Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS15830.roa
File: AS15830.roa (raw, json)
Hash identifier: e0ORk3X0G+FBlgjCwJhlOf5UPWIye/AneXNsiyQ/DrE=
Subject key identifier: 0A:4E:EE:8B:64:09:38:CD:98:1C:21:1E:5A:CB:45:E6:DE:34:F9:9E
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5179D464DDAE12057BC32779917F47061D784DFF
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS15830.roa
Signing time: Wed 01 Jan 2025 08:53:50 +0000
ROA not before: Wed 01 Jan 2025 08:48:50 +0000
ROA not after: Wed 31 Dec 2025 08:53:50 +0000
asID: 15830
IP address blocks: 85.209.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:79:d4:64:dd:ae:12:05:7b:c3:27:79:91:7f:47:06:1d:78:4d:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 1 08:48:50 2025 GMT
Not After : Dec 31 08:53:50 2025 GMT
Subject: CN=0A4EEE8B640938CD981C211E5ACB45E6DE34F99E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:81:29:e1:50:3d:02:04:b2:72:45:e2:6d:35:
1d:64:fd:26:bc:41:29:2c:83:b4:88:cb:af:a9:7c:
85:e7:8e:d4:cd:c2:e7:57:56:75:01:cd:f5:a8:24:
6f:61:e1:a6:a5:61:25:36:65:45:e3:03:1b:13:b0:
6a:29:4f:90:2c:ed:7b:52:64:0d:9a:71:6f:66:f5:
82:ed:91:a4:4b:a9:5d:f9:f6:9c:39:4a:82:30:53:
48:f8:9f:89:0c:60:25:d2:f6:9a:8b:d5:76:6f:9f:
21:2e:bf:a3:16:40:c4:db:61:cc:44:6c:32:23:12:
52:ab:03:67:0e:f5:20:e5:88:fe:84:e3:31:8e:f3:
29:a7:1b:6c:1c:df:22:af:d5:c1:9d:57:12:7a:9c:
b8:c2:69:7d:5c:05:52:27:12:e0:a6:4d:ea:87:2b:
1c:8a:08:02:85:82:a6:04:16:9f:f1:00:b1:af:82:
17:15:ea:59:f8:b0:88:81:fb:d2:85:09:53:02:89:
57:a9:24:15:3b:0a:fc:c7:fa:b4:9d:06:ee:1d:69:
fa:ae:a0:46:9e:bc:8d:0e:c8:b9:40:68:03:0e:77:
3c:17:77:0f:86:c8:b2:64:d1:24:1c:2a:04:f2:cc:
d3:18:e1:b5:ce:4b:ac:3b:fe:53:0c:60:45:ed:21:
b7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:4E:EE:8B:64:09:38:CD:98:1C:21:1E:5A:CB:45:E6:DE:34:F9:9E
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS15830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.178.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:ea:ad:a2:b0:87:1c:2e:5c:d1:f8:b6:ec:23:c6:ec:f5:3d:
b0:88:0d:7b:3c:40:24:36:dc:de:e9:f9:f8:6f:64:99:9e:77:
21:35:dd:ac:62:65:f1:f2:53:82:f8:86:24:12:09:70:2c:b3:
32:d4:a6:71:00:20:78:9b:be:98:eb:5a:ad:6f:96:f7:e5:8e:
d5:15:00:dc:fb:e3:6a:60:ed:e0:cb:ba:4b:1d:2c:60:7e:4e:
05:ad:eb:8b:8e:56:03:9e:73:4b:90:cb:da:07:3a:8e:ea:6d:
a8:4c:27:e5:3b:d0:2d:98:68:aa:e3:27:91:8b:3e:86:45:4e:
b8:a7:42:bf:57:ec:fe:96:e6:17:f1:b6:f4:21:82:49:7e:97:
a6:db:fe:b6:ae:18:dc:55:e4:5b:5d:29:3b:28:74:24:27:3c:
09:01:f3:f3:38:1e:7e:54:a8:de:08:cd:4a:d3:5b:48:b6:95:
7a:55:f1:bf:67:ff:9d:8c:bc:df:57:4c:be:67:75:2d:f0:13:
89:a2:bf:82:58:bd:3f:74:a0:49:22:df:83:e6:4c:76:a6:77:
f5:9d:c0:39:09:0b:80:35:7f:ef:97:d7:ab:06:f1:fa:a6:73:
48:58:4a:24:48:11:81:02:1d:22:66:d7:ca:70:40:c8:85:f0:
ac:cc:8d:87
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUUXnUZN2uEgV7wyd5kX9HBh14Tf8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAxMDEwODQ4NTBaFw0yNTEyMzEwODUzNTBaMDMxMTAvBgNV
BAMTKDBBNEVFRThCNjQwOTM4Q0Q5ODFDMjExRTVBQ0I0NUU2REUzNEY5OUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTgSnhUD0CBLJyReJtNR1k/Sa8
QSksg7SIy6+pfIXnjtTNwudXVnUBzfWoJG9h4aalYSU2ZUXjAxsTsGopT5As7XtS
ZA2acW9m9YLtkaRLqV359pw5SoIwU0j4n4kMYCXS9pqL1XZvnyEuv6MWQMTbYcxE
bDIjElKrA2cO9SDliP6E4zGO8ymnG2wc3yKv1cGdVxJ6nLjCaX1cBVInEuCmTeqH
KxyKCAKFgqYEFp/xALGvghcV6ln4sIiB+9KFCVMCiVepJBU7CvzH+rSdBu4dafqu
oEaevI0OyLlAaAMOdzwXdw+GyLJk0SQcKgTyzNMY4bXOS6w7/lMMYEXtIbdhAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUCk7ui2QJOM2YHCEeWstF5t40+Z4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTU4MzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABV0bIw
DQYJKoZIhvcNAQELBQADggEBAD3qraKwhxwuXNH4tuwjxuz1PbCIDXs8QCQ23N7p
+fhvZJmedyE13axiZfHyU4L4hiQSCXAsszLUpnEAIHibvpjrWq1vlvfljtUVANz7
42pg7eDLuksdLGB+TgWt64uOVgOec0uQy9oHOo7qbahMJ+U70C2YaKrjJ5GLPoZF
TrinQr9X7P6W5hfxtvQhgkl+l6bb/rauGNxV5FtdKTsodCQnPAkB8/M4Hn5UqN4I
zUrTW0i2lXpV8b9n/52MvN9XTL5ndS3wE4miv4JYvT90oEki34PmTHamd/WdwDkJ
C4A1f++X16sG8fqmc0hYSiRIEYECHSJm18pwQMiF8KzMjYc=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:49:08 2025 by rpki-client