Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS209043.roa
File: AS209043.roa (raw, json)
Hash identifier: tUKulbfHl+m2O5y4yLxt1H3OvR9yTff2FwnEGeaQQ/I=
Subject key identifier: 01:8B:F0:71:18:94:4C:BA:70:EB:64:07:00:D4:D1:9F:8E:79:44:4C
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5AC89F162413EB2B2F51AA3C11976019DEBDE701
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS209043.roa
Signing time: Wed 24 Apr 2024 13:05:38 +0000
ROA not before: Wed 24 Apr 2024 13:00:38 +0000
ROA not after: Wed 23 Apr 2025 13:05:38 +0000
asID: 209043
IP address blocks: 45.95.12.0/24 maxlen: 24
181.215.144.0/24 maxlen: 24
181.215.202.0/24 maxlen: 24
191.96.250.0/24 maxlen: 24
191.101.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:c8:9f:16:24:13:eb:2b:2f:51:aa:3c:11:97:60:19:de:bd:e7:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 24 13:00:38 2024 GMT
Not After : Apr 23 13:05:38 2025 GMT
Subject: CN=018BF07118944CBA70EB640700D4D19F8E79444C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3c:1e:19:94:b4:fa:58:d0:af:72:ad:5e:99:
b7:2e:a8:99:7a:64:95:b0:77:0f:7a:f2:5d:4a:2b:
6c:68:cd:77:02:83:01:1a:c1:38:3a:5f:a5:de:bd:
42:c2:4b:69:94:7b:e5:c1:91:69:dc:9e:29:07:e5:
2d:fe:52:82:a3:33:f1:eb:fe:84:01:01:d0:5c:7f:
fb:9c:be:bb:b0:64:ec:74:0f:77:4c:a2:1a:97:03:
46:90:d4:e2:d7:62:12:77:b8:f7:29:47:d7:ba:84:
71:a7:b1:d3:3e:50:0d:0a:24:d5:e2:3b:37:56:28:
bc:34:8e:27:67:ae:ab:a8:fe:9f:83:e3:44:80:49:
f3:78:4a:64:fe:74:ed:cd:95:72:6c:cb:77:77:90:
60:d1:ee:96:03:fb:ee:9d:91:bd:90:4f:d1:62:5b:
c0:c2:d2:71:8d:8f:86:4d:ff:94:a1:5e:e0:11:7d:
9b:07:0b:9c:5b:90:ea:1f:f6:ad:02:86:66:5a:7c:
ac:6c:8d:2b:d6:f7:7a:e6:0c:b6:3d:41:49:09:f8:
04:b3:00:bb:e3:4f:c1:f8:23:f2:bf:96:f7:72:52:
14:f1:ad:f9:31:20:9a:c2:dd:8e:67:96:87:8a:5a:
ec:09:3a:b4:78:56:3b:4f:f7:40:e3:8d:95:0e:e7:
d9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:8B:F0:71:18:94:4C:BA:70:EB:64:07:00:D4:D1:9F:8E:79:44:4C
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS209043.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.12.0/24
181.215.144.0/24
181.215.202.0/24
191.96.250.0/24
191.101.149.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:0c:36:0a:8f:08:9f:58:48:88:15:fe:31:62:28:1c:c6:b1:
c2:d2:f1:e0:56:5f:46:df:ad:bc:d3:6f:bc:bd:a2:1e:a9:0d:
f3:5e:34:6a:5d:41:c7:ff:f7:8a:ae:7c:3e:0f:32:a9:8a:78:
1a:7a:fc:d6:11:0e:e4:61:20:3a:43:81:0a:51:33:9d:89:b5:
1d:b0:02:bc:4a:2f:57:7e:40:65:ca:d5:f8:e0:8d:6e:b8:bc:
af:b5:18:db:86:3e:01:a1:1f:e2:bc:5e:a1:6c:d2:96:36:fc:
5f:1e:14:50:9f:1d:f4:02:1b:80:ba:bc:e3:36:33:cd:a4:7e:
a5:f3:3d:9e:fb:56:e5:c6:61:70:11:82:7e:fa:6f:91:85:be:
ec:0c:69:3c:05:b9:9a:c1:e2:83:37:26:79:36:4c:3f:43:35:
bf:20:0e:b1:71:ac:fa:a6:ea:f9:96:11:88:dc:eb:97:21:41:
39:18:7e:1b:69:56:68:8e:37:be:f2:a2:ad:9c:74:02:c5:46:
cf:bc:1a:49:19:c8:aa:93:dc:28:13:46:77:4a:a4:e7:3e:f8:
a6:2e:85:be:c5:60:bd:89:78:ee:68:83:25:26:56:d4:8e:2c:
c7:38:3f:43:01:eb:27:b9:61:d3:eb:07:ee:6b:f5:99:e2:69:
93:c1:bd:87
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUWsifFiQT6ysvUao8EZdgGd695wEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA0MjQxMzAwMzhaFw0yNTA0MjMxMzA1MzhaMDMxMTAvBgNV
BAMTKDAxOEJGMDcxMTg5NDRDQkE3MEVCNjQwNzAwRDREMTlGOEU3OTQ0NEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8PB4ZlLT6WNCvcq1embcuqJl6
ZJWwdw968l1KK2xozXcCgwEawTg6X6XevULCS2mUe+XBkWncnikH5S3+UoKjM/Hr
/oQBAdBcf/ucvruwZOx0D3dMohqXA0aQ1OLXYhJ3uPcpR9e6hHGnsdM+UA0KJNXi
OzdWKLw0jidnrquo/p+D40SASfN4SmT+dO3NlXJsy3d3kGDR7pYD++6dkb2QT9Fi
W8DC0nGNj4ZN/5ShXuARfZsHC5xbkOof9q0ChmZafKxsjSvW93rmDLY9QUkJ+ASz
ALvjT8H4I/K/lvdyUhTxrfkxIJrC3Y5nloeKWuwJOrR4VjtP90DjjZUO59mdAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUAYvwcRiUTLpw62QHANTRn455REwwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA5MDQzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALV8M
AwQAtdeQAwQAtdfKAwQAv2D6AwQAv2WVMA0GCSqGSIb3DQEBCwUAA4IBAQBqDDYK
jwifWEiIFf4xYigcxrHC0vHgVl9G362802+8vaIeqQ3zXjRqXUHH//eKrnw+DzKp
ingaevzWEQ7kYSA6Q4EKUTOdibUdsAK8Si9XfkBlytX44I1uuLyvtRjbhj4BoR/i
vF6hbNKWNvxfHhRQnx30AhuAurzjNjPNpH6l8z2e+1blxmFwEYJ++m+Rhb7sDGk8
BbmaweKDNyZ5Nkw/QzW/IA6xcaz6pur5lhGI3OuXIUE5GH4baVZojje+8qKtnHQC
xUbPvBpJGciqk9woE0Z3SqTnPvimLoW+xWC9iXjuaIMlJlbUjizHOD9DAesnuWHT
6wfua/WZ4mmTwb2H
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:39:57 2024 by rpki-client on console-ams.rpki-client.org