Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS15440.roa
File: AS15440.roa (raw, json)
Hash identifier: Kh1zYnuyljrb+TBCW72iK3tUxspO5f6095W1uQX7NCk=
Subject key identifier: D8:C6:B9:A6:15:28:69:3A:B7:6C:A2:6A:D7:C3:C6:EE:98:37:03:E8
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 7D912C7E34AE4ADF49DC79F4ADF7038C0337D615
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS15440.roa
Signing time: Thu 15 Aug 2024 17:50:45 +0000
ROA not before: Thu 15 Aug 2024 17:45:45 +0000
ROA not after: Thu 14 Aug 2025 17:50:45 +0000
asID: 15440
IP address blocks: 181.214.147.0/24 maxlen: 24
191.96.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:91:2c:7e:34:ae:4a:df:49:dc:79:f4:ad:f7:03:8c:03:37:d6:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Aug 15 17:45:45 2024 GMT
Not After : Aug 14 17:50:45 2025 GMT
Subject: CN=D8C6B9A61528693AB76CA26AD7C3C6EE983703E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ad:b8:ed:00:62:4b:f6:d2:ac:7d:cd:c0:e2:
47:b3:40:03:0e:28:98:0d:03:7b:21:65:9f:1e:44:
dc:d1:ab:2e:78:5a:0e:a7:7b:a0:30:92:7b:b6:cc:
03:45:09:60:e8:74:a1:b9:ad:95:1d:68:f0:d2:80:
fb:53:64:89:e2:64:bd:de:eb:d8:6e:e1:a9:5c:a4:
7b:f5:7c:9f:a6:5b:97:56:82:e5:af:2d:94:8f:1f:
6b:68:39:1d:14:d5:5e:3b:e8:0f:ee:1e:0c:ae:c0:
f2:21:ad:ec:cb:9a:05:3b:70:3b:5f:93:ac:6f:1f:
91:24:6d:6e:2c:ec:84:4d:30:72:d7:06:0f:09:f6:
68:8a:51:fa:4d:d3:ab:d2:be:06:d0:7e:7d:f1:21:
57:09:56:b3:a6:38:ed:11:05:0c:4e:98:9d:47:8a:
1f:78:f8:f2:58:1f:fc:23:38:fe:0c:f0:38:2c:7f:
54:75:3f:46:e9:49:d4:0e:c9:3e:98:4b:7a:fe:75:
fb:6f:f9:db:0e:1b:e8:b4:e3:c3:78:44:1d:54:22:
85:9c:18:67:27:e5:84:35:d0:40:3e:24:48:de:d5:
48:93:c6:84:5c:29:70:0d:5c:7b:63:7e:43:be:d2:
32:bd:d2:cd:8d:15:8e:4d:df:d7:93:b6:e3:23:1b:
14:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:C6:B9:A6:15:28:69:3A:B7:6C:A2:6A:D7:C3:C6:EE:98:37:03:E8
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS15440.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.147.0/24
191.96.245.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:e9:18:0f:99:7b:41:4e:d7:93:1a:33:5c:34:96:3c:0a:06:
60:5a:c9:1f:3f:ee:65:04:15:2d:b1:a5:c3:90:25:6a:bb:24:
26:ec:9e:16:c0:1f:08:0d:0e:c0:3d:d2:f8:fb:5e:5b:3b:27:
3c:89:e0:ae:ac:44:e8:fd:bd:08:2a:f6:fa:f6:72:e6:ec:61:
f0:60:b9:3c:53:4c:2c:f0:38:1c:fc:8b:38:92:bb:24:41:87:
bf:c1:8c:fe:90:d9:76:80:9c:2f:00:e7:5d:d1:c5:32:df:b1:
7a:a6:8e:de:2c:85:23:da:45:6b:84:07:d0:00:7e:eb:a9:4b:
9f:02:c0:e7:55:67:b9:7f:0f:b9:a3:81:29:1d:a9:c4:cd:fa:
26:5c:70:98:be:f6:8b:78:df:4e:cf:6a:74:60:58:e6:81:89:
79:16:21:ba:76:ec:f1:46:ca:59:43:7d:3f:82:c2:9c:fb:85:
cd:4e:cb:ef:34:b9:af:94:91:cb:35:c7:ce:86:f5:47:9c:58:
90:fd:b6:71:7e:18:29:11:26:40:9d:51:b4:3f:ea:00:a8:11:
20:fe:e1:af:d3:f9:5c:91:ae:91:59:08:66:50:ab:db:62:48:
2d:d8:4c:c0:0b:83:05:dd:d3:6e:f6:83:05:41:8a:3a:d3:3c:
c8:9e:e6:66
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUfZEsfjSuSt9J3Hn0rfcDjAM31hUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA4MTUxNzQ1NDVaFw0yNTA4MTQxNzUwNDVaMDMxMTAvBgNV
BAMTKEQ4QzZCOUE2MTUyODY5M0FCNzZDQTI2QUQ3QzNDNkVFOTgzNzAzRTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2rbjtAGJL9tKsfc3A4kezQAMO
KJgNA3shZZ8eRNzRqy54Wg6ne6Awknu2zANFCWDodKG5rZUdaPDSgPtTZIniZL3e
69hu4alcpHv1fJ+mW5dWguWvLZSPH2toOR0U1V476A/uHgyuwPIhrezLmgU7cDtf
k6xvH5EkbW4s7IRNMHLXBg8J9miKUfpN06vSvgbQfn3xIVcJVrOmOO0RBQxOmJ1H
ih94+PJYH/wjOP4M8Dgsf1R1P0bpSdQOyT6YS3r+dftv+dsOG+i048N4RB1UIoWc
GGcn5YQ10EA+JEje1UiTxoRcKXANXHtjfkO+0jK90s2NFY5N39eTtuMjGxTdAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQU2Ma5phUoaTq3bKJq18PG7pg3A+gwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTU0NDAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAC11pMD
BAC/YPUwDQYJKoZIhvcNAQELBQADggEBAJ3pGA+Ze0FO15MaM1w0ljwKBmBayR8/
7mUEFS2xpcOQJWq7JCbsnhbAHwgNDsA90vj7Xls7JzyJ4K6sROj9vQgq9vr2cubs
YfBguTxTTCzwOBz8iziSuyRBh7/BjP6Q2XaAnC8A513RxTLfsXqmjt4shSPaRWuE
B9AAfuupS58CwOdVZ7l/D7mjgSkdqcTN+iZccJi+9ot4307PanRgWOaBiXkWIbp2
7PFGyllDfT+Cwpz7hc1Oy+80ua+Ukcs1x86G9UecWJD9tnF+GCkRJkCdUbQ/6gCo
ESD+4a/T+VyRrpFZCGZQq9tiSC3YTMALgwXd0272gwVBijrTPMie5mY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:44:44 2024 by rpki-client on console-fra.rpki-client.org