Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14445.roa
File: AS14445.roa (raw, json)
Hash identifier: uMoQHzD0ObCxRqJnx5ucNpYOngoWELPM9D+PD9r++xU=
Subject key identifier: 09:02:22:19:75:92:8D:3D:A6:02:02:B4:1B:AB:18:1F:02:2C:8E:96
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 2B89920BF9FD0A6B370E6AE486A05A4050301D7A
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14445.roa
Signing time: Tue 30 Apr 2024 00:00:23 +0000
ROA not before: Mon 29 Apr 2024 23:55:23 +0000
ROA not after: Tue 29 Apr 2025 00:00:23 +0000
asID: 14445
IP address blocks: 92.242.184.0/24 maxlen: 24
179.61.129.0/24 maxlen: 24
179.61.170.0/24 maxlen: 24
179.61.212.0/24 maxlen: 24
181.214.0.0/24 maxlen: 24
181.214.14.0/24 maxlen: 24
181.214.54.0/24 maxlen: 24
181.214.101.0/24 maxlen: 24
181.214.177.0/24 maxlen: 24
181.215.3.0/24 maxlen: 24
181.215.29.0/24 maxlen: 24
181.215.41.0/24 maxlen: 24
181.215.65.0/24 maxlen: 24
181.215.255.0/24 maxlen: 24
191.96.117.0/24 maxlen: 24
191.96.157.0/24 maxlen: 24
191.96.174.0/24 maxlen: 24
191.96.245.0/24 maxlen: 24
191.101.56.0/24 maxlen: 24
191.101.176.0/24 maxlen: 24
191.101.188.0/24 maxlen: 24
191.101.239.0/24 maxlen: 24
193.58.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:89:92:0b:f9:fd:0a:6b:37:0e:6a:e4:86:a0:5a:40:50:30:1d:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 29 23:55:23 2024 GMT
Not After : Apr 29 00:00:23 2025 GMT
Subject: CN=0902221975928D3DA60202B41BAB181F022C8E96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:23:d0:65:f6:a0:15:64:c1:0b:2c:cf:ff:56:
98:e6:4f:c6:c3:a9:21:41:92:5c:16:06:12:fd:d4:
c5:13:79:d2:45:0a:e2:39:d6:f3:c5:a9:73:f6:63:
5e:97:75:52:6f:ac:f6:d8:ff:47:b2:a8:aa:3c:12:
cf:87:74:ad:ea:fd:5a:77:d8:2c:4b:c2:3b:54:31:
ca:69:dc:2a:a4:f4:09:02:73:2e:6e:10:77:50:12:
87:b4:f0:fe:a5:30:fd:51:92:4c:8e:e6:8c:d7:78:
53:64:23:49:8c:b6:f7:8d:69:ae:b3:05:64:4f:c1:
3d:c9:92:2a:ac:e7:d0:47:19:5c:d4:9f:f0:9c:a9:
b3:1d:41:c6:dd:c3:37:47:e5:63:9f:77:71:78:5d:
46:f4:19:f5:7e:45:6c:ed:de:b5:c9:25:be:8b:05:
51:20:20:3b:0b:55:82:84:8f:65:9c:ae:08:71:d2:
23:54:e7:37:be:ea:f6:2d:a8:35:61:7d:8d:a1:1c:
41:8a:b3:15:93:91:78:93:cd:32:09:c1:b7:99:9d:
09:b5:27:c6:bd:6b:8f:fb:8e:4e:f3:87:e8:65:50:
7a:c9:99:35:78:8e:97:d3:a2:9a:37:bb:ce:03:05:
cb:0e:55:3c:a0:aa:8c:a9:e4:30:bf:1d:fa:0a:41:
96:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:02:22:19:75:92:8D:3D:A6:02:02:B4:1B:AB:18:1F:02:2C:8E:96
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14445.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.242.184.0/24
179.61.129.0/24
179.61.170.0/24
179.61.212.0/24
181.214.0.0/24
181.214.14.0/24
181.214.54.0/24
181.214.101.0/24
181.214.177.0/24
181.215.3.0/24
181.215.29.0/24
181.215.41.0/24
181.215.65.0/24
181.215.255.0/24
191.96.117.0/24
191.96.157.0/24
191.96.174.0/24
191.96.245.0/24
191.101.56.0/24
191.101.176.0/24
191.101.188.0/24
191.101.239.0/24
193.58.106.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:43:81:84:2d:34:4b:7f:6d:c6:f4:5b:fc:0d:fa:cf:65:94:
c5:4b:56:0d:6a:27:3f:05:9b:22:e5:dc:f7:0c:1a:cf:91:93:
5e:86:ed:fd:bf:9c:31:18:b8:7c:8c:6b:6c:ae:89:de:11:5f:
61:50:95:7c:ad:58:ff:00:91:42:f0:e8:c6:7d:9c:57:38:b3:
7f:b9:94:05:92:43:81:1a:59:3a:b6:a4:81:4d:bf:7c:71:9e:
f3:79:55:f8:e2:b8:f4:d1:e1:e5:91:1c:d6:6c:c8:49:e8:7e:
92:4c:27:b0:19:f4:38:fa:9a:cd:62:31:e5:42:47:b2:aa:e8:
ee:40:6e:9e:e2:2f:ec:44:7e:b9:d9:10:aa:2c:fc:5a:0e:fc:
82:be:da:04:44:a9:03:c2:41:4b:c6:3f:f8:76:98:0d:08:36:
af:c6:99:c0:fd:f9:16:67:e3:0b:ff:ca:a1:2f:88:56:65:17:
20:0d:1c:2d:88:3c:53:bc:e1:c3:f2:68:3a:ec:77:86:62:ac:
8b:ee:1a:37:5f:a8:29:06:6b:91:4a:e8:7a:94:82:e2:bc:d7:
14:40:fe:18:6f:d4:a2:17:7b:2f:1b:d3:70:f9:6c:a9:c9:60:
49:dd:1f:f7:99:b1:2d:40:3c:4e:3a:e4:45:f7:a4:1f:f9:c7:
0a:3c:86:01
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIUK4mSC/n9Cms3DmrkhqBaQFAwHXowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA0MjkyMzU1MjNaFw0yNTA0MjkwMDAwMjNaMDMxMTAvBgNV
BAMTKDA5MDIyMjE5NzU5MjhEM0RBNjAyMDJCNDFCQUIxODFGMDIyQzhFOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnI9Bl9qAVZMELLM//VpjmT8bD
qSFBklwWBhL91MUTedJFCuI51vPFqXP2Y16XdVJvrPbY/0eyqKo8Es+HdK3q/Vp3
2CxLwjtUMcpp3Cqk9AkCcy5uEHdQEoe08P6lMP1RkkyO5ozXeFNkI0mMtveNaa6z
BWRPwT3Jkiqs59BHGVzUn/CcqbMdQcbdwzdH5WOfd3F4XUb0GfV+RWzt3rXJJb6L
BVEgIDsLVYKEj2Wcrghx0iNU5ze+6vYtqDVhfY2hHEGKsxWTkXiTzTIJwbeZnQm1
J8a9a4/7jk7zh+hlUHrJmTV4jpfTopo3u84DBcsOVTygqoyp5DC/HfoKQZaJAgMB
AAGjggKSMIICjjAdBgNVHQ4EFgQUCQIiGXWSjT2mAgK0G6sYHwIsjpYwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTQ0NDUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgacGCCsGAQUFBwEHAQH/BIGXMIGUMIGRBAIAATCBigME
AFzyuAMEALM9gQMEALM9qgMEALM91AMEALXWAAMEALXWDgMEALXWNgMEALXWZQME
ALXWsQMEALXXAwMEALXXHQMEALXXKQMEALXXQQMEALXX/wMEAL9gdQMEAL9gnQME
AL9grgMEAL9g9QMEAL9lOAMEAL9lsAMEAL9lvAMEAL9l7wMEAME6ajANBgkqhkiG
9w0BAQsFAAOCAQEAakOBhC00S39txvRb/A36z2WUxUtWDWonPwWbIuXc9wwaz5GT
Xobt/b+cMRi4fIxrbK6J3hFfYVCVfK1Y/wCRQvDoxn2cVzizf7mUBZJDgRpZOrak
gU2/fHGe83lV+OK49NHh5ZEc1mzISeh+kkwnsBn0OPqazWIx5UJHsqro7kBunuIv
7ER+udkQqiz8Wg78gr7aBESpA8JBS8Y/+HaYDQg2r8aZwP35FmfjC//KoS+IVmUX
IA0cLYg8U7zhw/JoOux3hmKsi+4aN1+oKQZrkUroepSC4rzXFED+GG/Uohd7LxvT
cPlsqclgSd0f95mxLUA8TjrkRfekH/nHCjyGAQ==
-----END CERTIFICATE-----
Generated at Fri May 10 02:42:18 2024 by rpki-client on console-fra.rpki-client.org