Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: rXj5Hu+Y8QMHrtlpht4s/lKxB0twl4VYBf5r026rouE=
Subject key identifier: 44:45:9C:C4:B4:F0:28:C8:F6:91:18:45:D0:BA:26:DA:F3:FF:86:EA
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 19BADE75FE39413A6B7E9F623AB4832A3004F919
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
Signing time: Mon 08 Apr 2024 10:40:09 +0000
ROA not before: Mon 08 Apr 2024 10:35:09 +0000
ROA not after: Mon 07 Apr 2025 10:40:09 +0000
asID: 16509
IP address blocks: 185.151.58.0/24 maxlen: 24
191.101.94.0/24 maxlen: 24
191.101.223.0/24 maxlen: 24
191.101.242.0/24 maxlen: 24
213.109.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:ba:de:75:fe:39:41:3a:6b:7e:9f:62:3a:b4:83:2a:30:04:f9:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 8 10:35:09 2024 GMT
Not After : Apr 7 10:40:09 2025 GMT
Subject: CN=44459CC4B4F028C8F6911845D0BA26DAF3FF86EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:24:a5:92:e8:82:e7:9a:37:a6:14:e3:c0:91:
42:be:c7:b0:c3:9c:34:fd:3f:9d:47:0c:ae:df:d9:
2a:a8:25:56:bd:8c:db:0e:db:ac:ae:ce:fb:0b:6c:
9c:f7:b8:91:f0:f2:33:8a:66:ba:cc:d8:b3:53:ac:
4b:c4:76:a2:11:e1:9d:ff:97:e1:bd:ba:3d:f0:b6:
35:7c:52:4c:88:ab:19:f6:7e:d6:1b:73:2b:51:0a:
e1:77:c7:a9:38:f2:2c:96:8f:95:1a:30:97:83:1d:
f4:74:8b:ae:e1:19:06:ff:e9:6b:96:18:08:58:44:
8d:b7:0c:75:f2:09:3a:ab:e3:6f:58:af:2a:46:4d:
6e:2f:8b:4b:06:9a:6f:ba:92:1e:05:21:ec:a8:3b:
9a:4e:c6:37:13:23:34:d2:c5:d9:f8:06:eb:8e:b9:
2c:83:c4:66:eb:75:c7:d8:a2:d1:40:8e:96:28:d8:
53:4f:6c:3c:b9:50:f7:05:f0:f3:e1:2f:84:b3:f4:
01:37:15:20:98:a6:5d:ee:dc:af:8a:b1:d8:0a:1e:
03:eb:93:56:be:52:0a:14:d5:83:82:22:4f:8c:9a:
aa:ca:c0:6c:61:bb:68:4d:8d:f0:14:e0:65:c6:b7:
5a:1a:4c:8f:af:25:32:c8:57:b5:5d:c3:11:90:1c:
6e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:45:9C:C4:B4:F0:28:C8:F6:91:18:45:D0:BA:26:DA:F3:FF:86:EA
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.58.0/24
191.101.94.0/24
191.101.223.0/24
191.101.242.0/24
213.109.169.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:0c:27:ef:75:00:e2:8e:db:07:f0:47:2d:42:34:19:b7:d1:
53:69:f2:a9:2c:5e:26:9f:3f:fb:bc:88:af:02:d8:be:8f:2d:
7e:83:9a:59:c5:df:96:7f:f8:c5:82:47:9f:c4:c4:8e:0b:81:
2e:62:ee:18:fa:af:3b:21:71:61:57:ec:47:06:ff:3e:3d:d1:
65:a4:79:cf:a9:6b:3f:3f:60:e3:34:9a:8d:0d:4b:32:d9:42:
a9:b9:40:04:0b:1f:d4:2b:fd:d3:09:e0:27:8d:0e:84:98:f7:
e0:3a:42:00:a7:a4:d6:b5:ef:fe:0c:1f:28:40:fd:77:50:26:
b6:63:a1:aa:d2:60:eb:7b:3b:88:e1:ed:26:fb:29:df:9e:6c:
4b:99:1a:a6:78:81:72:6f:d8:84:e4:e1:fb:6d:80:c4:08:7b:
82:1b:d0:18:97:a5:87:09:fb:78:3b:af:1c:f4:43:74:3e:1a:
0c:f1:9a:4e:1a:f2:a8:1e:6f:8f:8b:aa:85:83:f1:be:f2:09:
7f:4b:3c:8b:ab:31:9d:2e:fc:9b:5d:96:80:ef:82:6e:56:bd:
1e:2a:77:58:b3:6a:3e:ba:0d:71:d6:c8:47:28:8a:ba:eb:af:
d9:41:07:8f:9b:87:47:f9:e1:7d:98:89:63:01:83:21:f1:c0:
7f:d3:17:f6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUGbredf45QTprfp9iOrSDKjAE+RkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA0MDgxMDM1MDlaFw0yNTA0MDcxMDQwMDlaMDMxMTAvBgNV
BAMTKDQ0NDU5Q0M0QjRGMDI4QzhGNjkxMTg0NUQwQkEyNkRBRjNGRjg2RUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyJKWS6ILnmjemFOPAkUK+x7DD
nDT9P51HDK7f2SqoJVa9jNsO26yuzvsLbJz3uJHw8jOKZrrM2LNTrEvEdqIR4Z3/
l+G9uj3wtjV8UkyIqxn2ftYbcytRCuF3x6k48iyWj5UaMJeDHfR0i67hGQb/6WuW
GAhYRI23DHXyCTqr429YrypGTW4vi0sGmm+6kh4FIeyoO5pOxjcTIzTSxdn4BuuO
uSyDxGbrdcfYotFAjpYo2FNPbDy5UPcF8PPhL4Sz9AE3FSCYpl3u3K+KsdgKHgPr
k1a+UgoU1YOCIk+MmqrKwGxhu2hNjfAU4GXGt1oaTI+vJTLIV7VdwxGQHG5bAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUREWcxLTwKMj2kRhF0Lom2vP/huowHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBAC5lzoD
BAC/ZV4DBAC/Zd8DBAC/ZfIDBADVbakwDQYJKoZIhvcNAQELBQADggEBAH8MJ+91
AOKO2wfwRy1CNBm30VNp8qksXiafP/u8iK8C2L6PLX6DmlnF35Z/+MWCR5/ExI4L
gS5i7hj6rzshcWFX7EcG/z490WWkec+paz8/YOM0mo0NSzLZQqm5QAQLH9Qr/dMJ
4CeNDoSY9+A6QgCnpNa17/4MHyhA/XdQJrZjoarSYOt7O4jh7Sb7Kd+ebEuZGqZ4
gXJv2ITk4fttgMQIe4Ib0BiXpYcJ+3g7rxz0Q3Q+Ggzxmk4a8qgeb4+LqoWD8b7y
CX9LPIurMZ0u/JtdloDvgm5WvR4qd1izaj66DXHWyEcoirrrr9lBB4+bh0f54X2Y
iWMBgyHxwH/TF/Y=
-----END CERTIFICATE-----
Generated at Thu May 2 16:20:42 2024 by rpki-client on console-ams.rpki-client.org