Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS142146.roa
File: AS142146.roa (raw, json)
Hash identifier: an/dkLtlzoVzZQRiiM5/a3Y72inSxlRxq/CdxPbe9mo=
Subject key identifier: 4D:97:1C:16:6C:7D:3A:F0:4A:C5:44:68:12:44:5C:39:BA:CD:49:07
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 27ACCD9ED74A5D257ED1CBBFD79F77240E577444
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS142146.roa
Signing time: Mon 19 Aug 2024 00:01:59 +0000
ROA not before: Sun 18 Aug 2024 23:56:59 +0000
ROA not after: Mon 18 Aug 2025 00:01:59 +0000
asID: 142146
IP address blocks: 179.61.176.0/24 maxlen: 24
191.101.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:ac:cd:9e:d7:4a:5d:25:7e:d1:cb:bf:d7:9f:77:24:0e:57:74:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Aug 18 23:56:59 2024 GMT
Not After : Aug 18 00:01:59 2025 GMT
Subject: CN=4D971C166C7D3AF04AC5446812445C39BACD4907
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5b:53:02:3c:ab:89:e9:55:ee:d3:52:23:65:
ec:ba:55:8c:d4:97:73:9c:54:b3:5e:c3:06:5b:f3:
03:65:10:5d:b0:9d:8f:66:42:b5:c1:35:0a:4c:6e:
3c:b6:c2:e8:2b:96:4c:f1:b6:e4:bc:93:5a:8c:61:
f8:70:47:4f:a8:25:61:9a:5b:46:d7:10:5d:13:34:
fa:48:e3:9a:0d:14:6d:55:b1:9a:79:3b:d5:1f:34:
d6:3a:98:01:2e:ae:f4:e3:07:a4:3d:00:b6:ed:91:
93:65:fd:f9:a3:ed:31:2f:99:bd:f5:e5:3f:62:fe:
21:8b:33:9a:2e:35:14:d6:ba:34:f9:8a:10:a7:fe:
f6:f9:13:65:21:bd:9b:b8:27:18:ec:da:b4:5a:a4:
d9:d1:95:79:bf:2b:b5:6f:f2:31:ce:f2:6a:15:59:
e6:f6:55:9a:9f:15:ed:40:58:8c:19:8a:a5:89:0a:
2a:79:e6:da:c9:41:da:c4:11:9b:7a:5f:e7:ea:54:
b7:d7:45:d9:2e:4b:6b:f5:2b:a9:f2:87:87:dc:26:
72:bb:7f:3f:77:cd:49:4f:db:74:f8:f9:47:9f:0c:
c7:48:4c:3d:cf:ee:20:45:5b:5d:36:e0:b5:33:f1:
ca:1f:b2:49:04:ad:f4:2e:04:9c:c1:b8:9b:13:39:
ad:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:97:1C:16:6C:7D:3A:F0:4A:C5:44:68:12:44:5C:39:BA:CD:49:07
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS142146.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.176.0/24
191.101.126.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:4b:c2:8c:93:42:eb:90:d4:23:4c:a3:fd:05:31:05:78:32:
3d:bf:de:83:0b:53:94:af:34:0c:b4:ce:a7:e7:72:e0:a7:7a:
f8:6e:43:7c:ee:f3:8e:7f:f0:49:b1:5c:18:e0:24:bb:64:3d:
01:71:f0:e5:16:9f:a0:9c:a9:9a:24:9e:57:00:c8:50:d0:d1:
47:3a:ab:22:cc:e2:2f:4f:b2:a4:df:6d:e4:e2:bb:ff:12:bb:
fc:94:a3:92:60:2d:a7:0c:8b:2c:5c:85:82:77:10:db:f0:42:
91:de:90:52:c6:79:96:e8:f4:65:84:4a:2f:9a:f5:23:2c:4d:
f7:fa:2b:52:6e:a0:3b:3c:e9:7a:f0:d1:10:0a:8f:f2:ed:a2:
d0:4d:11:88:8f:e8:42:c7:c3:41:bc:3e:6b:f0:61:b7:8d:b6:
88:63:f8:37:55:92:df:2b:c2:15:ec:b6:02:a1:ca:da:2c:c3:
6d:0d:28:4a:40:57:b0:e2:8a:36:23:eb:a3:fa:ac:77:b4:6d:
cf:2f:6d:ac:0e:26:bb:12:ee:ab:ad:b1:00:b9:c3:44:be:7c:
c7:e8:12:b1:73:2b:ff:96:76:87:db:22:d1:db:d3:f2:02:97:
8e:30:44:97:f8:91:9e:28:ad:33:49:09:9e:d7:16:26:52:8e:
71:1f:59:76
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUJ6zNntdKXSV+0cu/1593JA5XdEQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA4MTgyMzU2NTlaFw0yNTA4MTgwMDAxNTlaMDMxMTAvBgNV
BAMTKDREOTcxQzE2NkM3RDNBRjA0QUM1NDQ2ODEyNDQ1QzM5QkFDRDQ5MDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUW1MCPKuJ6VXu01IjZey6VYzU
l3OcVLNewwZb8wNlEF2wnY9mQrXBNQpMbjy2wugrlkzxtuS8k1qMYfhwR0+oJWGa
W0bXEF0TNPpI45oNFG1VsZp5O9UfNNY6mAEurvTjB6Q9ALbtkZNl/fmj7TEvmb31
5T9i/iGLM5ouNRTWujT5ihCn/vb5E2UhvZu4Jxjs2rRapNnRlXm/K7Vv8jHO8moV
Web2VZqfFe1AWIwZiqWJCip55trJQdrEEZt6X+fqVLfXRdkuS2v1K6nyh4fcJnK7
fz93zUlP23T4+UefDMdITD3P7iBFW1024LUz8cofskkErfQuBJzBuJsTOa0xAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUTZccFmx9OvBKxURoEkRcObrNSQcwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTQyMTQ2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsz2w
AwQAv2V+MA0GCSqGSIb3DQEBCwUAA4IBAQBMS8KMk0LrkNQjTKP9BTEFeDI9v96D
C1OUrzQMtM6n53Lgp3r4bkN87vOOf/BJsVwY4CS7ZD0BcfDlFp+gnKmaJJ5XAMhQ
0NFHOqsizOIvT7Kk323k4rv/Erv8lKOSYC2nDIssXIWCdxDb8EKR3pBSxnmW6PRl
hEovmvUjLE33+itSbqA7POl68NEQCo/y7aLQTRGIj+hCx8NBvD5r8GG3jbaIY/g3
VZLfK8IV7LYCocraLMNtDShKQFew4oo2I+uj+qx3tG3PL22sDia7Eu6rrbEAucNE
vnzH6BKxcyv/lnaH2yLR29PyApeOMESX+JGeKK0zSQme1xYmUo5xH1l2
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:44:44 2024 by rpki-client on console-fra.rpki-client.org