Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS401000.roa
File: AS401000.roa (raw, json)
Hash identifier: 3qMXkTV/dKyPc+p/jM3Jdo8qnAOHPV6nqwCvWM+p0C0=
Subject key identifier: FF:8A:AF:D8:A0:2A:4E:ED:BE:61:F1:D8:8A:61:46:E9:B1:DF:75:F4
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 0267024990410CB2DC8916C243BA1920454811D3
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS401000.roa
Signing time: Mon 22 Apr 2024 20:59:07 +0000
ROA not before: Mon 22 Apr 2024 20:54:07 +0000
ROA not after: Mon 21 Apr 2025 20:59:07 +0000
asID: 401000
IP address blocks: 181.214.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:67:02:49:90:41:0c:b2:dc:89:16:c2:43:ba:19:20:45:48:11:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 22 20:54:07 2024 GMT
Not After : Apr 21 20:59:07 2025 GMT
Subject: CN=FF8AAFD8A02A4EEDBE61F1D88A6146E9B1DF75F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:71:54:a3:f3:e2:a6:d4:11:c7:30:db:86:ae:
e8:80:51:36:96:1a:8e:b9:01:41:6b:d5:12:d8:6c:
a5:95:94:62:8a:f6:fc:82:27:2e:32:94:ce:ff:3d:
4c:02:c3:ed:11:c7:79:67:17:38:ae:bc:d7:7b:b3:
67:6d:ba:90:65:37:67:1f:f6:4a:c9:6d:6a:ec:3b:
09:f5:fb:be:6d:15:e0:d9:53:6a:80:cf:6b:de:aa:
2f:78:98:e6:ed:52:27:41:17:32:ee:2f:5b:0c:3a:
d5:54:4e:11:eb:d8:db:0f:7d:31:64:f2:5c:7b:3e:
e3:2c:14:2f:b4:19:34:66:c5:25:ee:6a:07:4a:04:
01:52:58:a9:f1:04:b2:58:1a:77:dc:c1:df:a1:3d:
c3:0b:47:44:c3:9e:e6:c0:af:4c:1e:51:ad:bc:d3:
5a:b9:cc:36:6c:e5:9d:36:27:c0:64:94:31:77:a1:
32:d8:bd:72:e2:a1:cf:fe:59:88:c5:48:1b:d9:47:
f6:c4:96:22:0f:27:81:6a:92:73:b8:34:e7:ba:60:
20:cc:19:0b:7e:85:9f:b8:97:a9:ff:c1:7a:76:b9:
22:21:16:12:e6:a8:a4:d2:1d:0b:68:18:ab:f9:b4:
68:db:f6:4c:2d:9f:02:1e:2a:b9:cf:8c:d7:c7:c1:
51:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:8A:AF:D8:A0:2A:4E:ED:BE:61:F1:D8:8A:61:46:E9:B1:DF:75:F4
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS401000.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.44.0/24
Signature Algorithm: sha256WithRSAEncryption
88:05:a4:9b:47:7a:86:05:9b:fa:e6:82:3e:6a:c6:b1:da:f6:
62:f4:b7:8f:e4:c7:e2:82:c7:f0:6b:6f:d0:f3:b9:74:36:64:
4f:cf:2b:e4:45:f2:dd:5c:a4:01:dd:e7:04:04:d4:0a:0c:55:
3c:15:7d:bf:29:ee:65:21:ac:e9:b9:00:2b:b1:9f:45:7d:c1:
30:74:1a:8f:7e:75:24:7b:4b:ed:fd:19:7d:37:3a:84:a8:88:
db:a2:3b:94:d3:75:80:c0:d8:2a:6d:53:81:f5:b7:b2:89:47:
c4:59:59:47:21:0e:78:07:be:c3:59:e6:aa:e0:e6:83:95:86:
d9:d4:50:bb:c2:21:00:01:95:08:48:ac:ce:30:1e:4b:40:e4:
20:a5:0e:a7:03:8e:a2:55:9e:c0:6c:f4:09:f4:ff:40:12:39:
d0:63:da:36:0b:4f:bd:6c:93:05:6a:e6:a9:93:99:47:75:80:
f9:b6:fe:c5:d9:a8:18:45:dc:4e:da:b9:c7:af:70:89:5d:80:
19:a6:ac:12:9e:a0:74:18:a0:d3:1a:d3:d9:93:28:8c:53:17:
e3:99:9e:97:f8:51:12:19:b7:d4:dc:f9:f4:a5:8a:0c:83:70:
00:48:59:8b:55:15:79:35:77:93:9d:0c:93:7c:b2:98:d3:72:
80:58:7a:23
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUAmcCSZBBDLLciRbCQ7oZIEVIEdMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA0MjIyMDU0MDdaFw0yNTA0MjEyMDU5MDdaMDMxMTAvBgNV
BAMTKEZGOEFBRkQ4QTAyQTRFRURCRTYxRjFEODhBNjE0NkU5QjFERjc1RjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNcVSj8+Km1BHHMNuGruiAUTaW
Go65AUFr1RLYbKWVlGKK9vyCJy4ylM7/PUwCw+0Rx3lnFziuvNd7s2dtupBlN2cf
9krJbWrsOwn1+75tFeDZU2qAz2veqi94mObtUidBFzLuL1sMOtVUThHr2NsPfTFk
8lx7PuMsFC+0GTRmxSXuagdKBAFSWKnxBLJYGnfcwd+hPcMLR0TDnubAr0weUa28
01q5zDZs5Z02J8BklDF3oTLYvXLioc/+WYjFSBvZR/bEliIPJ4FqknO4NOe6YCDM
GQt+hZ+4l6n/wXp2uSIhFhLmqKTSHQtoGKv5tGjb9kwtnwIeKrnPjNfHwVF9AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU/4qv2KAqTu2+YfHYimFG6bHfdfQwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDAxMDAwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtdYs
MA0GCSqGSIb3DQEBCwUAA4IBAQCIBaSbR3qGBZv65oI+asax2vZi9LeP5Mfigsfw
a2/Q87l0NmRPzyvkRfLdXKQB3ecEBNQKDFU8FX2/Ke5lIazpuQArsZ9FfcEwdBqP
fnUke0vt/Rl9NzqEqIjbojuU03WAwNgqbVOB9beyiUfEWVlHIQ54B77DWeaq4OaD
lYbZ1FC7wiEAAZUISKzOMB5LQOQgpQ6nA46iVZ7AbPQJ9P9AEjnQY9o2C0+9bJMF
auapk5lHdYD5tv7F2agYRdxO2rnHr3CJXYAZpqwSnqB0GKDTGtPZkyiMUxfjmZ6X
+FESGbfU3Pn0pYoMg3AASFmLVRV5NXeTnQyTfLKY03KAWHoj
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:44:48 2024 by rpki-client on console-fra.rpki-client.org