Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS137409.roa
File: AS137409.roa (raw, json)
Hash identifier: eT6MRMrY3f3IelwonaELbZGpP4NyvMBELOG4vFXKkl4=
Subject key identifier: D9:F3:CB:47:15:14:9B:5A:6D:4E:6D:CB:DE:C2:C7:75:22:07:05:D7
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 08A585469AF21887F02F6554AA5524ACB375C4AA
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS137409.roa
Signing time: Wed 27 Mar 2024 14:46:50 +0000
ROA not before: Wed 27 Mar 2024 14:41:50 +0000
ROA not after: Wed 26 Mar 2025 14:46:50 +0000
asID: 137409
IP address blocks: 5.252.80.0/24 maxlen: 24
179.61.174.0/24 maxlen: 24
185.141.167.0/24 maxlen: 24
2a0a:ce00::/32 maxlen: 48
2a0a:ce01::/32 maxlen: 48
2a0a:ce02::/32 maxlen: 48
2a0a:ce03::/32 maxlen: 48
2a0a:ce04::/32 maxlen: 48
2a0a:ce05::/32 maxlen: 48
2a0a:ce06::/32 maxlen: 48
2a0a:ce07::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:a5:85:46:9a:f2:18:87:f0:2f:65:54:aa:55:24:ac:b3:75:c4:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 27 14:41:50 2024 GMT
Not After : Mar 26 14:46:50 2025 GMT
Subject: CN=D9F3CB4715149B5A6D4E6DCBDEC2C775220705D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:8a:e5:9d:d9:84:86:e8:25:f3:58:78:ff:04:
75:1e:0b:e0:45:18:08:b3:fe:b7:1a:e7:4e:68:5d:
49:c1:cb:26:91:ca:fe:87:00:08:8b:5a:8a:a2:d3:
33:ba:d0:71:7c:a8:4a:47:a9:1e:73:36:29:a4:91:
37:64:d3:db:e4:78:c6:13:c5:85:f2:43:38:c9:e5:
b0:1a:98:61:c1:90:22:ae:d3:53:84:98:f2:59:c4:
c7:43:25:07:ea:dc:1d:61:5c:5b:8a:57:7e:e8:2a:
e6:68:bc:5b:d3:2b:2c:c8:bf:7c:52:be:33:13:4d:
0a:88:06:a3:4f:03:00:8a:9c:d4:a3:76:cb:cb:4f:
06:01:5d:d1:31:2a:a1:21:ae:10:ba:30:20:37:54:
a6:91:58:8f:5f:a4:ca:20:5b:20:76:a4:0e:64:65:
af:6c:bc:a7:d7:7a:48:43:fe:50:00:cd:ad:7a:82:
f4:2f:da:18:9a:da:d3:f8:71:cc:7f:37:57:f8:ac:
d5:cd:0a:8d:a5:8a:44:9e:9a:00:31:4c:43:5b:cd:
e0:dc:d4:14:43:48:9f:49:ac:dc:56:8d:e4:2e:60:
40:e7:94:f9:e6:29:55:13:98:76:84:bf:6c:50:60:
22:6f:68:76:bb:d9:76:57:b1:42:26:5d:ba:be:4f:
5b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:F3:CB:47:15:14:9B:5A:6D:4E:6D:CB:DE:C2:C7:75:22:07:05:D7
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS137409.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.80.0/24
179.61.174.0/24
185.141.167.0/24
IPv6:
2a0a:ce00::/29
Signature Algorithm: sha256WithRSAEncryption
59:9a:8f:8e:67:3a:19:52:02:86:ea:95:49:2a:4b:13:a3:08:
23:c9:51:40:39:93:8a:33:2c:e4:71:60:c8:cb:f7:ab:63:f6:
73:fe:96:4c:c4:24:47:92:71:0f:ec:b1:bd:8d:39:c0:a9:13:
92:5d:79:1c:40:92:d7:07:44:db:25:89:b4:b6:12:0d:f1:13:
ff:9b:83:93:81:e2:7f:bb:9b:6b:b7:cb:7d:fd:dc:10:9d:14:
04:78:69:da:c7:2d:bf:01:f7:65:09:40:a3:b1:e2:f3:46:27:
0c:17:3e:b3:ab:7d:93:f9:c8:2a:1d:b6:19:77:2e:d9:b5:ca:
cf:14:da:11:a0:a6:60:da:3f:b5:b1:ec:c8:d8:fc:db:23:31:
31:b7:b5:aa:ef:c6:58:6e:f7:80:24:6c:cf:1c:81:44:9c:9f:
37:23:9c:37:ff:ae:45:a0:4a:ab:53:99:83:dd:48:67:d3:e9:
53:b7:15:15:65:bb:fd:50:c5:ac:4a:75:ba:f1:bb:ea:8b:1c:
6f:5d:b3:93:ac:fb:8f:ee:ff:1a:7e:7c:69:a7:7a:a4:87:03:
42:e9:f5:aa:39:0b:f8:dc:6c:ae:97:9a:18:f1:3e:ae:c6:ba:
dc:fc:cc:41:af:5a:da:5c:da:06:bf:97:a1:f9:85:3b:bd:17:
a4:99:5f:a8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIUCKWFRpryGIfwL2VUqlUkrLN1xKowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAzMjcxNDQxNTBaFw0yNTAzMjYxNDQ2NTBaMDMxMTAvBgNV
BAMTKEQ5RjNDQjQ3MTUxNDlCNUE2RDRFNkRDQkRFQzJDNzc1MjIwNzA1RDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRiuWd2YSG6CXzWHj/BHUeC+BF
GAiz/rca505oXUnByyaRyv6HAAiLWoqi0zO60HF8qEpHqR5zNimkkTdk09vkeMYT
xYXyQzjJ5bAamGHBkCKu01OEmPJZxMdDJQfq3B1hXFuKV37oKuZovFvTKyzIv3xS
vjMTTQqIBqNPAwCKnNSjdsvLTwYBXdExKqEhrhC6MCA3VKaRWI9fpMogWyB2pA5k
Za9svKfXekhD/lAAza16gvQv2hia2tP4ccx/N1f4rNXNCo2likSemgAxTENbzeDc
1BRDSJ9JrNxWjeQuYEDnlPnmKVUTmHaEv2xQYCJvaHa72XZXsUImXbq+T1vNAgMB
AAGjggIlMIICITAdBgNVHQ4EFgQU2fPLRxUUm1ptTm3L3sLHdSIHBdcwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTM3NDA5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQABfxQ
AwQAsz2uAwQAuY2nMA0EAgACMAcDBQMqCs4AMA0GCSqGSIb3DQEBCwUAA4IBAQBZ
mo+OZzoZUgKG6pVJKksTowgjyVFAOZOKMyzkcWDIy/erY/Zz/pZMxCRHknEP7LG9
jTnAqROSXXkcQJLXB0TbJYm0thIN8RP/m4OTgeJ/u5trt8t9/dwQnRQEeGnaxy2/
AfdlCUCjseLzRicMFz6zq32T+cgqHbYZdy7ZtcrPFNoRoKZg2j+1sezI2PzbIzEx
t7Wq78ZYbveAJGzPHIFEnJ83I5w3/65FoEqrU5mD3Uhn0+lTtxUVZbv9UMWsSnW6
8bvqixxvXbOTrPuP7v8afnxpp3qkhwNC6fWqOQv43Gyul5oY8T6uxrrc/MxBr1ra
XNoGv5eh+YU7vRekmV+o
-----END CERTIFICATE-----
Generated at Fri May 10 02:01:21 2024 by rpki-client on console-ams.rpki-client.org