Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS137409.roa
File: AS137409.roa (raw, json)
Hash identifier: 7TKtwGGiw84pW80H1Sjo/hNmE02NJ1YZE3AmZPV09Ns=
Subject key identifier: B4:E3:12:6C:88:01:8C:93:3C:C4:4A:61:9E:FC:49:78:70:B7:A8:3B
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 10C67538DDECC03A49CC050F08968435F27D76BF
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS137409.roa
Signing time: Mon 07 Oct 2024 08:02:34 +0000
ROA not before: Mon 07 Oct 2024 07:57:34 +0000
ROA not after: Mon 06 Oct 2025 08:02:34 +0000
asID: 137409
IP address blocks: 5.252.80.0/24 maxlen: 24
181.214.122.0/24 maxlen: 24
185.141.167.0/24 maxlen: 24
2a0a:ce00::/32 maxlen: 48
2a0a:ce01::/32 maxlen: 48
2a0a:ce02::/32 maxlen: 48
2a0a:ce03::/32 maxlen: 48
2a0a:ce04::/32 maxlen: 48
2a0a:ce05::/32 maxlen: 48
2a0a:ce06::/32 maxlen: 48
2a0a:ce07::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:c6:75:38:dd:ec:c0:3a:49:cc:05:0f:08:96:84:35:f2:7d:76:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 7 07:57:34 2024 GMT
Not After : Oct 6 08:02:34 2025 GMT
Subject: CN=B4E3126C88018C933CC44A619EFC497870B7A83B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:ef:62:45:86:a8:79:4c:a7:77:a2:17:1f:3f:
44:82:c9:e1:8a:2e:dc:56:ce:5e:00:96:f0:20:29:
7a:a3:ed:8d:ad:26:15:98:4c:84:51:ab:6f:44:2c:
89:fc:db:50:c6:df:72:1a:da:9c:1e:9b:6f:34:ca:
51:15:72:07:d6:2d:2b:41:c6:e1:bc:87:d0:ec:f8:
5f:0d:21:e3:5f:a7:fa:80:22:84:7f:84:10:33:10:
1d:f6:14:d5:79:ef:27:87:56:cd:41:f5:3c:db:90:
f8:5c:5c:2f:4c:19:3e:f7:82:dc:31:3b:d1:4a:2d:
0d:de:48:7a:fa:06:22:c0:55:ba:67:5d:9e:45:6e:
25:bf:6e:10:65:7a:be:2b:7c:35:3c:89:1e:9c:82:
ae:d7:79:e4:82:03:8e:12:c5:ed:d0:a8:77:07:e0:
6d:60:f0:f3:96:83:9a:81:ed:38:d9:61:0d:9f:66:
97:62:c5:d0:9f:34:61:5e:69:2c:e8:9e:76:54:f7:
bd:21:4c:42:aa:20:34:b3:79:e2:c9:2b:91:be:10:
de:91:00:8e:f6:cd:8b:e5:80:99:b9:52:0e:db:4b:
ed:78:7b:9e:5a:7f:54:bd:d4:fa:b1:8a:48:3c:0c:
77:83:9a:32:39:56:9b:76:f0:d3:4d:fb:5f:7d:9f:
71:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E3:12:6C:88:01:8C:93:3C:C4:4A:61:9E:FC:49:78:70:B7:A8:3B
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS137409.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.80.0/24
181.214.122.0/24
185.141.167.0/24
IPv6:
2a0a:ce00::/29
Signature Algorithm: sha256WithRSAEncryption
93:66:38:4b:40:e2:f5:8a:b9:b7:26:f7:4b:76:46:c6:4a:19:
64:50:5b:f8:6f:9f:80:16:c1:66:ad:76:50:8e:d2:e8:08:e6:
1d:a2:1f:15:67:05:a7:04:21:4e:cd:c3:80:07:f3:89:1c:27:
a3:2f:f7:14:79:fe:eb:01:7e:e5:1d:97:03:0b:7b:0d:9e:67:
00:30:b7:ec:b6:ff:95:8d:2a:3f:18:15:d4:02:ec:7d:d0:4f:
23:c9:fc:55:85:cf:6a:ea:93:0d:0b:b9:98:2f:5b:f8:bd:56:
c0:68:fb:ce:86:77:b0:1f:06:d9:c4:e1:db:7d:ec:2e:8b:07:
fb:cb:9f:9a:6a:3c:4c:ba:60:ba:8f:3d:2e:14:d8:ee:37:7e:
0a:65:37:98:3f:36:43:8f:40:f8:42:43:d3:9f:bb:4e:37:c7:
30:14:0e:09:a7:29:73:00:d6:cc:9b:19:39:61:1f:cd:13:76:
73:cc:68:3d:9d:29:fa:f4:d5:aa:ed:da:d4:3c:6a:2c:e9:65:
b8:76:e0:d5:98:d7:ab:5c:ef:99:51:8c:48:72:04:ec:25:13:
b3:26:e2:6d:40:47:94:db:26:c6:e1:ed:c8:8f:90:94:8a:d9:
68:45:90:93:c6:f0:e2:69:4e:90:13:82:c3:b8:a8:5c:21:2b:
50:c2:35:55
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIUEMZ1ON3swDpJzAUPCJaENfJ9dr8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDEwMDcwNzU3MzRaFw0yNTEwMDYwODAyMzRaMDMxMTAvBgNV
BAMTKEI0RTMxMjZDODgwMThDOTMzQ0M0NEE2MTlFRkM0OTc4NzBCN0E4M0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDm72JFhqh5TKd3ohcfP0SCyeGK
LtxWzl4AlvAgKXqj7Y2tJhWYTIRRq29ELIn821DG33Ia2pwem280ylEVcgfWLStB
xuG8h9Ds+F8NIeNfp/qAIoR/hBAzEB32FNV57yeHVs1B9TzbkPhcXC9MGT73gtwx
O9FKLQ3eSHr6BiLAVbpnXZ5FbiW/bhBler4rfDU8iR6cgq7XeeSCA44Sxe3QqHcH
4G1g8POWg5qB7TjZYQ2fZpdixdCfNGFeaSzonnZU970hTEKqIDSzeeLJK5G+EN6R
AI72zYvlgJm5Ug7bS+14e55af1S91Pqxikg8DHeDmjI5Vpt28NNN+199n3F/AgMB
AAGjggIlMIICITAdBgNVHQ4EFgQUtOMSbIgBjJM8xEphnvxJeHC3qDswHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTM3NDA5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQABfxQ
AwQAtdZ6AwQAuY2nMA0EAgACMAcDBQMqCs4AMA0GCSqGSIb3DQEBCwUAA4IBAQCT
ZjhLQOL1irm3JvdLdkbGShlkUFv4b5+AFsFmrXZQjtLoCOYdoh8VZwWnBCFOzcOA
B/OJHCejL/cUef7rAX7lHZcDC3sNnmcAMLfstv+VjSo/GBXUAux90E8jyfxVhc9q
6pMNC7mYL1v4vVbAaPvOhnewHwbZxOHbfewuiwf7y5+aajxMumC6jz0uFNjuN34K
ZTeYPzZDj0D4QkPTn7tON8cwFA4JpylzANbMmxk5YR/NE3ZzzGg9nSn69NWq7drU
PGos6WW4duDVmNerXO+ZUYxIcgTsJROzJuJtQEeU2ybG4e3Ij5CUitloRZCTxvDi
aU6QE4LDuKhcIStQwjVV
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:39:57 2024 by rpki-client on console-ams.rpki-client.org