Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20860.roa
File: AS20860.roa (raw, json)
Hash identifier: kmeyn+NrTw+8CS4oNwY+zk/bdMz95ktJhsdJRu8fMgA=
Subject key identifier: 67:7E:54:2C:61:34:EC:51:16:88:C9:23:00:61:D6:61:DC:AF:31:B8
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 029ECB1D9CCDB0431E99E2D3DCCFA5932D0290C4
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20860.roa
Signing time: Tue 01 Oct 2024 14:53:19 +0000
ROA not before: Tue 01 Oct 2024 14:48:19 +0000
ROA not after: Tue 30 Sep 2025 14:53:19 +0000
asID: 20860
IP address blocks: 5.252.81.0/24 maxlen: 24
179.61.169.0/24 maxlen: 24
181.214.140.0/24 maxlen: 24
191.96.208.0/24 maxlen: 24
194.53.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:9e:cb:1d:9c:cd:b0:43:1e:99:e2:d3:dc:cf:a5:93:2d:02:90:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 1 14:48:19 2024 GMT
Not After : Sep 30 14:53:19 2025 GMT
Subject: CN=677E542C6134EC511688C9230061D661DCAF31B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fd:49:f8:77:1c:92:2d:8e:52:11:f6:13:df:
b2:3e:96:94:ec:11:88:e0:4c:ff:d3:dd:8e:87:7c:
65:2e:f1:bb:98:c9:d4:38:53:2e:85:2c:e8:f8:83:
1d:9a:a3:01:89:f5:42:41:98:1c:81:05:74:ae:89:
61:14:55:1a:88:a5:7c:29:a3:8e:ea:d7:c0:4c:60:
f0:a0:ec:95:58:45:09:cd:b1:34:e5:75:a3:e0:cf:
e4:1c:46:ce:34:20:bc:fd:d7:5c:98:99:f9:b3:a1:
ea:3c:b0:4d:fb:5a:de:5c:a1:20:45:20:b1:f9:66:
08:3d:29:73:b6:13:fb:8c:01:43:00:3d:6d:08:71:
8c:b9:c4:88:28:3b:f1:be:2a:e6:77:50:f5:f6:8d:
d0:d5:a2:ce:f0:2e:8e:e0:cb:9b:84:89:d6:2b:0f:
44:1f:1d:40:fb:82:72:04:3e:63:e4:96:e3:81:ce:
64:3e:cd:e6:d8:ec:4d:69:06:c7:5e:fe:27:8f:80:
98:01:5c:ee:7e:bd:6b:14:b7:7d:94:7e:f1:43:5a:
05:af:2b:c8:c2:c1:36:bf:5e:86:36:36:4d:e2:9b:
c2:06:21:8b:1d:fc:64:f1:3e:c3:cd:ea:19:d3:9d:
0e:ff:7a:5b:b2:c6:0f:4d:3a:46:bb:5d:b0:06:d2:
01:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:7E:54:2C:61:34:EC:51:16:88:C9:23:00:61:D6:61:DC:AF:31:B8
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20860.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.81.0/24
179.61.169.0/24
181.214.140.0/24
191.96.208.0/24
194.53.143.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:23:43:db:a8:aa:e2:98:a5:1f:27:de:ab:a8:38:a6:56:15:
6b:2a:fa:66:c6:1e:d2:97:1d:7d:c1:6b:a5:f6:35:a4:a1:99:
6e:ac:94:f2:33:42:72:30:5d:b7:5b:9b:ba:d3:ec:ad:2e:eb:
15:e4:ab:09:7c:da:54:2f:e1:d9:53:a0:b7:82:fb:bc:60:92:
c9:8f:6f:14:30:98:16:36:b3:ed:95:6c:e7:9c:72:5d:23:5e:
23:da:a9:e8:ef:2b:67:0f:e5:6d:08:77:8c:9b:ba:bf:7f:b1:
d9:c1:82:a6:c8:58:aa:90:ef:38:68:c4:cf:72:ab:cd:32:a1:
9d:5e:4a:0b:fa:42:05:34:93:5b:46:ae:1a:02:27:5a:dc:bc:
41:1d:eb:29:cb:30:35:53:0f:8b:bb:05:19:ed:3c:26:13:d3:
58:00:a5:13:e4:1f:65:f7:35:34:de:78:fb:60:11:44:7e:b5:
62:ad:b3:34:fa:4d:38:6a:27:41:73:3f:b6:79:97:76:e8:4c:
59:d3:aa:88:f2:45:ab:25:ee:d0:3f:2d:d6:b0:09:3f:23:1a:
e1:23:f0:e4:12:94:2f:f5:ac:9b:9f:10:c2:82:43:4b:bb:3b:
5c:f3:a4:97:40:4e:69:da:d7:30:a8:06:4b:bd:f7:c3:75:1a:
f8:21:cc:f2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUAp7LHZzNsEMemeLT3M+lky0CkMQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDEwMDExNDQ4MTlaFw0yNTA5MzAxNDUzMTlaMDMxMTAvBgNV
BAMTKDY3N0U1NDJDNjEzNEVDNTExNjg4QzkyMzAwNjFENjYxRENBRjMxQjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ/Un4dxySLY5SEfYT37I+lpTs
EYjgTP/T3Y6HfGUu8buYydQ4Uy6FLOj4gx2aowGJ9UJBmByBBXSuiWEUVRqIpXwp
o47q18BMYPCg7JVYRQnNsTTldaPgz+QcRs40ILz911yYmfmzoeo8sE37Wt5coSBF
ILH5Zgg9KXO2E/uMAUMAPW0IcYy5xIgoO/G+KuZ3UPX2jdDVos7wLo7gy5uEidYr
D0QfHUD7gnIEPmPkluOBzmQ+zebY7E1pBsde/iePgJgBXO5+vWsUt32UfvFDWgWv
K8jCwTa/XoY2Nk3im8IGIYsd/GTxPsPN6hnTnQ7/eluyxg9NOka7XbAG0gF3AgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUZ35ULGE07FEWiMkjAGHWYdyvMbgwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA4NjAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBAAF/FED
BACzPakDBAC11owDBAC/YNADBADCNY8wDQYJKoZIhvcNAQELBQADggEBAEojQ9uo
quKYpR8n3quoOKZWFWsq+mbGHtKXHX3Ba6X2NaShmW6slPIzQnIwXbdbm7rT7K0u
6xXkqwl82lQv4dlToLeC+7xgksmPbxQwmBY2s+2VbOeccl0jXiPaqejvK2cP5W0I
d4ybur9/sdnBgqbIWKqQ7zhoxM9yq80yoZ1eSgv6QgU0k1tGrhoCJ1rcvEEd6ynL
MDVTD4u7BRntPCYT01gApRPkH2X3NTTeePtgEUR+tWKtszT6TThqJ0FzP7Z5l3bo
TFnTqojyRasl7tA/LdawCT8jGuEj8OQSlC/1rJufEMKCQ0u7O1zzpJdATmna1zCo
Bku998N1GvghzPI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:44:45 2024 by rpki-client on console-fra.rpki-client.org