Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS204914.roa
File: AS204914.roa (raw, json)
Hash identifier: 1nGxg5r3pQ7C9w0iz5Mry+GxLdVZ/oaThBevXyc8QDc=
Subject key identifier: 13:69:E5:D9:C3:A4:B7:E8:AA:BF:5F:A1:A2:8A:09:BB:91:DE:41:50
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 2AA1F026093FD47B0297F93ECEFBC30DA66D046B
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS204914.roa
Signing time: Sun 09 Jul 2023 10:19:04 +0000
ROA not before: Sun 09 Jul 2023 10:14:04 +0000
ROA not after: Sun 07 Jul 2024 10:19:04 +0000
asID: 204914
IP address blocks: 2.57.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:a1:f0:26:09:3f:d4:7b:02:97:f9:3e:ce:fb:c3:0d:a6:6d:04:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jul 9 10:14:04 2023 GMT
Not After : Jul 7 10:19:04 2024 GMT
Subject: CN=1369E5D9C3A4B7E8AABF5FA1A28A09BB91DE4150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:27:dd:58:6d:63:88:d6:dc:bb:2f:bd:98:0a:
e7:b5:da:8d:6e:ad:4b:5b:f5:a2:4d:86:82:97:05:
f3:4c:f1:28:e0:94:63:89:6a:be:c8:55:b7:f1:4f:
01:fe:05:87:23:56:ac:40:d4:68:d6:24:cf:54:7f:
75:6c:2c:f6:f1:78:8c:c1:b9:58:e2:6c:bc:26:30:
54:81:8f:d5:0a:83:37:fb:f9:00:75:b2:99:60:92:
18:3d:a2:e1:23:9e:83:f2:3d:64:bb:64:c8:d7:c0:
1a:b3:ba:15:c5:2a:05:6c:d3:32:b1:4b:73:02:20:
2e:9b:03:d4:3f:bf:7c:4d:be:3a:98:16:ed:21:34:
f5:ad:f1:b7:ba:63:4c:4d:05:3f:f9:47:ce:51:af:
10:74:d9:ca:0f:1f:fc:3c:c0:e0:be:2d:f5:2b:cb:
76:25:09:4e:59:cf:fc:cb:22:5b:a7:0c:43:2d:64:
dd:09:bb:26:90:8a:66:fb:a1:d0:31:7f:46:d6:5e:
48:40:31:82:b5:17:d3:71:c7:62:aa:05:f6:62:6d:
85:a9:c7:2a:d1:81:ba:c5:16:e5:30:1c:9d:aa:bb:
bd:0e:37:2a:f5:b5:6c:52:8b:33:0b:ff:1a:f5:3f:
e9:0f:cc:e1:fb:dc:22:6f:11:85:f1:57:dc:bb:4b:
51:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:69:E5:D9:C3:A4:B7:E8:AA:BF:5F:A1:A2:8A:09:BB:91:DE:41:50
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS204914.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.19.0/24
Signature Algorithm: sha256WithRSAEncryption
98:8c:8e:81:20:6b:fa:cf:95:30:96:e2:7f:75:f0:a8:e5:63:
47:6a:eb:2b:f7:61:d5:c9:0e:5c:3f:25:b3:41:ee:8d:f3:8c:
37:e3:c8:76:8b:f1:0b:3a:18:8d:5a:85:8c:4a:ae:45:9c:c4:
ab:b0:a0:00:b7:52:f2:d1:21:69:ee:53:11:11:37:97:49:6f:
6e:53:64:ee:54:43:42:0b:92:2c:92:51:bc:8d:3f:6a:ef:53:
e6:d8:a0:61:e4:5f:97:28:02:26:8a:08:42:0b:40:15:84:e9:
95:72:f1:43:ba:4b:e4:6c:2a:87:97:43:07:bf:0f:c8:b7:d7:
1e:03:af:bb:35:d0:bd:3c:3a:a1:0c:10:ed:0d:77:ca:72:3f:
c2:41:e1:5d:d9:a3:eb:24:5c:b6:18:d2:a8:ee:b1:1f:18:07:
c4:b6:2a:3f:08:93:0d:61:08:bc:9c:7e:99:da:b4:b6:8c:bb:
01:cc:51:71:5e:68:59:1b:33:c6:06:05:9d:98:88:e2:e5:d9:
e6:98:ae:9f:14:b0:20:b9:f6:e8:e8:ec:b5:e1:e8:29:fa:74:
3f:98:2b:4d:ef:61:3b:35:cc:fd:4a:ff:be:ea:22:cc:bc:24:
c2:06:83:5d:e0:30:eb:1b:30:3f:f9:97:35:1a:0d:28:b7:d6:
3d:3d:51:77
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUKqHwJgk/1HsCl/k+zvvDDaZtBGswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzA3MDkxMDE0MDRaFw0yNDA3MDcxMDE5MDRaMDMxMTAvBgNV
BAMTKDEzNjlFNUQ5QzNBNEI3RThBQUJGNUZBMUEyOEEwOUJCOTFERTQxNTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaJ91YbWOI1ty7L72YCue12o1u
rUtb9aJNhoKXBfNM8SjglGOJar7IVbfxTwH+BYcjVqxA1GjWJM9Uf3VsLPbxeIzB
uVjibLwmMFSBj9UKgzf7+QB1splgkhg9ouEjnoPyPWS7ZMjXwBqzuhXFKgVs0zKx
S3MCIC6bA9Q/v3xNvjqYFu0hNPWt8be6Y0xNBT/5R85RrxB02coPH/w8wOC+LfUr
y3YlCU5Zz/zLIlunDEMtZN0JuyaQimb7odAxf0bWXkhAMYK1F9Nxx2KqBfZibYWp
xyrRgbrFFuUwHJ2qu70ONyr1tWxSizML/xr1P+kPzOH73CJvEYXxV9y7S1H1AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUE2nl2cOkt+iqv1+hoooJu5HeQVAwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA0OTE0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjkT
MA0GCSqGSIb3DQEBCwUAA4IBAQCYjI6BIGv6z5UwluJ/dfCo5WNHausr92HVyQ5c
PyWzQe6N84w348h2i/ELOhiNWoWMSq5FnMSrsKAAt1Ly0SFp7lMRETeXSW9uU2Tu
VENCC5IsklG8jT9q71Pm2KBh5F+XKAImighCC0AVhOmVcvFDukvkbCqHl0MHvw/I
t9ceA6+7NdC9PDqhDBDtDXfKcj/CQeFd2aPrJFy2GNKo7rEfGAfEtio/CJMNYQi8
nH6Z2rS2jLsBzFFxXmhZGzPGBgWdmIji5dnmmK6fFLAgufbo6Oy14egp+nQ/mCtN
72E7Ncz9Sv++6iLMvCTCBoNd4DDrGzA/+Zc1Gg0ot9Y9PVF3
-----END CERTIFICATE-----
Generated at Fri May 10 02:01:22 2024 by rpki-client on console-ams.rpki-client.org