVKQCxoiy/zAfteJv3YV2jtOv4L/5UG8lorCezN4O0qhRR6RS/hJRY
2Y/jLvMl
-----END CERTIFICATE-----
Generated at Mon May 20 12:33:02 2024 by rpki-client on console-fra.rpki-client.org