Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS152700.roa
File: AS152700.roa (raw, json)
Hash identifier: AB45wQJ3SiYf1jDkXVC/Tc+BNtgjwLc99o1lqLKq1r0=
Subject key identifier: 8E:B4:74:5C:31:E3:82:22:FF:DC:FC:1B:EF:8E:4A:E1:E5:CF:73:CF
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 05E474AEC1AC1FAE8006FF930B276B663D6FB273
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS152700.roa
Signing time: Sat 27 Apr 2024 15:13:25 +0000
ROA not before: Sat 27 Apr 2024 15:08:25 +0000
ROA not after: Sat 26 Apr 2025 15:13:25 +0000
asID: 152700
IP address blocks: 191.101.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 07:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:e4:74:ae:c1:ac:1f:ae:80:06:ff:93:0b:27:6b:66:3d:6f:b2:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 27 15:08:25 2024 GMT
Not After : Apr 26 15:13:25 2025 GMT
Subject: CN=8EB4745C31E38222FFDCFC1BEF8E4AE1E5CF73CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:75:aa:16:b5:ba:e1:34:2f:fb:3e:40:2d:a9:
af:1f:b3:83:4c:73:36:02:a0:12:b2:4c:59:06:9c:
33:52:fa:3a:52:95:03:00:db:23:aa:97:01:f2:17:
54:28:8c:1e:db:e8:0d:6b:59:64:5f:87:f1:ac:df:
0e:d4:d2:d3:86:a9:3c:c8:2f:dc:a3:0a:03:06:22:
5c:04:da:3c:1f:da:cd:3b:ed:ec:09:4d:0a:b1:d8:
87:4a:fc:68:bf:e3:69:e5:cc:9f:16:c3:ac:d9:af:
c7:6a:bb:76:9b:f2:8b:45:46:ba:97:41:25:9f:69:
39:87:f3:84:b6:50:24:68:2d:71:8a:28:88:e2:f2:
b1:5e:41:6b:d4:c5:9e:6a:13:52:eb:e7:c5:f4:39:
9e:c1:a9:28:72:11:d3:73:3d:d7:37:fb:09:1d:cf:
77:c0:ba:5d:96:0c:7e:63:75:7d:24:d9:da:73:ef:
ca:a5:19:81:a3:1f:8c:bc:4c:80:73:bb:5b:b9:5d:
d3:17:67:31:bf:de:3f:8b:dd:0f:09:5e:88:8a:6e:
79:b9:7a:7e:d2:4d:1f:49:a4:0b:8a:c9:61:00:60:
f3:fc:1e:61:14:98:ac:0f:4f:0b:ce:4b:b4:01:93:
c9:3f:4c:0b:f6:99:e7:67:be:55:45:ff:f2:8b:f9:
4d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:B4:74:5C:31:E3:82:22:FF:DC:FC:1B:EF:8E:4A:E1:E5:CF:73:CF
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS152700.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.101.187.0/24
Signature Algorithm: sha256WithRSAEncryption
27:62:40:c7:80:71:88:85:8f:a6:18:4a:12:a1:54:b5:ca:43:
97:4b:0c:9e:d7:1c:eb:ae:4f:1b:6a:65:3f:1d:c5:47:95:53:
ff:34:aa:2d:2a:57:0c:1e:b5:0b:3f:ad:d5:2e:ec:85:41:08:
7a:d6:b9:79:14:6a:37:24:34:87:b7:9d:0a:49:33:75:d8:16:
1f:55:df:72:49:0c:0a:6f:9d:d4:66:4c:73:c6:17:36:56:33:
22:5c:ba:fa:da:00:9b:6d:ad:29:7a:82:43:68:1e:77:cb:0d:
c6:8f:11:34:5d:03:00:00:d7:06:72:24:68:74:01:b8:ef:ba:
39:d9:aa:bb:4c:6e:16:0d:4a:37:bf:4d:7b:77:78:e8:2a:77:
a0:93:8c:56:a4:ff:c6:ad:63:3f:c8:84:fe:0d:39:cb:4b:7c:
e5:6b:38:3d:02:90:af:43:5b:e4:74:8d:03:eb:24:ea:9e:d1:
f5:14:f4:f3:ee:16:92:82:d1:1d:9b:87:af:54:e5:42:83:d3:
f1:32:04:ff:71:e1:c0:d4:c3:db:62:09:9b:fc:02:fc:35:9b:
96:55:63:f1:7d:76:0b:a2:ed:1d:64:89:d2:c4:2c:13:49:e9:
f5:85:f9:73:33:13:2d:3e:34:74:21:59:f7:e3:7b:ff:34:2b:
c2:51:13:de
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUBeR0rsGsH66ABv+TCydrZj1vsnMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA0MjcxNTA4MjVaFw0yNTA0MjYxNTEzMjVaMDMxMTAvBgNV
BAMTKDhFQjQ3NDVDMzFFMzgyMjJGRkRDRkMxQkVGOEU0QUUxRTVDRjczQ0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDndaoWtbrhNC/7PkAtqa8fs4NM
czYCoBKyTFkGnDNS+jpSlQMA2yOqlwHyF1QojB7b6A1rWWRfh/Gs3w7U0tOGqTzI
L9yjCgMGIlwE2jwf2s077ewJTQqx2IdK/Gi/42nlzJ8Ww6zZr8dqu3ab8otFRrqX
QSWfaTmH84S2UCRoLXGKKIji8rFeQWvUxZ5qE1Lr58X0OZ7BqShyEdNzPdc3+wkd
z3fAul2WDH5jdX0k2dpz78qlGYGjH4y8TIBzu1u5XdMXZzG/3j+L3Q8JXoiKbnm5
en7STR9JpAuKyWEAYPP8HmEUmKwPTwvOS7QBk8k/TAv2mednvlVF//KL+U0fAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUjrR0XDHjgiL/3Pwb745K4eXPc88wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTUyNzAwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2W7
MA0GCSqGSIb3DQEBCwUAA4IBAQAnYkDHgHGIhY+mGEoSoVS1ykOXSwye1xzrrk8b
amU/HcVHlVP/NKotKlcMHrULP63VLuyFQQh61rl5FGo3JDSHt50KSTN12BYfVd9y
SQwKb53UZkxzxhc2VjMiXLr62gCbba0peoJDaB53yw3GjxE0XQMAANcGciRodAG4
77o52aq7TG4WDUo3v017d3joKnegk4xWpP/GrWM/yIT+DTnLS3zlazg9ApCvQ1vk
dI0D6yTqntH1FPTz7haSgtEdm4evVOVCg9PxMgT/ceHA1MPbYgmb/AL8NZuWVWPx
fXYLou0dZInSxCwTSen1hflzMxMtPjR0IVn343v/NCvCURPe
-----END CERTIFICATE-----
Generated at Wed Jun 26 11:54:38 2024 by rpki-client on console-fra.rpki-client.org