Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS200017.roa
File: AS200017.roa (raw, json)
Hash identifier: c41SN80IG2rCk2b/rN8QVHMZhiVjig2DkllJdeWIQo0=
Subject key identifier: 64:A2:F6:AA:9E:E9:30:18:1E:4D:1D:16:3F:C2:64:5B:67:44:EE:F3
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3E20BDC328E4B070010215F6D94E66EA3FBE998A
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS200017.roa
Signing time: Wed 05 Jun 2024 11:07:00 +0000
ROA not before: Wed 05 Jun 2024 11:02:00 +0000
ROA not after: Wed 04 Jun 2025 11:07:00 +0000
asID: 200017
IP address blocks: 5.45.39.0/24 maxlen: 24
181.215.26.0/24 maxlen: 24
185.170.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:20:bd:c3:28:e4:b0:70:01:02:15:f6:d9:4e:66:ea:3f:be:99:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 5 11:02:00 2024 GMT
Not After : Jun 4 11:07:00 2025 GMT
Subject: CN=64A2F6AA9EE930181E4D1D163FC2645B6744EEF3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:75:63:00:4d:5a:b8:15:15:89:ea:73:c8:d0:
e3:6f:1c:c5:5a:ee:9e:e0:11:81:07:9c:52:6a:98:
94:08:69:e4:34:98:ef:36:3e:eb:aa:00:42:69:a4:
66:4d:5e:be:81:22:9e:43:2d:88:9d:fb:ff:c2:63:
56:60:ed:92:89:65:5b:33:ec:d8:f3:a9:9f:3b:be:
26:ab:c5:7f:24:e8:82:60:4c:a0:48:2f:ac:06:52:
f4:05:eb:03:42:a6:c1:f6:97:0f:b3:66:15:4b:e9:
a7:65:0a:46:1c:c1:1a:d9:34:12:57:46:a0:dc:9a:
4e:66:a3:dd:b1:53:b7:8a:5d:20:00:d8:e4:cb:19:
55:30:d0:4e:d0:a8:26:7c:92:23:13:ec:ca:6e:21:
92:f6:6d:8f:eb:1b:7b:f0:e2:96:6f:b1:69:25:37:
bf:a8:84:2b:ec:45:8c:18:b8:f0:df:18:1d:3a:bc:
f6:54:2a:46:f6:48:d0:b9:b5:65:e0:39:4d:ce:8f:
31:fb:ff:35:db:61:f2:90:93:96:a0:41:bf:ed:f9:
30:cf:7b:fa:e5:2e:e0:6e:78:c8:19:f4:68:21:e5:
5f:bd:70:c4:39:24:b4:ab:9b:1f:c5:94:e7:40:1c:
20:51:97:5a:81:ac:68:03:fd:3d:13:ed:24:02:48:
de:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:A2:F6:AA:9E:E9:30:18:1E:4D:1D:16:3F:C2:64:5B:67:44:EE:F3
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS200017.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.39.0/24
181.215.26.0/24
185.170.41.0/24
Signature Algorithm: sha256WithRSAEncryption
53:e9:7c:e7:ce:66:ea:19:3a:61:1b:a2:4d:ba:85:db:fe:ad:
fe:36:ef:e2:8b:f4:7e:a2:90:88:b7:a1:88:76:da:30:02:a3:
ef:56:10:6e:3e:ec:4c:aa:e3:d7:2e:96:bc:fe:a4:f8:93:94:
24:69:7b:1c:cc:f5:9f:9e:ee:e9:1e:09:f5:6c:c1:dd:6f:dc:
8e:da:f3:38:4b:da:be:bd:d8:94:1e:55:4a:74:21:8a:fe:37:
83:73:05:ba:8d:a0:7b:8a:9f:5c:fd:9b:75:d2:4c:a8:79:d3:
c6:4a:1b:36:26:8e:44:03:58:26:44:4b:52:bb:50:cb:b2:3a:
c7:9f:f2:40:a2:b5:b8:40:49:c8:f5:89:8c:59:4a:9c:5c:99:
8e:15:a3:29:90:cd:13:e2:5e:07:ab:88:1a:73:94:a2:e9:6d:
92:ee:a1:7e:82:37:d7:eb:e5:3c:ed:f5:cd:98:1e:da:c0:06:
91:70:97:78:1a:c0:02:0e:72:5e:6d:39:93:05:e0:18:42:db:
f4:6b:94:8b:37:0a:1a:6b:6c:a4:84:eb:9f:3f:b1:ec:6e:ef:
5e:99:5e:c9:68:e3:fd:87:24:ab:46:b9:c0:e5:c9:8d:6e:9e:
bd:f0:6d:83:38:6a:59:68:b4:08:fd:85:ae:b0:82:0b:07:ae:
52:98:70:71
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUPiC9wyjksHABAhX22U5m6j++mYowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA2MDUxMTAyMDBaFw0yNTA2MDQxMTA3MDBaMDMxMTAvBgNV
BAMTKDY0QTJGNkFBOUVFOTMwMTgxRTREMUQxNjNGQzI2NDVCNjc0NEVFRjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/dWMATVq4FRWJ6nPI0ONvHMVa
7p7gEYEHnFJqmJQIaeQ0mO82PuuqAEJppGZNXr6BIp5DLYid+//CY1Zg7ZKJZVsz
7NjzqZ87viarxX8k6IJgTKBIL6wGUvQF6wNCpsH2lw+zZhVL6adlCkYcwRrZNBJX
RqDcmk5mo92xU7eKXSAA2OTLGVUw0E7QqCZ8kiMT7MpuIZL2bY/rG3vw4pZvsWkl
N7+ohCvsRYwYuPDfGB06vPZUKkb2SNC5tWXgOU3OjzH7/zXbYfKQk5agQb/t+TDP
e/rlLuBueMgZ9Ggh5V+9cMQ5JLSrmx/FlOdAHCBRl1qBrGgD/T0T7SQCSN7VAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUZKL2qp7pMBgeTR0WP8JkW2dE7vMwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjAwMDE3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABS0n
AwQAtdcaAwQAuaopMA0GCSqGSIb3DQEBCwUAA4IBAQBT6XznzmbqGTphG6JNuoXb
/q3+Nu/ii/R+opCIt6GIdtowAqPvVhBuPuxMquPXLpa8/qT4k5QkaXsczPWfnu7p
Hgn1bMHdb9yO2vM4S9q+vdiUHlVKdCGK/jeDcwW6jaB7ip9c/Zt10kyoedPGShs2
Jo5EA1gmREtSu1DLsjrHn/JAorW4QEnI9YmMWUqcXJmOFaMpkM0T4l4Hq4gac5Si
6W2S7qF+gjfX6+U87fXNmB7awAaRcJd4GsACDnJebTmTBeAYQtv0a5SLNwoaa2yk
hOufP7Hsbu9emV7JaOP9hySrRrnA5cmNbp698G2DOGpZaLQI/YWusIILB65SmHBx
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:39:57 2024 by rpki-client on console-ams.rpki-client.org