Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: m/fNjby8KhBdIrzTTO5GV3l1KHM3MMVIRh3sRIAGSq0=
Subject key identifier: A3:C7:34:7D:7D:7C:D3:7E:1F:F4:20:23:A1:5A:BD:9B:E4:F3:76:A3
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 4430CB6EB094BF6363A66846388E3A29F1AAD803
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16276.roa
Signing time: Wed 13 Mar 2024 20:10:14 +0000
ROA not before: Wed 13 Mar 2024 20:05:14 +0000
ROA not after: Wed 12 Mar 2025 20:10:14 +0000
asID: 16276
IP address blocks: 2.57.18.0/24 maxlen: 24
45.137.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:30:cb:6e:b0:94:bf:63:63:a6:68:46:38:8e:3a:29:f1:aa:d8:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 13 20:05:14 2024 GMT
Not After : Mar 12 20:10:14 2025 GMT
Subject: CN=A3C7347D7D7CD37E1FF42023A15ABD9BE4F376A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:5f:fe:ae:98:8e:7a:72:66:43:e5:0e:6c:3c:
69:8d:5d:c2:0c:85:af:ae:96:17:7e:65:ee:ce:fc:
95:8a:61:f1:cc:65:be:51:81:53:f2:8f:83:d2:0d:
c3:46:87:cd:d5:09:43:2c:44:d0:b1:a7:0c:a3:00:
d0:45:8f:cf:e8:a1:b5:d5:32:e7:06:a8:cc:54:40:
28:83:36:4b:82:a0:f8:2b:27:12:62:6b:f2:dc:4b:
1e:f4:80:7f:76:dd:e2:54:f1:31:52:30:ce:48:4b:
de:60:89:bd:d6:17:93:01:9e:61:b3:35:3d:99:d1:
0b:1d:fb:23:5a:63:e9:bd:c9:69:d1:19:5e:a2:2d:
87:25:e9:36:91:93:c6:71:a5:3e:ab:9d:f6:c8:d7:
bd:98:22:eb:4d:95:6d:b1:a7:e7:bf:0a:d4:39:f2:
a1:2f:45:39:bd:c2:18:2a:72:d4:2f:f1:10:de:5b:
89:5c:83:e4:ff:8f:4b:33:23:9b:39:ed:df:6b:ba:
4a:5a:3a:3f:78:2e:a0:23:89:89:75:b2:9f:f7:c4:
20:c8:23:3c:1b:d8:20:56:5e:d5:8a:7f:86:17:b4:
10:47:4e:fc:09:28:94:59:04:db:8b:47:87:de:e6:
c0:a8:bc:db:9b:38:99:c6:f7:19:0d:76:45:3a:0e:
ff:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:C7:34:7D:7D:7C:D3:7E:1F:F4:20:23:A1:5A:BD:9B:E4:F3:76:A3
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.18.0/24
45.137.29.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:31:71:7e:54:8b:c5:16:06:1d:b0:14:8f:77:a0:66:55:fa:
94:a6:8a:fb:86:93:a5:d1:72:94:de:2f:99:e6:24:f4:d6:de:
39:14:c8:8b:f5:4c:61:dd:f0:90:e6:4a:ac:d2:f9:55:98:31:
b6:c5:1c:ca:44:03:2f:97:05:6f:9f:d1:b6:c3:ad:8a:8d:ed:
95:12:35:b3:2a:ee:c2:14:ad:5c:0e:e2:8c:78:ce:79:fa:a6:
a3:25:31:b8:08:f5:39:1d:f4:11:14:a1:9a:bc:88:c7:82:e0:
c6:84:66:f2:ef:34:94:71:6f:d8:8c:bc:50:9f:33:85:a1:b6:
a4:0d:67:70:e2:10:57:17:15:88:39:18:fd:24:c1:41:6b:1c:
da:56:3a:8e:98:23:88:d9:fe:79:f9:a1:7e:0e:d8:1e:ec:b6:
17:d9:cb:14:87:6a:fe:1a:f7:db:f2:d9:20:1c:b9:ce:cb:0c:
20:18:be:ea:d6:a6:8c:3b:ee:bd:61:83:b0:23:c6:b1:51:fb:
5e:73:5b:74:6c:92:8e:40:b0:16:9c:85:76:5a:db:f8:ce:80:
d6:06:63:27:b3:c3:2a:50:24:b3:8e:da:19:27:88:cb:e2:0a:
7d:f2:d7:d6:9e:4c:5c:f8:ae:11:65:5b:d5:58:fe:1c:18:fa:
1c:35:2f:7e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIURDDLbrCUv2NjpmhGOI46KfGq2AMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAzMTMyMDA1MTRaFw0yNTAzMTIyMDEwMTRaMDMxMTAvBgNV
BAMTKEEzQzczNDdEN0Q3Q0QzN0UxRkY0MjAyM0ExNUFCRDlCRTRGMzc2QTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwX/6umI56cmZD5Q5sPGmNXcIM
ha+ulhd+Ze7O/JWKYfHMZb5RgVPyj4PSDcNGh83VCUMsRNCxpwyjANBFj8/oobXV
MucGqMxUQCiDNkuCoPgrJxJia/LcSx70gH923eJU8TFSMM5IS95gib3WF5MBnmGz
NT2Z0Qsd+yNaY+m9yWnRGV6iLYcl6TaRk8ZxpT6rnfbI172YIutNlW2xp+e/CtQ5
8qEvRTm9whgqctQv8RDeW4lcg+T/j0szI5s57d9rukpaOj94LqAjiYl1sp/3xCDI
Izwb2CBWXtWKf4YXtBBHTvwJKJRZBNuLR4fe5sCovNubOJnG9xkNdkU6Dv+LAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUo8c0fX18034f9CAjoVq9m+TzdqMwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAACORID
BAAtiR0wDQYJKoZIhvcNAQELBQADggEBAJ0xcX5Ui8UWBh2wFI93oGZV+pSmivuG
k6XRcpTeL5nmJPTW3jkUyIv1TGHd8JDmSqzS+VWYMbbFHMpEAy+XBW+f0bbDrYqN
7ZUSNbMq7sIUrVwO4ox4znn6pqMlMbgI9Tkd9BEUoZq8iMeC4MaEZvLvNJRxb9iM
vFCfM4WhtqQNZ3DiEFcXFYg5GP0kwUFrHNpWOo6YI4jZ/nn5oX4O2B7sthfZyxSH
av4a99vy2SAcuc7LDCAYvurWpow77r1hg7AjxrFR+15zW3Rsko5AsBachXZa2/jO
gNYGYyezwypQJLOO2hkniMviCn3y19aeTFz4rhFlW9VY/hwY+hw1L34=
-----END CERTIFICATE-----
Generated at Thu May 9 19:13:37 2024 by rpki-client on console-ams.rpki-client.org