Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: 3EWr59iVhXxvsCPIChFcnkM7IhIIWiG8/PLaRjokC+M=
Subject key identifier: 70:8B:2A:91:73:DE:C7:68:F0:C1:21:18:A2:07:47:C0:52:79:5B:EF
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 052CC1611027ECF3F6203EFF836BA5668896FE0A
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS40676.roa
Signing time: Fri 15 Mar 2024 22:52:21 +0000
ROA not before: Fri 15 Mar 2024 22:47:21 +0000
ROA not after: Fri 14 Mar 2025 22:52:21 +0000
asID: 40676
IP address blocks: 179.61.238.0/24 maxlen: 24
181.215.74.0/24 maxlen: 24
181.215.75.0/24 maxlen: 24
181.215.76.0/24 maxlen: 24
181.215.77.0/24 maxlen: 24
181.215.121.0/24 maxlen: 24
181.215.122.0/24 maxlen: 24
181.215.123.0/24 maxlen: 24
191.96.134.0/24 maxlen: 24
191.101.7.0/24 maxlen: 24
191.101.44.0/22 maxlen: 24
191.101.44.0/24 maxlen: 24
191.101.45.0/24 maxlen: 24
191.101.46.0/24 maxlen: 24
191.101.47.0/24 maxlen: 24
191.101.64.0/24 maxlen: 24
191.101.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:2c:c1:61:10:27:ec:f3:f6:20:3e:ff:83:6b:a5:66:88:96:fe:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 15 22:47:21 2024 GMT
Not After : Mar 14 22:52:21 2025 GMT
Subject: CN=708B2A9173DEC768F0C12118A20747C052795BEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4f:ce:d1:2b:6b:7b:84:17:0c:3e:63:c6:2f:
9a:3c:ed:36:4a:16:84:ff:f0:93:c5:81:df:7f:00:
a5:a6:38:ae:12:3a:38:a8:88:db:41:4c:c5:6b:71:
4b:14:c4:c7:6c:e5:40:b0:ca:fd:87:2b:1f:9c:a5:
22:1f:ac:42:8e:a4:81:6c:2f:99:d5:d0:da:ba:97:
fb:f8:d5:37:68:4b:ae:82:d7:29:fd:e2:d2:a1:54:
ad:43:b1:0d:39:d2:25:45:50:af:f5:26:2a:d1:4e:
0b:f7:cc:8b:58:f2:fe:46:62:26:16:5d:3c:bd:6e:
31:64:2f:11:5f:6a:c3:81:ac:32:79:25:1e:ae:9a:
5b:3e:b8:4d:ac:48:f4:bc:5a:99:81:9d:e1:ab:9b:
d8:0c:e0:74:9e:d8:a0:15:b4:b6:37:05:e5:a1:09:
1d:8c:5b:64:ef:fb:18:f9:c3:07:1d:79:1b:22:76:
d1:a4:35:14:4c:45:4f:f0:33:57:77:8f:ad:c0:2e:
9b:f0:dc:23:82:05:73:3f:c8:76:c3:e7:7a:eb:c2:
94:99:99:02:81:c2:3f:33:00:a4:51:c4:70:2e:57:
86:b9:81:b1:9f:e2:75:27:63:90:c3:ad:30:ba:e8:
77:ac:9a:09:46:0a:7c:6f:45:51:04:4e:33:09:1f:
a4:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:8B:2A:91:73:DE:C7:68:F0:C1:21:18:A2:07:47:C0:52:79:5B:EF
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.238.0/24
181.215.74.0-181.215.77.255
181.215.121.0-181.215.123.255
191.96.134.0/24
191.101.7.0/24
191.101.44.0/22
191.101.64.0/24
191.101.68.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:28:2b:0f:b3:0c:c8:ef:78:a8:63:a8:b5:6d:a0:a6:a0:91:
bd:bf:a0:92:57:32:c1:1a:c8:5c:32:fe:4c:87:60:e7:29:b9:
79:45:05:4c:3e:2c:d0:cc:94:bb:fe:2b:e9:38:03:98:85:bc:
5f:92:bd:6e:6d:04:f0:3f:1a:82:ad:6b:21:a0:05:17:6b:2e:
7c:f9:e5:29:7f:cd:b3:a7:47:32:5f:31:86:09:ae:55:02:f7:
01:71:c2:3c:cf:12:79:ac:26:c1:af:e4:62:81:f6:94:da:6e:
cc:2e:6e:03:f8:66:68:93:95:8e:17:37:f2:dc:20:74:d7:46:
85:9a:d8:45:6d:c5:90:69:fd:42:12:ff:84:f2:b6:b4:65:47:
eb:59:bd:24:d7:16:59:32:24:2c:92:d6:7f:eb:6d:22:ba:9d:
5e:2f:dd:f1:ee:ec:46:98:1d:14:24:51:eb:97:e2:29:0a:af:
93:36:33:b8:5d:83:65:7f:21:71:0e:bf:c6:96:67:70:ea:9f:
22:c8:72:c7:d2:1d:f3:9e:82:95:28:05:1e:23:23:25:b5:bb:
14:9b:ce:d6:2a:ed:e0:5d:6f:e9:69:a5:d5:04:51:61:a1:f5:
c7:a8:c9:c5:94:0a:b9:b1:63:ef:8e:b3:1c:dc:71:30:0d:e8:
d2:ba:a3:50
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIUBSzBYRAn7PP2ID7/g2ulZoiW/gowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAzMTUyMjQ3MjFaFw0yNTAzMTQyMjUyMjFaMDMxMTAvBgNV
BAMTKDcwOEIyQTkxNzNERUM3NjhGMEMxMjExOEEyMDc0N0MwNTI3OTVCRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvT87RK2t7hBcMPmPGL5o87TZK
FoT/8JPFgd9/AKWmOK4SOjioiNtBTMVrcUsUxMds5UCwyv2HKx+cpSIfrEKOpIFs
L5nV0Nq6l/v41TdoS66C1yn94tKhVK1DsQ050iVFUK/1JirRTgv3zItY8v5GYiYW
XTy9bjFkLxFfasOBrDJ5JR6umls+uE2sSPS8WpmBneGrm9gM4HSe2KAVtLY3BeWh
CR2MW2Tv+xj5wwcdeRsidtGkNRRMRU/wM1d3j63ALpvw3COCBXM/yHbD53rrwpSZ
mQKBwj8zAKRRxHAuV4a5gbGf4nUnY5DDrTC66HesmglGCnxvRVEETjMJH6RRAgMB
AAGjggJDMIICPzAdBgNVHQ4EFgQUcIsqkXPex2jwwSEYogdHwFJ5W+8wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwWQYIKwYBBQUHAQcBAf8ESjBIMEYEAgABMEADBACzPe4w
DAMEAbXXSgMEAbXXTDAMAwQAtdd5AwQCtdd4AwQAv2CGAwQAv2UHAwQCv2UsAwQA
v2VAAwQAv2VEMA0GCSqGSIb3DQEBCwUAA4IBAQBrKCsPswzI73ioY6i1baCmoJG9
v6CSVzLBGshcMv5Mh2DnKbl5RQVMPizQzJS7/ivpOAOYhbxfkr1ubQTwPxqCrWsh
oAUXay58+eUpf82zp0cyXzGGCa5VAvcBccI8zxJ5rCbBr+RigfaU2m7MLm4D+GZo
k5WOFzfy3CB010aFmthFbcWQaf1CEv+E8ra0ZUfrWb0k1xZZMiQsktZ/620iup1e
L93x7uxGmB0UJFHrl+IpCq+TNjO4XYNlfyFxDr/Glmdw6p8iyHLH0h3znoKVKAUe
IyMltbsUm87WKu3gXW/paaXVBFFhofXHqMnFlAq5sWPvjrMc3HEwDejSuqNQ
-----END CERTIFICATE-----
Generated at Mon May 6 01:02:58 2024 by rpki-client on console-ams.rpki-client.org