Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS135375.roa
File: AS135375.roa (raw, json)
Hash identifier: pXNu23QKbKLDXhT2LMDIYJKjj1FNZYMxlZD4PZW26WE=
Subject key identifier: 2C:DC:C3:E9:B2:0B:0E:5E:78:B7:B2:AD:FB:D4:89:B5:B7:D2:95:CE
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 7DCBBA0D6286C517AB5A7D45608EF75A3919221F
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS135375.roa
Signing time: Tue 22 Aug 2023 00:00:13 +0000
ROA not before: Mon 21 Aug 2023 23:55:13 +0000
ROA not after: Tue 20 Aug 2024 00:00:13 +0000
asID: 135375
IP address blocks: 45.133.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:cb:ba:0d:62:86:c5:17:ab:5a:7d:45:60:8e:f7:5a:39:19:22:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Aug 21 23:55:13 2023 GMT
Not After : Aug 20 00:00:13 2024 GMT
Subject: CN=2CDCC3E9B20B0E5E78B7B2ADFBD489B5B7D295CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fe:17:33:bb:68:98:dc:51:bf:6b:93:ed:a8:
e0:0d:78:4c:8a:f0:58:56:b1:8e:5f:bf:6c:c4:25:
08:01:a5:40:df:9d:ab:d5:d7:99:f0:ee:7e:df:36:
68:a5:8f:7b:d2:63:48:d3:59:f2:aa:f4:e2:e2:cc:
a6:0b:13:41:b2:9a:f2:98:53:68:1a:dd:3a:87:36:
80:9a:17:94:1c:43:54:b3:47:81:e1:a7:e0:da:37:
30:97:76:8e:6a:3d:a9:83:d2:1b:ea:6a:03:96:00:
d7:a0:61:40:4b:29:ed:87:d7:52:ef:90:2a:e5:2d:
fa:fa:df:d7:6a:1a:96:21:6f:ed:5d:44:4b:1e:7c:
91:f8:f7:63:ba:dc:75:5f:c1:41:3f:91:e7:b2:a8:
3b:e4:3d:5e:02:dc:17:d6:39:41:05:a6:8a:45:f1:
a3:e7:93:e3:ae:6c:19:ac:83:14:c5:62:04:63:a6:
88:c1:fa:83:9a:47:d9:d7:13:31:22:a7:9e:2e:ba:
6a:e8:cc:46:7a:18:a5:5e:b7:21:6d:60:ad:7c:3e:
fa:09:ff:95:c4:86:c6:f6:63:e8:6d:b0:4c:90:4a:
d6:59:17:33:1a:a6:42:92:c7:0e:fe:6e:64:27:ff:
b7:ef:23:57:11:b2:d0:f7:d3:c9:f6:95:5b:61:8c:
ff:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:DC:C3:E9:B2:0B:0E:5E:78:B7:B2:AD:FB:D4:89:B5:B7:D2:95:CE
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS135375.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.168.0/24
Signature Algorithm: sha256WithRSAEncryption
30:69:41:f6:81:0d:bd:cd:b5:87:1a:0f:79:3a:88:a3:e9:25:
8d:85:f1:b7:8c:e1:1a:b7:6d:fd:c6:aa:77:e0:52:cf:1b:86:
42:52:a8:df:2a:11:6d:a5:8a:2a:29:f6:58:73:28:48:5a:0d:
fe:08:33:eb:8a:68:45:38:dd:17:2d:54:0e:cc:db:46:46:4a:
87:4b:f6:04:4c:6e:76:ff:e0:59:32:f6:94:84:6e:9b:e1:25:
bb:fc:7e:37:d6:2c:34:e9:6b:12:2b:b4:33:ed:fb:0f:5c:cc:
2b:ba:10:96:0f:77:60:a0:db:34:68:b5:ce:6e:27:bb:ec:6c:
c5:37:4d:08:44:cc:ec:05:c8:c0:59:cd:48:22:44:16:6b:ba:
f7:04:b4:b6:fe:33:70:62:ae:ae:95:38:4f:1e:2b:63:e3:5d:
23:8a:a3:64:2a:2b:1f:f5:8d:f3:2d:4f:be:0d:dd:e8:36:b9:
e8:b9:6f:a4:e7:6f:9a:c9:f9:31:63:7d:a8:17:da:75:f0:1c:
5d:b0:7a:e8:97:17:f9:0f:13:39:ab:98:2a:8d:26:29:8e:d1:
92:90:94:51:69:92:56:c7:44:d1:55:c5:ff:c7:ae:d8:79:d7:
c4:dd:7f:9f:9a:15:cc:76:5a:93:54:c9:51:2f:ad:a9:69:4a:
c1:6a:67:85
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUfcu6DWKGxRerWn1FYI73WjkZIh8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzA4MjEyMzU1MTNaFw0yNDA4MjAwMDAwMTNaMDMxMTAvBgNV
BAMTKDJDRENDM0U5QjIwQjBFNUU3OEI3QjJBREZCRDQ4OUI1QjdEMjk1Q0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk/hczu2iY3FG/a5PtqOANeEyK
8FhWsY5fv2zEJQgBpUDfnavV15nw7n7fNmilj3vSY0jTWfKq9OLizKYLE0GymvKY
U2ga3TqHNoCaF5QcQ1SzR4Hhp+DaNzCXdo5qPamD0hvqagOWANegYUBLKe2H11Lv
kCrlLfr639dqGpYhb+1dREsefJH492O63HVfwUE/keeyqDvkPV4C3BfWOUEFpopF
8aPnk+OubBmsgxTFYgRjpojB+oOaR9nXEzEip54uumrozEZ6GKVetyFtYK18PvoJ
/5XEhsb2Y+htsEyQStZZFzMapkKSxw7+bmQn/7fvI1cRstD308n2lVthjP8pAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQULNzD6bILDl54t7Kt+9SJtbfSlc4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTM1Mzc1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYWo
MA0GCSqGSIb3DQEBCwUAA4IBAQAwaUH2gQ29zbWHGg95Ooij6SWNhfG3jOEat239
xqp34FLPG4ZCUqjfKhFtpYoqKfZYcyhIWg3+CDPrimhFON0XLVQOzNtGRkqHS/YE
TG52/+BZMvaUhG6b4SW7/H431iw06WsSK7Qz7fsPXMwruhCWD3dgoNs0aLXObie7
7GzFN00IRMzsBcjAWc1IIkQWa7r3BLS2/jNwYq6ulThPHitj410jiqNkKisf9Y3z
LU++Dd3oNrnouW+k52+ayfkxY32oF9p18BxdsHrolxf5DxM5q5gqjSYpjtGSkJRR
aZJWx0TRVcX/x67YedfE3X+fmhXMdlqTVMlRL62paUrBameF
-----END CERTIFICATE-----
Generated at Sat Apr 27 19:18:06 2024 by rpki-client on console-ams.rpki-client.org