Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS200019.roa
File: AS200019.roa (raw, json)
Hash identifier: 5t1j8LqiRFP38dtrOFYZ+J/BqmSEgC9b0o0IyV00ImQ=
Subject key identifier: 4F:FA:73:65:90:91:E3:34:9D:6B:FE:3C:48:B3:8A:F2:C6:C7:6B:B1
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3F1E2F926FDF34E91D32EC04ED39DEC76A555EF0
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS200019.roa
Signing time: Fri 17 May 2024 00:01:58 +0000
ROA not before: Thu 16 May 2024 23:56:58 +0000
ROA not after: Fri 16 May 2025 00:01:58 +0000
asID: 200019
IP address blocks: 181.215.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:1e:2f:92:6f:df:34:e9:1d:32:ec:04:ed:39:de:c7:6a:55:5e:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 16 23:56:58 2024 GMT
Not After : May 16 00:01:58 2025 GMT
Subject: CN=4FFA73659091E3349D6BFE3C48B38AF2C6C76BB1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3d:82:22:a9:94:c7:ea:32:0d:87:eb:c2:da:
9b:c9:fc:e5:b2:7b:5a:52:3a:2e:7f:1a:9e:97:5d:
de:d0:ec:25:35:3d:2e:56:9c:1c:f3:07:66:14:b3:
26:61:2c:38:a7:f1:5b:61:60:8a:55:c2:cd:96:ce:
9d:a9:df:6d:db:5e:a5:86:d1:05:0e:48:9a:24:63:
18:69:d7:c3:c7:2f:f4:bc:0d:b5:d1:43:75:ea:a7:
66:37:41:de:ea:a3:6c:5f:14:1f:b2:06:45:c4:52:
7a:9d:e0:5a:b7:27:f9:6f:af:3d:d9:9c:c6:b6:f8:
35:ec:48:fa:a4:8a:06:ef:cf:f0:9e:1c:91:f2:c6:
db:d0:e8:5b:62:60:c9:48:78:12:e6:c3:27:93:f2:
e0:61:9e:dd:0b:54:b5:f9:2a:65:c1:2f:eb:bd:ff:
77:6e:4d:7a:1d:c7:0d:08:db:49:07:31:4b:9f:39:
9a:90:38:07:3f:52:45:85:54:a3:c2:fb:8f:c1:3c:
e8:53:73:f9:d2:d2:bd:1a:cd:eb:48:a3:39:47:10:
1c:2e:5a:2c:3d:59:1a:3c:6b:66:70:d8:30:f4:c5:
1c:7b:10:fb:c0:bb:9c:a5:47:22:ed:02:d5:b6:1a:
01:3d:21:f5:9f:ef:2e:49:cb:5e:c5:1e:b2:85:af:
ea:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:FA:73:65:90:91:E3:34:9D:6B:FE:3C:48:B3:8A:F2:C6:C7:6B:B1
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS200019.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.215.170.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:22:0c:e3:76:a0:8b:91:0c:c1:45:3d:86:f3:ff:92:f1:69:
e2:2b:37:81:cf:84:10:1c:9f:65:f1:77:17:77:e5:e1:0d:1f:
cb:0f:e7:c1:65:b9:c4:62:27:8a:37:57:53:5c:1e:f2:e9:5b:
11:6a:7c:63:c3:fc:ec:85:1c:c1:67:d4:34:c3:27:1d:f4:a8:
f2:19:16:37:c9:28:b1:e3:ce:69:5a:a3:1d:a4:a2:05:06:34:
0d:48:4c:bd:0e:db:39:5b:c9:a9:84:82:55:dc:f0:65:4e:bd:
a8:d3:f6:a7:84:d1:b7:7a:8e:94:bc:ee:eb:7c:57:cb:79:bd:
65:a5:73:dc:ff:2f:95:8a:ed:80:e9:7e:63:b0:4c:36:59:c9:
d9:40:77:9e:88:2d:3c:79:f0:bc:f9:52:94:c5:6f:1a:ae:77:
a9:ee:13:60:28:7a:77:e7:a3:7a:0e:aa:87:f8:84:ee:9f:e8:
2f:f7:d3:04:da:3b:ab:87:08:3b:58:2c:89:9b:60:d2:36:96:
44:6f:01:b6:85:04:0b:27:9b:19:b4:1c:7f:d7:5e:8f:2f:67:
c5:5c:65:8a:d6:b4:2a:d0:eb:e5:fe:c4:01:07:4c:cd:04:ec:
2e:dc:ca:6f:6b:54:67:d1:89:92:b5:36:a9:c8:b4:2c:c7:66:
e4:04:af:71
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUPx4vkm/fNOkdMuwE7Tnex2pVXvAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA1MTYyMzU2NThaFw0yNTA1MTYwMDAxNThaMDMxMTAvBgNV
BAMTKDRGRkE3MzY1OTA5MUUzMzQ5RDZCRkUzQzQ4QjM4QUYyQzZDNzZCQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsPYIiqZTH6jINh+vC2pvJ/OWy
e1pSOi5/Gp6XXd7Q7CU1PS5WnBzzB2YUsyZhLDin8VthYIpVws2Wzp2p323bXqWG
0QUOSJokYxhp18PHL/S8DbXRQ3Xqp2Y3Qd7qo2xfFB+yBkXEUnqd4Fq3J/lvrz3Z
nMa2+DXsSPqkigbvz/CeHJHyxtvQ6FtiYMlIeBLmwyeT8uBhnt0LVLX5KmXBL+u9
/3duTXodxw0I20kHMUufOZqQOAc/UkWFVKPC+4/BPOhTc/nS0r0azetIozlHEBwu
Wiw9WRo8a2Zw2DD0xRx7EPvAu5ylRyLtAtW2GgE9IfWf7y5Jy17FHrKFr+q7AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUT/pzZZCR4zSda/48SLOK8sbHa7EwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjAwMDE5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtdeq
MA0GCSqGSIb3DQEBCwUAA4IBAQBqIgzjdqCLkQzBRT2G8/+S8WniKzeBz4QQHJ9l
8XcXd+XhDR/LD+fBZbnEYieKN1dTXB7y6VsRanxjw/zshRzBZ9Q0wycd9KjyGRY3
ySix485pWqMdpKIFBjQNSEy9Dts5W8mphIJV3PBlTr2o0/anhNG3eo6UvO7rfFfL
eb1lpXPc/y+Viu2A6X5jsEw2WcnZQHeeiC08efC8+VKUxW8arnep7hNgKHp356N6
DqqH+ITun+gv99ME2jurhwg7WCyJm2DSNpZEbwG2hQQLJ5sZtBx/116PL2fFXGWK
1rQq0Ovl/sQBB0zNBOwu3Mpva1Rn0YmStTapyLQsx2bkBK9x
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:39:57 2024 by rpki-client on console-ams.rpki-client.org