Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: y95vumN+XSNKB9wnGyskcuuy6yrUJMOQNa3QzZq5YwI=
Subject key identifier: 37:D7:F3:08:42:12:E1:33:20:CE:CC:3E:44:8C:60:F4:A0:02:19:E9
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 54416E7471E4059E553FF4F643A02DFD6C5611B0
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
Signing time: Thu 30 Jan 2025 08:25:46 +0000
ROA not before: Thu 30 Jan 2025 08:20:46 +0000
ROA not after: Thu 29 Jan 2026 08:25:46 +0000
asID: 16509
IP address blocks: 181.214.236.0/23 maxlen: 24
181.215.206.0/23 maxlen: 24
185.135.159.0/24 maxlen: 24
185.137.12.0/24 maxlen: 24
185.137.13.0/24 maxlen: 24
185.141.166.0/24 maxlen: 24
185.151.58.0/24 maxlen: 24
191.96.204.0/24 maxlen: 24
191.101.111.0/24 maxlen: 24
191.101.223.0/24 maxlen: 24
213.109.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:41:6e:74:71:e4:05:9e:55:3f:f4:f6:43:a0:2d:fd:6c:56:11:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 30 08:20:46 2025 GMT
Not After : Jan 29 08:25:46 2026 GMT
Subject: CN=37D7F3084212E13320CECC3E448C60F4A00219E9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:60:37:dc:c8:6e:5d:7b:a3:67:22:da:4d:b5:
8a:7b:0d:95:dc:a2:50:91:91:87:23:fc:88:5f:84:
16:1a:1b:55:f9:7f:51:b5:40:00:12:52:a8:33:1d:
88:9c:84:65:ad:50:71:7e:af:11:04:5a:73:91:41:
d7:f9:47:61:6a:3f:f2:44:42:b5:d8:f5:85:87:80:
5d:63:ae:fa:cf:6e:38:bd:a6:f7:cf:ad:52:7c:02:
79:53:cb:01:5e:a9:74:ec:68:e5:23:3b:f5:18:69:
cf:4d:e1:3b:06:7c:4c:2b:40:0d:6b:6b:c8:f9:56:
ad:c9:7e:85:00:06:8b:3b:dc:c3:7c:9c:64:78:04:
54:8a:92:1e:69:1a:5c:85:51:3e:e0:f8:3b:ba:11:
90:0a:25:65:37:47:72:05:49:bd:50:a0:53:ea:4d:
3a:90:18:b3:83:d7:74:41:e4:e6:cc:ac:0d:b2:ab:
7f:f5:4a:0d:a1:4e:e6:5b:7d:92:a5:85:76:f5:44:
5c:13:76:2c:db:85:9f:52:9e:e2:b8:7f:12:76:93:
5e:b5:f1:0e:6c:38:eb:55:5c:46:65:df:59:d5:40:
3a:f8:f1:7e:49:af:f0:0c:50:dd:27:4c:1d:fc:85:
8b:cd:f8:49:01:08:23:d2:7a:af:53:db:46:75:78:
0e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:D7:F3:08:42:12:E1:33:20:CE:CC:3E:44:8C:60:F4:A0:02:19:E9
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.236.0/23
181.215.206.0/23
185.135.159.0/24
185.137.12.0/23
185.141.166.0/24
185.151.58.0/24
191.96.204.0/24
191.101.111.0/24
191.101.223.0/24
213.109.169.0/24
Signature Algorithm: sha256WithRSAEncryption
68:f1:bf:4c:53:47:bb:1c:93:9a:5a:df:b0:12:44:cf:8b:34:
d4:38:16:ae:9d:1e:8a:dc:f9:03:d0:93:b7:24:52:cb:24:50:
f3:92:a3:54:2e:db:d0:25:f4:5e:71:83:a6:39:56:6e:c0:ec:
b2:6b:41:ed:4c:6f:22:2f:a4:3d:39:04:f9:7d:72:e2:0d:7f:
ab:fc:08:01:82:12:62:15:b9:05:d7:33:3a:23:88:01:64:60:
04:cc:bd:c6:97:ba:54:dc:91:97:05:23:aa:94:37:c1:ce:7f:
e2:3b:1e:8f:36:ae:56:5f:6b:35:4e:55:65:84:4d:34:96:4c:
98:df:ff:6e:aa:15:df:db:9e:b7:c7:a7:80:73:23:55:2d:31:
d0:6a:e0:a3:79:d2:bb:d3:21:9e:c6:c5:00:b2:3d:b0:31:4b:
d6:6a:d2:d6:30:a5:c0:95:c1:1f:0b:9c:d6:de:5f:11:a9:da:
85:60:6c:0c:50:57:d4:4f:56:8b:be:46:ea:61:cc:02:96:69:
d9:64:4a:26:15:04:bd:01:c7:25:25:e2:c8:11:80:6e:1e:bc:
2d:fb:33:7d:78:b7:9e:e8:7e:11:c9:d9:9f:75:03:ad:c3:db:
39:c4:e0:69:a6:60:95:f6:17:6e:b1:63:0e:1f:d8:31:61:89:
20:fe:64:46
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVEFudHHkBZ5VP/T2Q6At/WxWEbAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAxMzAwODIwNDZaFw0yNjAxMjkwODI1NDZaMDMxMTAvBgNV
BAMTKDM3RDdGMzA4NDIxMkUxMzMyMENFQ0MzRTQ0OEM2MEY0QTAwMjE5RTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaYDfcyG5de6NnItpNtYp7DZXc
olCRkYcj/IhfhBYaG1X5f1G1QAASUqgzHYichGWtUHF+rxEEWnORQdf5R2FqP/JE
QrXY9YWHgF1jrvrPbji9pvfPrVJ8AnlTywFeqXTsaOUjO/UYac9N4TsGfEwrQA1r
a8j5Vq3JfoUABos73MN8nGR4BFSKkh5pGlyFUT7g+Du6EZAKJWU3R3IFSb1QoFPq
TTqQGLOD13RB5ObMrA2yq3/1Sg2hTuZbfZKlhXb1RFwTdizbhZ9SnuK4fxJ2k161
8Q5sOOtVXEZl31nVQDr48X5Jr/AMUN0nTB38hYvN+EkBCCPSeq9T20Z1eA5DAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUN9fzCEIS4TMgzsw+RIxg9KACGekwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVQYIKwYBBQUHAQcBAf8ERjBEMEIEAgABMDwDBAG11uwD
BAG1184DBAC5h58DBAG5iQwDBAC5jaYDBAC5lzoDBAC/YMwDBAC/ZW8DBAC/Zd8D
BADVbakwDQYJKoZIhvcNAQELBQADggEBAGjxv0xTR7sck5pa37ASRM+LNNQ4Fq6d
Horc+QPQk7ckUsskUPOSo1Qu29Al9F5xg6Y5Vm7A7LJrQe1MbyIvpD05BPl9cuIN
f6v8CAGCEmIVuQXXMzojiAFkYATMvcaXulTckZcFI6qUN8HOf+I7Ho82rlZfazVO
VWWETTSWTJjf/26qFd/bnrfHp4BzI1UtMdBq4KN50rvTIZ7GxQCyPbAxS9Zq0tYw
pcCVwR8LnNbeXxGp2oVgbAxQV9RPVou+RuphzAKWadlkSiYVBL0BxyUl4sgRgG4e
vC37M314t57ofhHJ2Z91A63D2znE4GmmYJX2F26xYw4f2DFhiSD+ZEY=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:49:08 2025 by rpki-client