Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS132825.roa
File: AS132825.roa (raw, json)
Hash identifier: +XQqsCsDFEUgU74V66DyjxbTZ29oFCtkT9XEI4vXO8U=
Subject key identifier: 63:B3:08:82:C1:14:FB:02:7D:C8:CE:9E:AB:9B:BE:7E:67:66:3A:9F
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 2A8B9F5F1973C749A5F5D38A8EDD94E549D1718F
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS132825.roa
Signing time: Wed 01 Jan 2025 08:53:49 +0000
ROA not before: Wed 01 Jan 2025 08:48:49 +0000
ROA not after: Wed 31 Dec 2025 08:53:49 +0000
asID: 132825
IP address blocks: 181.215.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:12:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:8b:9f:5f:19:73:c7:49:a5:f5:d3:8a:8e:dd:94:e5:49:d1:71:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 1 08:48:49 2025 GMT
Not After : Dec 31 08:53:49 2025 GMT
Subject: CN=63B30882C114FB027DC8CE9EAB9BBE7E67663A9F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ca:33:2f:da:37:54:4d:ac:17:01:8f:4d:20:
b3:49:19:67:8a:c8:3c:38:85:ea:dc:c2:8a:39:c9:
14:23:14:a2:66:03:11:63:93:7c:8b:74:56:b4:41:
97:fc:ab:bf:59:2e:4a:82:34:7c:6a:b1:bd:e1:d1:
16:73:c7:32:4d:8f:41:a5:a8:f0:bc:1c:51:15:5f:
9b:44:8d:25:39:31:9c:95:8e:39:4f:9e:87:ac:77:
21:29:ec:1a:43:27:28:86:33:2b:5c:7a:ac:e3:89:
82:45:69:81:56:0b:4f:b2:46:b5:df:66:e6:76:f0:
49:86:9f:b3:cc:04:6a:a7:2d:88:b6:8a:05:4c:be:
61:34:49:81:ed:96:8d:d6:ce:0e:25:a8:0c:2c:1d:
76:4a:df:7a:88:f0:3f:04:bc:af:6b:1a:e6:0a:00:
c6:29:84:a1:c9:b6:13:5b:15:24:c9:fa:05:3a:58:
dd:da:c4:59:a4:2f:ec:fd:5c:0c:a5:14:fd:ba:37:
8b:f8:a9:c1:90:f8:3a:e1:94:09:de:44:09:8c:23:
36:ed:69:fa:38:e5:a0:3d:a8:96:32:09:1a:95:a7:
0d:15:b2:54:cd:71:94:72:02:cf:39:a0:4e:47:84:
26:ac:94:32:aa:d1:a7:de:8e:73:f1:62:5c:8a:53:
9d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:B3:08:82:C1:14:FB:02:7D:C8:CE:9E:AB:9B:BE:7E:67:66:3A:9F
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS132825.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.215.252.0/24
Signature Algorithm: sha256WithRSAEncryption
27:2d:48:f6:5c:53:af:38:0f:e3:91:22:e6:82:e8:30:b5:14:
a9:51:7c:ff:f5:0a:d7:16:87:eb:3c:92:9f:75:aa:14:02:c4:
89:59:e7:e6:ab:ba:ed:47:e3:f3:c5:00:47:04:94:61:84:2a:
fa:24:45:db:d6:4e:b2:54:1e:18:6e:06:a3:8e:13:1c:45:c0:
ce:1d:17:5e:78:2e:c4:9b:7d:48:d8:ba:6e:fe:22:74:d5:1c:
c7:db:cc:50:01:2a:fc:54:b4:b8:69:d3:04:02:d2:ed:12:b1:
26:55:a4:0e:2c:77:30:31:bb:8d:6a:df:90:47:93:5c:06:43:
be:23:53:8b:49:47:b8:e5:12:fa:7b:8e:18:35:4b:35:0f:47:
df:48:f4:78:3d:d6:7a:b2:62:23:d7:26:47:5c:c9:f2:ba:1d:
7b:33:ca:71:a9:96:f2:85:98:65:9c:05:86:2b:c8:81:20:2b:
78:cb:33:98:ad:87:d8:bb:e6:e5:5f:05:16:11:70:34:78:66:
85:01:dd:6c:47:0f:8b:a3:ec:48:6e:f5:56:ca:30:85:7c:99:
7d:88:e9:9c:07:ef:bd:e7:7b:79:00:7c:8b:eb:21:b4:ff:ee:
58:19:ca:d9:b7:36:e6:af:54:9d:95:b5:74:8b:70:69:35:64:
0b:10:a1:d7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUKoufXxlzx0ml9dOKjt2U5UnRcY8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAxMDEwODQ4NDlaFw0yNTEyMzEwODUzNDlaMDMxMTAvBgNV
BAMTKDYzQjMwODgyQzExNEZCMDI3REM4Q0U5RUFCOUJCRTdFNjc2NjNBOUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/yjMv2jdUTawXAY9NILNJGWeK
yDw4hercwoo5yRQjFKJmAxFjk3yLdFa0QZf8q79ZLkqCNHxqsb3h0RZzxzJNj0Gl
qPC8HFEVX5tEjSU5MZyVjjlPnoesdyEp7BpDJyiGMytceqzjiYJFaYFWC0+yRrXf
ZuZ28EmGn7PMBGqnLYi2igVMvmE0SYHtlo3Wzg4lqAwsHXZK33qI8D8EvK9rGuYK
AMYphKHJthNbFSTJ+gU6WN3axFmkL+z9XAylFP26N4v4qcGQ+DrhlAneRAmMIzbt
afo45aA9qJYyCRqVpw0VslTNcZRyAs85oE5HhCaslDKq0afejnPxYlyKU50XAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUY7MIgsEU+wJ9yM6eq5u+fmdmOp8wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTMyODI1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtdf8
MA0GCSqGSIb3DQEBCwUAA4IBAQAnLUj2XFOvOA/jkSLmgugwtRSpUXz/9QrXFofr
PJKfdaoUAsSJWefmq7rtR+PzxQBHBJRhhCr6JEXb1k6yVB4YbgajjhMcRcDOHRde
eC7Em31I2Lpu/iJ01RzH28xQASr8VLS4adMEAtLtErEmVaQOLHcwMbuNat+QR5Nc
BkO+I1OLSUe45RL6e44YNUs1D0ffSPR4PdZ6smIj1yZHXMnyuh17M8pxqZbyhZhl
nAWGK8iBICt4yzOYrYfYu+blXwUWEXA0eGaFAd1sRw+Lo+xIbvVWyjCFfJl9iOmc
B++953t5AHyL6yG0/+5YGcrZtzbmr1SdlbV0i3BpNWQLEKHX
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:53 2025 by rpki-client