Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14670.roa
File: AS14670.roa (raw, json)
Hash identifier: UDNxPOGL4/qeTzKME+Sj4ozvpHbM7eVc3nWRSnHF/qM=
Subject key identifier: AA:56:99:4A:63:8E:09:7D:D8:E2:BB:76:BE:7E:F3:87:6F:AE:9D:FC
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 6FCF2D970534530780A8F5F1D77A5DBBC0FF9554
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14670.roa
Signing time: Tue 12 Dec 2023 14:13:08 +0000
ROA not before: Tue 12 Dec 2023 14:08:08 +0000
ROA not after: Tue 10 Dec 2024 14:13:08 +0000
asID: 14670
IP address blocks: 179.61.137.0/24 maxlen: 24
179.61.192.0/24 maxlen: 24
179.61.232.0/24 maxlen: 24
181.214.31.0/24 maxlen: 24
181.214.83.0/24 maxlen: 24
181.214.142.0/24 maxlen: 24
181.214.156.0/24 maxlen: 24
191.96.133.0/24 maxlen: 24
191.96.151.0/24 maxlen: 24
191.96.165.0/24 maxlen: 24
191.101.33.0/24 maxlen: 24
191.101.50.0/24 maxlen: 24
191.101.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:cf:2d:97:05:34:53:07:80:a8:f5:f1:d7:7a:5d:bb:c0:ff:95:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Dec 12 14:08:08 2023 GMT
Not After : Dec 10 14:13:08 2024 GMT
Subject: CN=AA56994A638E097DD8E2BB76BE7EF3876FAE9DFC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7a:95:32:dc:35:ec:3e:a9:ca:b4:b1:ad:b7:
dd:1e:98:c1:ad:89:3b:18:94:c9:43:0a:a2:33:03:
7a:98:23:f1:b5:74:44:a7:c5:b9:06:a1:74:67:71:
20:f8:43:b5:22:5d:83:6d:d4:e5:8b:45:c2:5a:56:
30:6d:cb:4a:a0:de:3b:3e:ef:4e:f5:34:00:ac:33:
2f:ed:a5:d0:4f:33:58:fc:23:7b:25:cd:5d:9f:1e:
d8:88:e6:17:8c:dc:ac:14:ce:0b:9b:a4:d0:27:6c:
5c:fb:ab:38:d2:ac:4a:a6:6e:77:47:d2:54:b2:37:
11:2e:f7:3e:82:e1:aa:a2:5e:e0:7c:f3:7a:f8:55:
4b:1c:b6:ce:bd:5b:c8:b5:1a:77:ae:cc:fd:b4:bc:
b0:be:a4:21:c0:c3:41:db:53:5c:3d:f8:c2:f9:3a:
aa:ca:96:d3:31:66:2d:c8:c7:90:09:68:61:6d:37:
24:ba:0c:d7:15:9e:3c:a3:a6:b5:e4:08:bd:b6:4c:
e4:bb:5f:8e:1b:7e:ae:8f:40:34:ba:4e:d3:c0:70:
f7:ab:d8:bb:18:52:86:ce:f2:d1:cb:e3:9b:92:15:
c9:7b:6d:85:6f:4e:32:0a:be:50:95:e5:26:88:b8:
84:85:eb:28:61:53:d9:aa:d5:1f:45:b6:51:a1:d0:
cf:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:56:99:4A:63:8E:09:7D:D8:E2:BB:76:BE:7E:F3:87:6F:AE:9D:FC
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14670.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.137.0/24
179.61.192.0/24
179.61.232.0/24
181.214.31.0/24
181.214.83.0/24
181.214.142.0/24
181.214.156.0/24
191.96.133.0/24
191.96.151.0/24
191.96.165.0/24
191.101.33.0/24
191.101.50.0/24
191.101.241.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:c2:31:5d:7b:be:d5:21:18:da:f7:3b:e9:c0:00:8b:67:3c:
b5:a4:b7:79:df:9d:59:38:9c:63:6f:4b:1e:b4:84:17:2d:18:
1a:2e:bc:d6:4f:cf:9e:f6:e2:67:58:ce:61:9d:77:05:d4:51:
92:ed:8d:1f:b6:11:dd:be:92:ec:48:ab:7a:e1:a3:cb:2f:d1:
30:17:b6:f9:2b:cd:67:78:9c:49:d1:a6:cb:4e:dc:80:ec:92:
ba:9f:b0:8e:c7:f0:8d:bb:6d:5f:36:77:1e:38:ea:ea:f5:5e:
60:70:cf:a7:d5:f0:3a:43:f8:77:dc:07:fa:3e:b7:84:17:4d:
be:7b:f2:2b:dc:58:36:83:51:ef:46:3a:12:e6:c7:d9:34:c7:
ab:cc:ac:1b:57:dc:2f:d9:27:94:60:58:f6:fa:1d:8b:84:c4:
a7:b9:0f:f3:ad:ff:95:7a:9e:f7:85:ea:bd:21:6c:15:43:ef:
e4:da:4b:3c:a7:a4:3e:7f:c8:42:b1:19:2d:e2:dd:11:3b:a3:
2a:8c:fc:35:a2:16:58:71:7b:a3:7b:30:22:71:de:d5:d9:5b:
04:26:0d:dd:52:c1:01:8a:c3:d7:04:d4:53:eb:8c:14:7f:92:
0e:5e:18:a8:5c:a3:2f:54:81:4d:e0:0e:cd:4b:06:8a:22:6b:
58:c4:44:45
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUb88tlwU0UweAqPXx13pdu8D/lVQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzEyMTIxNDA4MDhaFw0yNDEyMTAxNDEzMDhaMDMxMTAvBgNV
BAMTKEFBNTY5OTRBNjM4RTA5N0REOEUyQkI3NkJFN0VGMzg3NkZBRTlERkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvepUy3DXsPqnKtLGtt90emMGt
iTsYlMlDCqIzA3qYI/G1dESnxbkGoXRncSD4Q7UiXYNt1OWLRcJaVjBty0qg3js+
7071NACsMy/tpdBPM1j8I3slzV2fHtiI5heM3KwUzgubpNAnbFz7qzjSrEqmbndH
0lSyNxEu9z6C4aqiXuB883r4VUscts69W8i1GneuzP20vLC+pCHAw0HbU1w9+ML5
OqrKltMxZi3Ix5AJaGFtNyS6DNcVnjyjprXkCL22TOS7X44bfq6PQDS6TtPAcPer
2LsYUobO8tHL45uSFcl7bYVvTjIKvlCV5SaIuISF6yhhU9mq1R9FtlGh0M8fAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUqlaZSmOOCX3Y4rt2vn7zh2+unfwwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTQ2NzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwZwYIKwYBBQUHAQcBAf8EWDBWMFQEAgABME4DBACzPYkD
BACzPcADBACzPegDBAC11h8DBAC11lMDBAC11o4DBAC11pwDBAC/YIUDBAC/YJcD
BAC/YKUDBAC/ZSEDBAC/ZTIDBAC/ZfEwDQYJKoZIhvcNAQELBQADggEBAIrCMV17
vtUhGNr3O+nAAItnPLWkt3nfnVk4nGNvSx60hBctGBouvNZPz5724mdYzmGddwXU
UZLtjR+2Ed2+kuxIq3rho8sv0TAXtvkrzWd4nEnRpstO3IDskrqfsI7H8I27bV82
dx446ur1XmBwz6fV8DpD+HfcB/o+t4QXTb578ivcWDaDUe9GOhLmx9k0x6vMrBtX
3C/ZJ5RgWPb6HYuExKe5D/Ot/5V6nveF6r0hbBVD7+TaSzynpD5/yEKxGS3i3RE7
oyqM/DWiFlhxe6N7MCJx3tXZWwQmDd1SwQGKw9cE1FPrjBR/kg5eGKhcoy9UgU3g
Ds1LBooia1jEREU=
-----END CERTIFICATE-----
Generated at Fri May 10 02:01:21 2024 by rpki-client on console-ams.rpki-client.org