Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS13627.roa
File: AS13627.roa (raw, json)
Hash identifier: wYOrRuynIGFaKNp1810Y3XP73WGOPWsFGABW0xeaTk8=
Subject key identifier: A3:C8:8F:42:76:9E:86:92:D3:E5:21:54:F6:51:B1:82:56:0D:4E:87
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 41F6F78E460C363DDF025F89DBE7EF37D20AA2E3
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS13627.roa
Signing time: Wed 31 Jan 2024 08:05:09 +0000
ROA not before: Wed 31 Jan 2024 08:00:09 +0000
ROA not after: Wed 29 Jan 2025 08:05:09 +0000
asID: 13627
IP address blocks: 185.137.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:f6:f7:8e:46:0c:36:3d:df:02:5f:89:db:e7:ef:37:d2:0a:a2:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 31 08:00:09 2024 GMT
Not After : Jan 29 08:05:09 2025 GMT
Subject: CN=A3C88F42769E8692D3E52154F651B182560D4E87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:68:67:4a:44:01:3d:20:a5:6d:d0:b4:e9:6f:
82:53:0c:eb:85:d6:2e:01:fd:bd:af:30:54:24:82:
28:25:b5:0a:05:87:2e:ce:1c:5b:4a:e5:e6:50:7f:
18:85:6d:32:cc:c6:3e:53:9b:ba:a4:9a:02:b4:04:
bf:75:d3:50:9d:f6:d4:1c:cf:39:f8:1e:68:a5:6f:
9f:8d:f4:cd:39:97:30:40:bd:1d:b7:cb:df:41:3a:
3b:67:31:c9:e3:e0:12:2c:0c:49:f0:57:3b:ca:92:
6e:ba:fc:6d:41:a8:fd:ef:f6:c6:56:19:d3:ca:63:
01:19:6b:b2:b9:5c:0f:5a:30:24:4c:b8:e4:8e:4d:
51:aa:9f:8d:16:f9:89:8c:a0:ed:e1:b4:06:0b:e7:
87:20:f2:2f:a2:dd:28:d0:27:84:c1:d2:0d:3f:ad:
6e:8c:83:a9:4e:49:52:66:30:57:76:b0:3f:cc:7c:
4f:4c:98:e4:55:88:f4:24:11:3b:18:54:c5:e1:af:
fd:24:ad:23:7e:12:92:12:3b:09:0a:0a:2a:61:00:
c3:46:10:f4:32:7e:7a:e4:da:07:b0:11:e4:d3:fd:
29:af:4d:71:68:b9:57:aa:70:21:70:94:f3:76:7f:
fb:a1:56:17:d7:64:9d:4f:72:c9:4d:3e:32:bf:7f:
9d:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:C8:8F:42:76:9E:86:92:D3:E5:21:54:F6:51:B1:82:56:0D:4E:87
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS13627.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.94.0/24
Signature Algorithm: sha256WithRSAEncryption
02:2b:8f:80:6d:9a:ff:da:a2:c2:8f:42:14:f4:33:37:6a:8e:
9c:26:b4:71:1c:a5:c0:12:0b:6c:bc:09:bd:1b:20:f3:13:d8:
6a:d3:44:4e:f5:29:f9:3a:a0:1e:97:0d:7f:a3:ba:96:49:cc:
25:74:d7:73:92:22:e1:4f:fd:ba:ec:a9:6b:f2:6b:5f:28:4b:
46:f8:c6:d1:0d:8b:6c:03:ba:6a:cd:78:4d:e7:39:18:45:ce:
9a:5a:08:05:e8:8c:0f:79:2b:89:4f:49:ad:35:d0:43:62:b8:
2c:8a:9a:c9:f0:27:33:39:0b:73:73:a4:38:75:be:ba:fb:4a:
7a:45:87:dd:0d:cc:36:e1:63:e7:0b:45:af:19:95:fa:68:60:
95:38:1c:46:54:9a:65:4f:58:53:ed:3d:1b:46:87:ce:b1:42:
f3:a7:43:30:b7:ea:26:b4:30:c4:6b:ef:32:c2:ab:cd:1e:a9:
c4:d2:87:07:9e:56:db:aa:ab:f6:cc:55:d0:87:d7:41:df:75:
8b:7a:6e:13:c6:26:11:c1:7f:75:ed:aa:fb:e6:06:bd:60:35:
82:53:f7:16:df:cf:c5:cc:d8:5b:22:da:c4:60:f3:16:bb:d9:
9d:0a:67:4e:c3:6a:70:dd:e0:b2:d2:02:77:20:61:61:c5:b8:
60:b9:c2:98
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUQfb3jkYMNj3fAl+J2+fvN9IKouMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAxMzEwODAwMDlaFw0yNTAxMjkwODA1MDlaMDMxMTAvBgNV
BAMTKEEzQzg4RjQyNzY5RTg2OTJEM0U1MjE1NEY2NTFCMTgyNTYwRDRFODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbaGdKRAE9IKVt0LTpb4JTDOuF
1i4B/b2vMFQkgigltQoFhy7OHFtK5eZQfxiFbTLMxj5Tm7qkmgK0BL9101Cd9tQc
zzn4Hmilb5+N9M05lzBAvR23y99BOjtnMcnj4BIsDEnwVzvKkm66/G1BqP3v9sZW
GdPKYwEZa7K5XA9aMCRMuOSOTVGqn40W+YmMoO3htAYL54cg8i+i3SjQJ4TB0g0/
rW6Mg6lOSVJmMFd2sD/MfE9MmORViPQkETsYVMXhr/0krSN+EpISOwkKCiphAMNG
EPQyfnrk2gewEeTT/SmvTXFouVeqcCFwlPN2f/uhVhfXZJ1PcslNPjK/f53ZAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUo8iPQnaehpLT5SFU9lGxglYNTocwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTM2Mjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5iV4w
DQYJKoZIhvcNAQELBQADggEBAAIrj4Btmv/aosKPQhT0MzdqjpwmtHEcpcASC2y8
Cb0bIPMT2GrTRE71Kfk6oB6XDX+jupZJzCV013OSIuFP/brsqWvya18oS0b4xtEN
i2wDumrNeE3nORhFzppaCAXojA95K4lPSa010ENiuCyKmsnwJzM5C3NzpDh1vrr7
SnpFh90NzDbhY+cLRa8ZlfpoYJU4HEZUmmVPWFPtPRtGh86xQvOnQzC36ia0MMRr
7zLCq80eqcTShweeVtuqq/bMVdCH10HfdYt6bhPGJhHBf3XtqvvmBr1gNYJT9xbf
z8XM2Fsi2sRg8xa72Z0KZ07DanDd4LLSAncgYWHFuGC5wpg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:44:43 2024 by rpki-client on console-fra.rpki-client.org