Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: 4wUCRGjxCUW3hnW6lwfBJfhyFAmgd6vy3DgZOsBbLPM=
Subject key identifier: 94:BA:C2:7D:A6:82:F4:C7:F2:AA:42:E8:64:1A:83:30:D4:28:9F:92
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 6258ADEE0680291E9C476494E0C467B1B75A47BA
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
Signing time: Tue 30 Jan 2024 14:36:05 +0000
ROA not before: Tue 30 Jan 2024 14:31:05 +0000
ROA not after: Tue 28 Jan 2025 14:36:05 +0000
asID: 9009
IP address blocks: 2.57.20.0/23 maxlen: 23
2.58.172.0/24 maxlen: 24
5.45.38.0/24 maxlen: 24
45.95.14.0/24 maxlen: 24
179.61.131.0/24 maxlen: 24
179.61.150.0/24 maxlen: 24
179.61.201.0/24 maxlen: 24
181.214.3.0/24 maxlen: 24
181.214.15.0/24 maxlen: 24
181.214.19.0/24 maxlen: 24
181.214.27.0/24 maxlen: 24
181.214.28.0/24 maxlen: 24
181.214.32.0/24 maxlen: 24
181.214.55.0/24 maxlen: 24
181.214.92.0/24 maxlen: 24
181.215.149.0/24 maxlen: 24
181.215.209.0/24 maxlen: 24
185.34.42.0/24 maxlen: 24
185.135.10.0/24 maxlen: 24
185.172.66.0/24 maxlen: 24
185.173.35.0/24 maxlen: 24
185.174.63.0/24 maxlen: 24
191.96.65.0/24 maxlen: 24
191.96.69.0/24 maxlen: 24
191.96.171.0/24 maxlen: 24
191.96.173.0/24 maxlen: 24
191.101.23.0/24 maxlen: 24
191.101.90.0/24 maxlen: 24
191.101.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:58:ad:ee:06:80:29:1e:9c:47:64:94:e0:c4:67:b1:b7:5a:47:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 30 14:31:05 2024 GMT
Not After : Jan 28 14:36:05 2025 GMT
Subject: CN=94BAC27DA682F4C7F2AA42E8641A8330D4289F92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:00:c6:81:fa:2b:d0:f7:c2:f4:f7:c8:28:91:
37:7e:e1:69:35:56:e9:5b:dd:93:f0:04:08:af:7f:
64:f4:5d:ac:29:37:ec:df:b2:0b:93:f3:32:9b:4e:
eb:5e:00:28:7d:24:e7:0b:b4:f9:36:11:94:c0:12:
a2:84:0a:66:d2:54:6f:0f:dc:66:29:68:24:1a:f1:
5a:7d:8c:cb:c1:f9:16:b2:0e:29:87:d3:d9:50:33:
64:60:61:6e:84:33:db:f2:b9:81:dd:82:6a:d3:63:
83:34:12:fc:a9:c6:4e:2c:d6:6e:31:d8:74:72:61:
b6:45:c4:da:7a:9b:13:0a:49:fe:ae:66:9a:b2:51:
dd:39:6c:69:65:23:09:8a:cb:09:15:b8:d1:b9:26:
3b:86:e9:d2:6f:cf:99:1f:c5:01:cf:30:8e:3e:e8:
29:74:1c:08:98:ab:cf:21:54:0f:9f:99:2e:8f:15:
a6:7c:3c:f0:4c:97:76:29:96:0d:44:bf:2e:c1:5d:
69:78:d1:27:68:a0:06:76:78:34:1b:b1:77:e0:ba:
ca:d9:c8:55:46:98:9e:fd:24:bb:7a:08:e8:98:d2:
6e:2d:9d:72:52:1e:2a:41:9a:20:44:79:8d:c0:5f:
83:e0:15:af:1d:05:a9:41:7b:a1:cb:bd:4d:86:11:
1b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:BA:C2:7D:A6:82:F4:C7:F2:AA:42:E8:64:1A:83:30:D4:28:9F:92
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.20.0/23
2.58.172.0/24
5.45.38.0/24
45.95.14.0/24
179.61.131.0/24
179.61.150.0/24
179.61.201.0/24
181.214.3.0/24
181.214.15.0/24
181.214.19.0/24
181.214.27.0-181.214.28.255
181.214.32.0/24
181.214.55.0/24
181.214.92.0/24
181.215.149.0/24
181.215.209.0/24
185.34.42.0/24
185.135.10.0/24
185.172.66.0/24
185.173.35.0/24
185.174.63.0/24
191.96.65.0/24
191.96.69.0/24
191.96.171.0/24
191.96.173.0/24
191.101.23.0/24
191.101.90.0/24
191.101.226.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:c4:24:d4:31:e9:8a:74:87:60:22:0f:d4:ef:7d:b2:cf:d5:
3e:19:66:c8:60:9c:e6:ce:0d:12:ff:01:2a:a3:bb:0c:06:ae:
3a:a3:93:bc:b8:2b:40:13:70:a5:55:9d:a7:b0:c7:15:e8:4c:
b4:c1:e1:c6:d4:b6:7d:64:8a:95:f1:9a:fd:f2:a3:79:2e:d1:
50:2c:85:a2:e4:1b:9d:47:d9:16:dc:42:e9:be:e4:16:92:be:
a6:d1:9f:fe:c2:97:7c:c1:d6:12:2a:f8:60:21:55:02:89:a2:
c0:c6:cd:3e:67:92:37:23:83:80:8c:eb:bc:6e:c3:8e:3a:33:
b9:6a:0b:0e:f9:8a:76:25:03:b0:81:ac:96:0b:8d:63:92:5d:
c3:54:6f:2e:36:49:f0:57:40:cc:6b:9c:e4:b6:94:d5:55:61:
31:4b:5b:a0:1f:de:03:33:4c:a8:6d:60:48:ba:30:a7:94:13:
e7:68:a1:e1:21:43:b3:8d:aa:49:2d:74:2f:e6:46:ee:d2:0a:
be:8c:9c:bd:f4:ab:38:ab:7c:5f:ac:f5:40:95:3d:b7:d0:14:
94:25:e4:0f:4d:68:85:6d:fa:3e:4e:f8:81:2f:80:4a:8f:a5:
07:b4:72:76:71:07:90:0b:b5:dd:0f:7b:3c:a0:0e:54:fd:77:
c9:25:b5:f1
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgIUYlit7gaAKR6cR2SU4MRnsbdaR7owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAxMzAxNDMxMDVaFw0yNTAxMjgxNDM2MDVaMDMxMTAvBgNV
BAMTKDk0QkFDMjdEQTY4MkY0QzdGMkFBNDJFODY0MUE4MzMwRDQyODlGOTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdAMaB+ivQ98L098gokTd+4Wk1
Vulb3ZPwBAivf2T0XawpN+zfsguT8zKbTuteACh9JOcLtPk2EZTAEqKECmbSVG8P
3GYpaCQa8Vp9jMvB+RayDimH09lQM2RgYW6EM9vyuYHdgmrTY4M0Evypxk4s1m4x
2HRyYbZFxNp6mxMKSf6uZpqyUd05bGllIwmKywkVuNG5JjuG6dJvz5kfxQHPMI4+
6Cl0HAiYq88hVA+fmS6PFaZ8PPBMl3Yplg1Evy7BXWl40SdooAZ2eDQbsXfgusrZ
yFVGmJ79JLt6COiY0m4tnXJSHipBmiBEeY3AX4PgFa8dBalBe6HLvU2GERt/AgMB
AAGjggK3MIICszAdBgNVHQ4EFgQUlLrCfaaC9MfyqkLoZBqDMNQon5IwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBzQYIKwYBBQUHAQcBAf8Egb0wgbowgbcEAgABMIGwAwQB
AjkUAwQAAjqsAwQABS0mAwQALV8OAwQAsz2DAwQAsz2WAwQAsz3JAwQAtdYDAwQA
tdYPAwQAtdYTMAwDBAC11hsDBAC11hwDBAC11iADBAC11jcDBAC11lwDBAC115UD
BAC119EDBAC5IioDBAC5hwoDBAC5rEIDBAC5rSMDBAC5rj8DBAC/YEEDBAC/YEUD
BAC/YKsDBAC/YK0DBAC/ZRcDBAC/ZVoDBAC/ZeIwDQYJKoZIhvcNAQELBQADggEB
AF7EJNQx6Yp0h2AiD9TvfbLP1T4ZZshgnObODRL/ASqjuwwGrjqjk7y4K0ATcKVV
naewxxXoTLTB4cbUtn1kipXxmv3yo3ku0VAshaLkG51H2RbcQum+5BaSvqbRn/7C
l3zB1hIq+GAhVQKJosDGzT5nkjcjg4CM67xuw446M7lqCw75inYlA7CBrJYLjWOS
XcNUby42SfBXQMxrnOS2lNVVYTFLW6Af3gMzTKhtYEi6MKeUE+dooeEhQ7ONqkkt
dC/mRu7SCr6MnL30qzirfF+s9UCVPbfQFJQl5A9NaIVt+j5O+IEvgEqPpQe0cnZx
B5ALtd0PezygDlT9d8kltfE=
-----END CERTIFICATE-----
Generated at Sat Apr 27 19:18:10 2024 by rpki-client on console-ams.rpki-client.org