Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20860.roa
File: AS20860.roa (raw, json)
Hash identifier: Jny0uwA5HDB1vTISrim5/7SqqlFNWit3y7Uv/trYfis=
Subject key identifier: 94:C9:70:B3:9D:05:BB:3F:2C:92:11:19:B8:3E:9D:25:E3:1B:F2:63
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5BC70C662F9687DC03B09FC51BC7781457A3F755
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20860.roa
Signing time: Mon 15 Apr 2024 10:00:39 +0000
ROA not before: Mon 15 Apr 2024 09:55:39 +0000
ROA not after: Mon 14 Apr 2025 10:00:39 +0000
asID: 20860
IP address blocks: 5.252.81.0/24 maxlen: 24
179.61.169.0/24 maxlen: 24
181.214.140.0/24 maxlen: 24
191.96.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:c7:0c:66:2f:96:87:dc:03:b0:9f:c5:1b:c7:78:14:57:a3:f7:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 15 09:55:39 2024 GMT
Not After : Apr 14 10:00:39 2025 GMT
Subject: CN=94C970B39D05BB3F2C921119B83E9D25E31BF263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:40:45:70:5d:23:7d:c0:40:d1:f9:94:4d:10:
c6:57:4d:5a:8a:83:bb:33:3c:d6:51:52:3e:ff:5e:
49:3d:b0:5a:58:46:74:21:39:19:ae:86:e6:2a:9e:
58:0c:d9:04:0d:ba:96:c8:95:53:73:c0:dc:75:cb:
47:a8:05:83:15:57:03:3e:21:0d:cf:6a:75:d9:68:
ae:7c:45:f3:c7:2a:93:6c:d8:5f:aa:2d:ca:05:2c:
d9:3b:ea:05:a7:4d:83:bc:dc:9c:29:f0:ab:12:fd:
3f:44:c9:35:45:17:df:fc:0f:80:bd:3c:dc:93:72:
08:1c:35:a6:4f:79:7f:52:ca:16:89:82:c2:15:d7:
6d:92:a6:eb:85:f7:fd:80:79:d3:a9:02:9a:4c:8c:
a4:e1:b8:7f:bd:1c:f1:fa:c2:29:fe:aa:5f:0a:11:
9a:6f:2b:91:86:c4:2e:f3:ad:b6:31:44:c2:36:16:
d7:eb:05:17:d3:10:60:a6:57:80:40:ed:ad:bb:a8:
3b:29:da:e0:d2:6b:db:28:eb:25:8e:94:91:60:31:
4a:6c:5d:30:6b:e4:95:31:2c:55:26:17:d3:66:04:
5b:01:e2:20:89:52:58:b7:9d:c6:c9:cc:b1:92:bc:
e0:23:d8:cf:fc:90:43:6f:42:ca:17:ef:a3:d4:a6:
a4:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C9:70:B3:9D:05:BB:3F:2C:92:11:19:B8:3E:9D:25:E3:1B:F2:63
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20860.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.81.0/24
179.61.169.0/24
181.214.140.0/24
191.96.208.0/24
Signature Algorithm: sha256WithRSAEncryption
07:78:42:ae:c5:33:a1:f4:30:3d:52:88:4b:bc:b2:e8:14:b8:
33:4d:e0:36:be:a5:92:85:64:30:29:a8:8a:2e:1b:ef:08:aa:
bc:91:c2:b7:cf:93:88:1c:a8:5a:7f:a1:fe:94:cc:b6:70:67:
c3:40:d0:86:ab:06:32:67:d1:28:69:75:b1:d5:44:b5:21:50:
86:5d:21:2e:dd:c7:67:4c:73:85:70:1e:db:06:fd:a8:79:f1:
f4:15:b4:40:f6:12:6d:ae:24:12:2e:16:86:d3:47:68:32:28:
ad:2a:b4:c5:e0:ca:5c:b7:cf:05:6c:6c:e2:d4:c4:80:d0:93:
a3:b3:e2:c9:02:3a:52:50:da:56:4a:16:31:c5:7c:39:55:60:
29:b7:6b:d2:5a:7e:80:c9:94:b4:53:28:de:de:a4:eb:6b:e1:
25:99:d1:12:59:9c:82:68:fd:97:58:a8:16:ac:2d:35:15:e0:
98:3b:8e:5b:bf:21:90:b9:77:ff:da:05:3d:c1:70:cc:86:a3:
87:d8:a9:41:db:5e:db:b1:05:39:5a:b9:ae:61:26:79:82:b0:
81:c8:20:4d:3b:9b:15:68:7f:75:fd:50:d6:ab:f5:c7:87:d4:
35:45:5e:b1:2e:ba:e7:83:0e:6d:23:2a:6e:56:71:56:3b:2e:
cc:90:98:63
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUW8cMZi+Wh9wDsJ/FG8d4FFej91UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA0MTUwOTU1MzlaFw0yNTA0MTQxMDAwMzlaMDMxMTAvBgNV
BAMTKDk0Qzk3MEIzOUQwNUJCM0YyQzkyMTExOUI4M0U5RDI1RTMxQkYyNjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSQEVwXSN9wEDR+ZRNEMZXTVqK
g7szPNZRUj7/Xkk9sFpYRnQhORmuhuYqnlgM2QQNupbIlVNzwNx1y0eoBYMVVwM+
IQ3PanXZaK58RfPHKpNs2F+qLcoFLNk76gWnTYO83Jwp8KsS/T9EyTVFF9/8D4C9
PNyTcggcNaZPeX9SyhaJgsIV122SpuuF9/2AedOpAppMjKThuH+9HPH6win+ql8K
EZpvK5GGxC7zrbYxRMI2FtfrBRfTEGCmV4BA7a27qDsp2uDSa9so6yWOlJFgMUps
XTBr5JUxLFUmF9NmBFsB4iCJUli3ncbJzLGSvOAj2M/8kENvQsoX76PUpqRlAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUlMlws50Fuz8skhEZuD6dJeMb8mMwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA4NjAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAAF/FED
BACzPakDBAC11owDBAC/YNAwDQYJKoZIhvcNAQELBQADggEBAAd4Qq7FM6H0MD1S
iEu8sugUuDNN4Da+pZKFZDApqIouG+8IqryRwrfPk4gcqFp/of6UzLZwZ8NA0Iar
BjJn0ShpdbHVRLUhUIZdIS7dx2dMc4VwHtsG/ah58fQVtED2Em2uJBIuFobTR2gy
KK0qtMXgyly3zwVsbOLUxIDQk6Oz4skCOlJQ2lZKFjHFfDlVYCm3a9JafoDJlLRT
KN7epOtr4SWZ0RJZnIJo/ZdYqBasLTUV4Jg7jlu/IZC5d//aBT3BcMyGo4fYqUHb
XtuxBTlaua5hJnmCsIHIIE07mxVof3X9UNar9ceH1DVFXrEuuueDDm0jKm5WcVY7
LsyQmGM=
-----END CERTIFICATE-----
Generated at Sat Apr 27 19:18:07 2024 by rpki-client on console-ams.rpki-client.org