Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS138997.roa
File: AS138997.roa (raw, json)
Hash identifier: L2cszE2X8hqaqFrzZX8jU75MuEBa+J1+dsLbJHnJ8pw=
Subject key identifier: 2E:57:A4:BE:41:8D:3C:4C:B1:A4:A7:DE:26:74:CB:61:D2:F3:A5:C2
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 0D3EE44BC62BAD967E53629B225948C4A0912DF9
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS138997.roa
Signing time: Sun 15 Sep 2024 00:01:09 +0000
ROA not before: Sat 14 Sep 2024 23:56:09 +0000
ROA not after: Sun 14 Sep 2025 00:01:09 +0000
asID: 138997
IP address blocks: 179.61.173.0/24 maxlen: 24
181.214.2.0/24 maxlen: 24
181.214.25.0/24 maxlen: 24
181.214.33.0/24 maxlen: 24
181.214.75.0/24 maxlen: 24
181.214.130.0/24 maxlen: 24
181.214.132.0/24 maxlen: 24
181.214.185.0/24 maxlen: 24
181.214.205.0/24 maxlen: 24
181.214.250.0/24 maxlen: 24
181.215.110.0/24 maxlen: 24
181.215.127.0/24 maxlen: 24
181.215.136.0/24 maxlen: 24
181.215.148.0/24 maxlen: 24
181.215.154.0/24 maxlen: 24
181.215.190.0/24 maxlen: 24
181.215.239.0/24 maxlen: 24
185.173.27.0/24 maxlen: 24
191.96.111.0/24 maxlen: 24
194.53.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:3e:e4:4b:c6:2b:ad:96:7e:53:62:9b:22:59:48:c4:a0:91:2d:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Sep 14 23:56:09 2024 GMT
Not After : Sep 14 00:01:09 2025 GMT
Subject: CN=2E57A4BE418D3C4CB1A4A7DE2674CB61D2F3A5C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2f:17:e4:24:d9:68:e6:b3:bf:8a:6b:c8:b2:
10:f8:83:0b:5d:ce:02:e5:eb:35:1a:ab:76:10:94:
61:59:a1:d7:e1:29:81:bc:50:05:e0:f7:de:f5:0e:
ed:14:85:c4:2a:eb:7c:71:79:7b:3b:cc:ad:0c:ce:
52:1c:0c:c5:d3:de:2a:a8:90:bf:f9:b8:0e:e4:6e:
db:c4:fc:67:15:b2:d7:e2:a3:1c:de:f6:27:cd:36:
c1:7d:c9:a8:7d:18:da:3a:78:77:60:ba:5a:a5:28:
ff:e4:9f:99:8d:ff:83:5f:44:fd:96:45:e5:90:f3:
7f:6c:d3:49:43:0b:6d:b9:fc:f2:47:80:d3:db:9c:
ce:44:85:28:06:36:be:d0:c9:08:4a:dc:90:59:26:
46:4a:6a:99:60:bd:66:e5:66:e1:6c:f2:fd:d4:66:
ec:e2:cb:7d:77:3a:34:56:e3:ff:ef:ca:4e:d4:04:
f0:b9:5c:cf:f5:04:d0:a0:8b:bc:b2:b7:07:44:f4:
ed:eb:15:fe:e6:e1:2d:6b:f3:2c:43:9b:dc:13:a5:
cf:75:82:3e:95:1b:d0:4e:ff:bf:e5:fe:12:ca:fe:
c4:db:de:e9:9f:cc:d7:77:c8:d7:9d:52:58:e6:52:
07:c4:50:7b:21:77:ff:7e:7d:e2:7a:d9:cc:35:bd:
74:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:57:A4:BE:41:8D:3C:4C:B1:A4:A7:DE:26:74:CB:61:D2:F3:A5:C2
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS138997.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.173.0/24
181.214.2.0/24
181.214.25.0/24
181.214.33.0/24
181.214.75.0/24
181.214.130.0/24
181.214.132.0/24
181.214.185.0/24
181.214.205.0/24
181.214.250.0/24
181.215.110.0/24
181.215.127.0/24
181.215.136.0/24
181.215.148.0/24
181.215.154.0/24
181.215.190.0/24
181.215.239.0/24
185.173.27.0/24
191.96.111.0/24
194.53.142.0/24
Signature Algorithm: sha256WithRSAEncryption
73:f8:8f:41:a1:f6:a1:15:98:0d:6d:ab:77:5c:9f:0d:5c:ec:
e6:72:49:03:d5:66:5c:06:90:42:dd:4a:ce:67:bc:7a:c7:d4:
51:c0:42:74:86:fc:c3:8a:81:2f:04:5e:3b:d9:fa:e1:1d:1d:
53:a4:0d:2b:5d:6b:06:f4:7c:ac:e2:2e:d3:09:48:32:74:4c:
75:6f:3b:2d:2e:cc:36:75:2e:e8:78:85:ea:ba:f6:cd:a2:de:
1d:4f:5a:59:4a:fa:cd:7e:58:8f:f2:fe:c7:e5:24:52:a0:31:
06:d3:9a:c2:59:cf:93:b4:c0:59:7d:d5:36:b9:ac:84:94:97:
fe:c3:8f:63:cb:a1:ce:22:c2:ea:fe:97:97:c2:e0:b0:14:e0:
e0:a8:23:f1:34:2c:21:01:b4:1e:2f:99:2a:2b:14:3f:ea:72:
8e:98:87:d6:f0:06:08:62:b6:3c:9a:67:2b:ac:21:2d:49:3b:
ec:c2:48:73:ec:18:05:0c:88:12:fb:3b:f6:11:3c:e4:46:e3:
18:c2:b4:17:6d:0d:54:6d:bf:71:34:11:d8:c4:46:cb:29:e7:
87:d1:a9:bd:ee:75:30:97:a0:9d:2d:66:64:f9:da:c8:01:30:
af:ba:79:6d:16:43:34:77:0c:bb:27:8d:43:69:2c:fc:5e:a1:
4c:cc:81:86
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgIUDT7kS8YrrZZ+U2KbIllIxKCRLfkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA5MTQyMzU2MDlaFw0yNTA5MTQwMDAxMDlaMDMxMTAvBgNV
BAMTKDJFNTdBNEJFNDE4RDNDNENCMUE0QTdERTI2NzRDQjYxRDJGM0E1QzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOLxfkJNlo5rO/imvIshD4gwtd
zgLl6zUaq3YQlGFZodfhKYG8UAXg9971Du0UhcQq63xxeXs7zK0MzlIcDMXT3iqo
kL/5uA7kbtvE/GcVstfioxze9ifNNsF9yah9GNo6eHdgulqlKP/kn5mN/4NfRP2W
ReWQ839s00lDC225/PJHgNPbnM5EhSgGNr7QyQhK3JBZJkZKaplgvWblZuFs8v3U
Zuziy313OjRW4//vyk7UBPC5XM/1BNCgi7yytwdE9O3rFf7m4S1r8yxDm9wTpc91
gj6VG9BO/7/l/hLK/sTb3umfzNd3yNedUljmUgfEUHshd/9+feJ62cw1vXTbAgMB
AAGjggJ/MIICezAdBgNVHQ4EFgQULlekvkGNPEyxpKfeJnTLYdLzpcIwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTM4OTk3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQA
sz2tAwQAtdYCAwQAtdYZAwQAtdYhAwQAtdZLAwQAtdaCAwQAtdaEAwQAtda5AwQA
tdbNAwQAtdb6AwQAtdduAwQAtdd/AwQAtdeIAwQAtdeUAwQAtdeaAwQAtde+AwQA
tdfvAwQAua0bAwQAv2BvAwQAwjWOMA0GCSqGSIb3DQEBCwUAA4IBAQBz+I9Bofah
FZgNbat3XJ8NXOzmckkD1WZcBpBC3UrOZ7x6x9RRwEJ0hvzDioEvBF472frhHR1T
pA0rXWsG9Hys4i7TCUgydEx1bzstLsw2dS7oeIXquvbNot4dT1pZSvrNfliP8v7H
5SRSoDEG05rCWc+TtMBZfdU2uayElJf+w49jy6HOIsLq/peXwuCwFODgqCPxNCwh
AbQeL5kqKxQ/6nKOmIfW8AYIYrY8mmcrrCEtSTvswkhz7BgFDIgS+zv2ETzkRuMY
wrQXbQ1Ubb9xNBHYxEbLKeeH0am97nUwl6CdLWZk+drIATCvunltFkM0dwy7J41D
aSz8XqFMzIGG
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:44:44 2024 by rpki-client on console-fra.rpki-client.org