Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: UItDPKf1FBr+Ph80JfWLbIaGGvIk5T1XTnhZrhgypXo=
Subject key identifier: 8B:53:0A:B3:1D:B5:02:4B:0B:57:2D:5C:6A:59:2E:2D:30:FD:BC:D4
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 4954E783898FE92551111CB688366AA963D8BEBB
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa
Signing time: Thu 18 Apr 2024 00:00:09 +0000
ROA not before: Wed 17 Apr 2024 23:55:09 +0000
ROA not after: Thu 17 Apr 2025 00:00:09 +0000
asID: 20473
IP address blocks: 181.41.196.0/24 maxlen: 24
181.41.214.0/24 maxlen: 24
181.215.70.0/24 maxlen: 24
191.96.58.0/24 maxlen: 24
191.96.64.0/24 maxlen: 24
191.101.20.0/24 maxlen: 24
191.101.58.0/24 maxlen: 24
191.101.82.0/24 maxlen: 24
191.101.111.0/24 maxlen: 24
2a0b:500::/32 maxlen: 48
2a0b:501::/32 maxlen: 48
2a0b:502::/32 maxlen: 48
2a0b:503::/32 maxlen: 48
2a0b:504::/32 maxlen: 48
2a0b:505::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:54:e7:83:89:8f:e9:25:51:11:1c:b6:88:36:6a:a9:63:d8:be:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 17 23:55:09 2024 GMT
Not After : Apr 17 00:00:09 2025 GMT
Subject: CN=8B530AB31DB5024B0B572D5C6A592E2D30FDBCD4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8e:c4:0b:09:21:29:bf:00:a6:c8:b6:6d:a1:
ff:e0:8b:78:cb:ed:06:90:b8:7f:4e:df:0c:c5:17:
e2:6b:60:c5:b0:fe:e7:99:05:2e:bb:8e:48:df:64:
82:96:bb:e0:fd:f6:9c:3b:9d:93:76:3f:7b:6b:99:
43:6e:23:25:c4:c6:0f:88:4d:b4:92:2a:dc:d2:28:
73:d2:b2:8f:b6:1f:72:57:d5:c3:32:8d:50:63:b2:
47:ac:6c:fa:56:f1:05:a0:af:8b:9a:ca:33:6a:c1:
51:db:6f:21:4a:6f:61:6a:0a:29:ee:68:52:6e:43:
d7:7f:ab:c0:21:d6:ef:b4:6d:a8:1e:6b:93:35:cb:
ad:81:4a:5f:56:12:c3:34:e2:89:1f:0d:89:27:da:
0f:f5:a9:47:36:33:54:10:a9:f0:4b:26:d1:3a:19:
3c:56:f1:62:5c:39:5c:fc:a7:ad:72:3d:b2:24:45:
80:78:60:76:22:29:0d:17:55:02:6c:b5:85:1f:19:
5b:0f:7a:7d:08:ad:c4:d9:38:ed:d7:85:93:b2:7e:
e9:8f:1e:3f:8f:d2:e3:78:52:44:21:50:51:03:54:
10:5f:34:d6:8f:07:a2:f6:2c:5b:60:96:67:d0:7f:
49:92:9c:60:a3:c6:c9:e3:13:9e:af:03:50:da:13:
b8:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:53:0A:B3:1D:B5:02:4B:0B:57:2D:5C:6A:59:2E:2D:30:FD:BC:D4
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.41.196.0/24
181.41.214.0/24
181.215.70.0/24
191.96.58.0/24
191.96.64.0/24
191.101.20.0/24
191.101.58.0/24
191.101.82.0/24
191.101.111.0/24
IPv6:
2a0b:500::-2a0b:505:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ab:a4:0b:13:54:af:b2:69:be:42:78:1b:c9:76:6e:af:77:27:
c7:60:e8:3a:43:ce:89:c5:86:f2:cd:f5:5a:be:23:20:22:88:
bc:1b:73:89:e5:9e:c0:f5:55:02:91:69:04:c4:56:fd:92:f2:
3a:36:a6:1e:43:91:3f:b0:af:12:e5:d5:d3:20:cb:7c:fc:28:
6a:2f:91:a2:6f:84:f1:55:3d:5c:18:ab:d1:ac:3b:c3:47:59:
c5:fc:6f:0e:45:51:f5:de:dc:a4:83:2e:1a:e1:d9:b7:7e:fe:
5f:ec:c7:c6:4a:d1:af:42:4b:37:a5:90:2d:bf:d5:79:5f:d0:
ec:0c:e9:27:c8:aa:f6:08:22:a5:e4:0b:39:72:44:ea:ad:84:
36:08:1b:a7:11:a2:bf:64:2e:44:00:91:91:fc:30:fa:a8:70:
7a:c6:e5:fd:9f:01:70:d9:f8:e8:bb:14:38:33:64:26:f4:cf:
0d:53:94:59:77:ae:09:db:0c:3f:60:5e:72:fa:02:2d:a0:f6:
4d:d7:e2:7b:c9:83:4b:1b:85:2f:e9:c1:9e:7b:8c:44:8a:52:
c6:69:f8:68:11:ee:d1:8d:85:84:36:e8:1b:f0:10:f4:dc:39:
97:c7:5a:69:8a:25:c1:13:0c:a3:f9:0a:d4:0f:7d:f0:3e:97:
1e:7c:86:ea
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUSVTng4mP6SVRERy2iDZqqWPYvrswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA0MTcyMzU1MDlaFw0yNTA0MTcwMDAwMDlaMDMxMTAvBgNV
BAMTKDhCNTMwQUIzMURCNTAyNEIwQjU3MkQ1QzZBNTkyRTJEMzBGREJDRDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAjsQLCSEpvwCmyLZtof/gi3jL
7QaQuH9O3wzFF+JrYMWw/ueZBS67jkjfZIKWu+D99pw7nZN2P3trmUNuIyXExg+I
TbSSKtzSKHPSso+2H3JX1cMyjVBjskesbPpW8QWgr4uayjNqwVHbbyFKb2FqCinu
aFJuQ9d/q8Ah1u+0bagea5M1y62BSl9WEsM04okfDYkn2g/1qUc2M1QQqfBLJtE6
GTxW8WJcOVz8p61yPbIkRYB4YHYiKQ0XVQJstYUfGVsPen0IrcTZOO3XhZOyfumP
Hj+P0uN4UkQhUFEDVBBfNNaPB6L2LFtglmfQf0mSnGCjxsnjE56vA1DaE7g7AgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUi1MKsx21AksLVy1calkuLTD9vNQwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwZgYIKwYBBQUHAQcBAf8EVzBVMDwEAgABMDYDBAC1KcQD
BAC1KdYDBAC110YDBAC/YDoDBAC/YEADBAC/ZRQDBAC/ZToDBAC/ZVIDBAC/ZW8w
FQQCAAIwDzANAwQAKgsFAwUBKgsFBDANBgkqhkiG9w0BAQsFAAOCAQEAq6QLE1Sv
smm+QngbyXZur3cnx2DoOkPOicWG8s31Wr4jICKIvBtzieWewPVVApFpBMRW/ZLy
OjamHkORP7CvEuXV0yDLfPwoai+Rom+E8VU9XBir0aw7w0dZxfxvDkVR9d7cpIMu
GuHZt37+X+zHxkrRr0JLN6WQLb/VeV/Q7AzpJ8iq9ggipeQLOXJE6q2ENggbpxGi
v2QuRACRkfww+qhwesbl/Z8BcNn46LsUODNkJvTPDVOUWXeuCdsMP2BecvoCLaD2
Tdfie8mDSxuFL+nBnnuMRIpSxmn4aBHu0Y2FhDboG/AQ9Nw5l8daaYolwRMMo/kK
1A998D6XHnyG6g==
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:05:06 2024 by rpki-client on console-fra.rpki-client.org