Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS200131.roa
File: AS200131.roa (raw, json)
Hash identifier: FvHgTE8a7v3eqQmRS0FFyPYbh1renYiTiYYNeNlC62A=
Subject key identifier: 06:08:D1:44:C1:F5:35:D5:0D:98:28:B1:58:7A:8A:C6:CD:B7:E1:0E
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 391BA84BB7FC5EDB1B2CCB45826C804F659CE55A
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS200131.roa
Signing time: Thu 20 Jul 2023 00:00:16 +0000
ROA not before: Wed 19 Jul 2023 23:55:16 +0000
ROA not after: Thu 18 Jul 2024 00:00:16 +0000
asID: 200131
IP address blocks: 185.135.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:1b:a8:4b:b7:fc:5e:db:1b:2c:cb:45:82:6c:80:4f:65:9c:e5:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jul 19 23:55:16 2023 GMT
Not After : Jul 18 00:00:16 2024 GMT
Subject: CN=0608D144C1F535D50D9828B1587A8AC6CDB7E10E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:29:27:fe:9f:57:5a:78:32:df:74:d0:d9:4e:
5f:23:c6:c3:73:c1:ac:1b:17:a6:ce:39:e0:06:1d:
c6:0d:a1:1c:86:78:d1:07:85:da:eb:db:1f:64:89:
b4:ea:0b:5f:54:f3:9b:ad:aa:63:7d:93:e2:8a:4a:
15:17:c7:28:20:5e:bc:01:c3:c7:02:d5:45:ce:05:
8b:4d:e7:2f:5d:59:75:1e:8a:14:3c:15:7f:1c:79:
f7:69:cc:37:6c:75:77:ba:33:13:75:9c:0f:96:86:
9f:e1:9d:65:7c:11:8b:c0:e9:e2:43:fd:ab:bc:94:
a5:a8:cd:ff:37:b8:3a:74:63:53:10:3b:a1:25:79:
e5:06:09:2e:b8:81:17:1c:9e:4a:b1:e8:6f:9d:ad:
20:92:0e:5e:d5:e3:dd:64:3a:7e:ab:f8:07:0b:a9:
f6:44:c7:3a:cf:d6:4d:e0:06:fa:1f:4d:bd:42:42:
88:8c:21:e1:85:12:31:30:e2:05:fb:9d:64:41:d0:
8c:85:7d:86:8a:01:43:8d:d9:bc:8e:5c:52:00:bd:
69:04:74:38:6f:4a:a7:05:d2:6b:e8:c5:a7:78:06:
d5:8a:b7:5e:f9:99:36:43:7d:1a:b5:e7:33:a4:16:
95:f1:50:aa:02:dd:26:e6:ff:78:f0:df:89:9a:db:
4f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:08:D1:44:C1:F5:35:D5:0D:98:28:B1:58:7A:8A:C6:CD:B7:E1:0E
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS200131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.157.0/24
Signature Algorithm: sha256WithRSAEncryption
93:20:36:4c:b5:b0:a3:51:8f:20:ad:b0:39:a6:d4:f5:e8:19:
1f:f4:f0:50:31:6c:fd:06:f6:16:40:f4:89:c6:b1:a7:e3:a5:
5b:15:10:3e:5c:85:3e:ad:c4:70:e4:0f:a2:72:f8:6e:d1:e6:
46:ae:80:9c:79:d7:ee:f7:00:94:12:8b:82:2d:f7:23:b2:94:
38:d4:c1:89:8b:5a:f2:95:0b:7a:a4:2e:9c:e4:10:c1:d4:3a:
da:14:d0:d6:99:5a:fb:5f:95:8f:af:07:7c:2f:23:3f:27:11:
f9:10:65:4c:46:c9:dd:a0:98:f3:a2:05:55:01:d6:c9:6d:d2:
2b:44:d2:9c:52:7d:36:44:24:4a:6e:61:d0:f6:9d:e3:dd:4f:
b3:d2:ec:76:b6:91:fe:15:36:61:c1:a0:6a:93:f6:8f:10:79:
fd:ce:87:a9:9f:1d:58:c7:27:f1:97:87:47:5d:a3:0f:82:08:
da:32:bb:b5:18:50:5b:96:d9:1f:06:1b:43:f3:b9:77:92:53:
b5:fe:ab:03:1e:e6:cc:cf:43:72:d5:b5:50:83:73:21:90:a9:
5a:e0:20:72:24:aa:3f:f5:c2:2a:df:a1:c0:da:7b:25:06:ca:
2e:fa:cf:dc:1f:e0:d1:51:c7:43:57:d0:56:7d:3b:1f:8f:92:
ea:cf:a4:c0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUORuoS7f8XtsbLMtFgmyAT2Wc5VowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzA3MTkyMzU1MTZaFw0yNDA3MTgwMDAwMTZaMDMxMTAvBgNV
BAMTKDA2MDhEMTQ0QzFGNTM1RDUwRDk4MjhCMTU4N0E4QUM2Q0RCN0UxMEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXKSf+n1daeDLfdNDZTl8jxsNz
wawbF6bOOeAGHcYNoRyGeNEHhdrr2x9kibTqC19U85utqmN9k+KKShUXxyggXrwB
w8cC1UXOBYtN5y9dWXUeihQ8FX8cefdpzDdsdXe6MxN1nA+Whp/hnWV8EYvA6eJD
/au8lKWozf83uDp0Y1MQO6EleeUGCS64gRccnkqx6G+drSCSDl7V491kOn6r+AcL
qfZExzrP1k3gBvofTb1CQoiMIeGFEjEw4gX7nWRB0IyFfYaKAUON2byOXFIAvWkE
dDhvSqcF0mvoxad4BtWKt175mTZDfRq15zOkFpXxUKoC3Sbm/3jw34ma208jAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUBgjRRMH1NdUNmCixWHqKxs234Q4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjAwMTMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYed
MA0GCSqGSIb3DQEBCwUAA4IBAQCTIDZMtbCjUY8grbA5ptT16Bkf9PBQMWz9BvYW
QPSJxrGn46VbFRA+XIU+rcRw5A+icvhu0eZGroCcedfu9wCUEouCLfcjspQ41MGJ
i1rylQt6pC6c5BDB1DraFNDWmVr7X5WPrwd8LyM/JxH5EGVMRsndoJjzogVVAdbJ
bdIrRNKcUn02RCRKbmHQ9p3j3U+z0ux2tpH+FTZhwaBqk/aPEHn9zoepnx1Yxyfx
l4dHXaMPggjaMru1GFBbltkfBhtD87l3klO1/qsDHubMz0Ny1bVQg3MhkKla4CBy
JKo/9cIq36HA2nslBsou+s/cH+DRUcdDV9BWfTsfj5Lqz6TA
-----END CERTIFICATE-----
Generated at Thu May 9 19:13:37 2024 by rpki-client on console-ams.rpki-client.org