Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS209181.roa
File: AS209181.roa (raw, json)
Hash identifier: /A6v0nWLIr1rLDTI13QW8x/AWUhWdS96sanuix4uyHc=
Subject key identifier: 23:5B:09:57:BE:D8:39:BD:82:5D:12:48:FF:14:D3:36:02:12:6A:64
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 314FF90CE70E4AD637BAC8CF815C4E393B0E5B2A
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS209181.roa
Signing time: Tue 21 May 2024 00:05:16 +0000
ROA not before: Tue 21 May 2024 00:00:16 +0000
ROA not after: Tue 20 May 2025 00:05:16 +0000
asID: 209181
IP address blocks: 5.252.160.0/24 maxlen: 24
85.208.73.0/24 maxlen: 24
181.214.53.0/24 maxlen: 24
191.96.72.0/24 maxlen: 24
191.96.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:4f:f9:0c:e7:0e:4a:d6:37:ba:c8:cf:81:5c:4e:39:3b:0e:5b:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 21 00:00:16 2024 GMT
Not After : May 20 00:05:16 2025 GMT
Subject: CN=235B0957BED839BD825D1248FF14D33602126A64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:38:aa:03:02:74:c3:f9:3a:e9:96:16:b6:33:
3e:93:80:37:f2:f4:17:07:1b:cd:8d:27:ad:d4:34:
a2:7a:23:5c:f6:45:86:a1:7e:cd:12:9a:36:ca:74:
82:2b:c1:57:c3:3f:bc:bd:49:bc:30:2e:c6:a3:12:
b2:c7:65:5b:07:48:52:fb:8e:8a:ee:ab:9d:c5:bf:
5f:af:29:35:a0:b1:b3:4d:33:ad:80:78:65:09:18:
74:61:62:c4:76:69:12:e7:88:16:8b:a8:0f:9c:6c:
cd:a5:a4:32:82:d5:d7:ba:ba:13:0d:d0:43:02:32:
07:68:f6:90:52:03:47:ac:45:d4:56:09:0a:f9:5a:
4d:13:70:70:f4:af:e6:1f:a2:56:77:83:a2:70:8e:
39:95:35:2d:bd:f2:05:b4:61:e0:2b:f9:4a:38:74:
7f:64:7b:b5:77:af:09:14:4f:0a:80:20:0d:37:11:
8c:d8:7e:9c:b6:42:9c:94:b9:b9:c9:07:47:1f:6c:
4a:b5:89:e8:ee:8f:a0:ec:3e:14:af:94:2d:59:97:
f7:e1:0d:72:05:f4:2c:b8:26:fd:0c:e7:68:c9:a3:
f5:d6:14:f0:7c:f3:0d:37:f8:25:7c:0f:21:40:5b:
45:36:5a:b8:86:8d:ce:f7:c1:67:ec:11:36:c9:9d:
13:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:5B:09:57:BE:D8:39:BD:82:5D:12:48:FF:14:D3:36:02:12:6A:64
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS209181.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.160.0/24
85.208.73.0/24
181.214.53.0/24
191.96.72.0/24
191.96.158.0/24
Signature Algorithm: sha256WithRSAEncryption
34:9b:bf:50:b4:3e:49:2a:4b:98:4c:30:23:10:b4:07:fe:36:
d4:42:ea:52:12:5c:12:5d:f3:92:0d:0b:9a:30:11:d0:63:c1:
d7:da:9b:72:b2:97:ba:3f:93:27:ed:03:21:83:bb:c8:87:3c:
dc:0c:08:0d:05:22:e3:ae:9e:4a:82:16:f6:b1:d4:e7:c8:d7:
9d:8c:4a:1f:18:59:ff:df:78:76:5c:68:33:51:2a:fe:65:54:
12:83:be:28:24:0e:9d:1d:f9:03:e0:67:60:c8:91:70:0a:f4:
6e:11:5c:55:46:54:62:88:c3:7c:06:6e:0c:9a:a8:f3:f8:b9:
49:bd:60:1f:87:75:78:e3:2c:bb:de:eb:cd:d8:df:41:27:f6:
10:b9:35:c9:cf:d4:87:99:6f:11:20:1f:c0:3c:e7:34:d4:f0:
93:64:e1:ba:63:e8:f6:1f:f8:90:28:2b:ee:8d:4b:7f:ad:8a:
58:8c:20:26:5a:da:61:b5:68:ff:67:94:82:3e:8a:13:1f:eb:
f1:02:72:e1:a4:e1:5b:da:2c:af:0f:25:e7:ca:32:66:1b:77:
99:fc:04:46:d6:c5:02:6c:de:3a:e7:09:b8:b6:d3:b3:44:d2:
71:04:1e:41:48:84:41:50:72:27:dd:66:da:61:e1:28:57:56:
1f:0e:29:74
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUMU/5DOcOStY3usjPgVxOOTsOWyowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA1MjEwMDAwMTZaFw0yNTA1MjAwMDA1MTZaMDMxMTAvBgNV
BAMTKDIzNUIwOTU3QkVEODM5QkQ4MjVEMTI0OEZGMTREMzM2MDIxMjZBNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeOKoDAnTD+Trplha2Mz6TgDfy
9BcHG82NJ63UNKJ6I1z2RYahfs0SmjbKdIIrwVfDP7y9SbwwLsajErLHZVsHSFL7
joruq53Fv1+vKTWgsbNNM62AeGUJGHRhYsR2aRLniBaLqA+cbM2lpDKC1de6uhMN
0EMCMgdo9pBSA0esRdRWCQr5Wk0TcHD0r+YfolZ3g6JwjjmVNS298gW0YeAr+Uo4
dH9ke7V3rwkUTwqAIA03EYzYfpy2QpyUubnJB0cfbEq1iejuj6DsPhSvlC1Zl/fh
DXIF9Cy4Jv0M52jJo/XWFPB88w03+CV8DyFAW0U2WriGjc73wWfsETbJnRO5AgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUI1sJV77YOb2CXRJI/xTTNgISamQwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA5MTgxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABfyg
AwQAVdBJAwQAtdY1AwQAv2BIAwQAv2CeMA0GCSqGSIb3DQEBCwUAA4IBAQA0m79Q
tD5JKkuYTDAjELQH/jbUQupSElwSXfOSDQuaMBHQY8HX2ptyspe6P5Mn7QMhg7vI
hzzcDAgNBSLjrp5Kghb2sdTnyNedjEofGFn/33h2XGgzUSr+ZVQSg74oJA6dHfkD
4GdgyJFwCvRuEVxVRlRiiMN8Bm4Mmqjz+LlJvWAfh3V44yy73uvN2N9BJ/YQuTXJ
z9SHmW8RIB/APOc01PCTZOG6Y+j2H/iQKCvujUt/rYpYjCAmWtphtWj/Z5SCPooT
H+vxAnLhpOFb2iyvDyXnyjJmG3eZ/ARG1sUCbN465wm4ttOzRNJxBB5BSIRBUHIn
3WbaYeEoV1YfDil0
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:39:57 2024 by rpki-client on console-ams.rpki-client.org