Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS209242.roa
File: AS209242.roa (raw, json)
Hash identifier: epowik4n25bFHLwmXyEMKjO6X/kdz/snPiRIN6glmvQ=
Subject key identifier: D3:73:26:50:A1:82:02:96:C0:1E:60:55:28:49:F0:C5:22:AB:D6:4E
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 50892CADEC9280B383B46CBA8D609A9000325D12
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS209242.roa
Signing time: Mon 27 Nov 2023 10:02:03 +0000
ROA not before: Mon 27 Nov 2023 09:57:03 +0000
ROA not after: Mon 25 Nov 2024 10:02:03 +0000
asID: 209242
IP address blocks: 185.135.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:89:2c:ad:ec:92:80:b3:83:b4:6c:ba:8d:60:9a:90:00:32:5d:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Nov 27 09:57:03 2023 GMT
Not After : Nov 25 10:02:03 2024 GMT
Subject: CN=D3732650A1820296C01E60552849F0C522ABD64E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0d:68:60:3e:9b:e3:ec:cf:99:ba:ea:a6:5d:
77:55:f7:8d:14:4e:3d:ea:ad:b3:dc:f1:e2:8a:c9:
1f:a1:23:aa:8d:f5:3b:17:75:34:84:32:a0:0e:f9:
56:04:ea:7d:3a:89:d8:0b:5b:64:e1:16:e6:2f:c2:
91:a2:f1:bf:14:75:8f:38:46:2d:54:75:23:1b:af:
69:ee:3e:b2:1e:26:12:0b:92:9b:f0:25:a2:a7:ea:
d7:f0:60:0a:5c:2f:90:1f:5d:c4:2f:02:f0:ff:3e:
6d:c4:57:44:0b:7a:55:ea:95:d2:73:15:39:0f:4d:
dc:42:ee:4a:79:7f:a9:ce:07:88:44:88:8c:12:79:
eb:93:87:62:86:c7:fb:29:76:db:cd:fd:e3:de:37:
e0:23:6a:6f:11:81:1b:c2:b3:53:4a:64:d4:1a:88:
76:76:e7:22:a5:8d:36:39:0c:79:6f:e8:af:25:a5:
19:15:2c:e5:1e:5f:98:cb:ce:81:c8:27:17:38:48:
a3:8e:14:8a:47:ac:29:c4:4a:8d:29:23:6e:42:9f:
93:67:22:fb:50:c3:6b:cd:d3:36:73:70:61:59:7d:
1e:c1:6c:ec:b6:b1:09:3c:ee:d7:d3:a7:66:a6:8b:
b6:7f:1c:e4:88:98:93:1c:28:88:d4:58:c3:3e:fd:
a3:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:73:26:50:A1:82:02:96:C0:1E:60:55:28:49:F0:C5:22:AB:D6:4E
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS209242.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.9.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:c4:0f:32:88:8b:8b:bd:df:23:c2:44:ce:c9:a0:1c:c3:cd:
5b:99:1e:79:d4:a1:0b:cc:4e:56:23:0e:47:f6:49:2f:de:8b:
94:55:82:02:22:e1:dd:a4:34:cf:b2:2c:1d:3c:0b:dc:f5:bf:
fa:a1:90:89:24:cb:e9:fb:2d:4a:87:7f:c1:2a:63:f1:5f:51:
5b:0a:b2:50:f9:48:ab:27:de:2c:d2:cd:43:55:aa:2d:24:0b:
5f:76:07:75:f9:48:4e:be:f7:61:04:24:1b:74:34:d4:d6:85:
9a:50:f1:3b:58:20:63:98:63:a2:ec:27:a9:fc:ea:06:93:e8:
b1:ad:8e:8b:7f:c2:5d:3a:3b:0f:2a:ba:d9:08:97:e9:59:66:
ad:32:5f:9b:cd:35:7a:15:24:f3:d6:fa:e2:39:df:14:e0:18:
1b:58:89:12:d4:fd:4b:d5:3b:be:32:6f:4f:49:ca:0a:0b:17:
44:9f:27:bb:fa:64:fd:f8:63:a7:5a:4e:bb:7a:3b:fc:fe:59:
06:5d:f7:94:6d:22:fc:db:f0:89:6f:0f:fe:6b:a9:70:6a:37:
49:6e:5b:0b:93:59:9c:20:e8:e6:77:1b:99:98:3d:ee:bb:ac:
4e:7f:5d:90:c4:d5:35:1a:96:6d:98:b1:8e:ee:b8:b0:3a:5f:
33:3d:e9:d9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUUIksreySgLODtGy6jWCakAAyXRIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzExMjcwOTU3MDNaFw0yNDExMjUxMDAyMDNaMDMxMTAvBgNV
BAMTKEQzNzMyNjUwQTE4MjAyOTZDMDFFNjA1NTI4NDlGMEM1MjJBQkQ2NEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1DWhgPpvj7M+ZuuqmXXdV940U
Tj3qrbPc8eKKyR+hI6qN9TsXdTSEMqAO+VYE6n06idgLW2ThFuYvwpGi8b8UdY84
Ri1UdSMbr2nuPrIeJhILkpvwJaKn6tfwYApcL5AfXcQvAvD/Pm3EV0QLelXqldJz
FTkPTdxC7kp5f6nOB4hEiIwSeeuTh2KGx/spdtvN/ePeN+Ajam8RgRvCs1NKZNQa
iHZ25yKljTY5DHlv6K8lpRkVLOUeX5jLzoHIJxc4SKOOFIpHrCnESo0pI25Cn5Nn
IvtQw2vN0zZzcGFZfR7BbOy2sQk87tfTp2ami7Z/HOSImJMcKIjUWMM+/aNPAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU03MmUKGCApbAHmBVKEnwxSKr1k4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA5MjQyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYcJ
MA0GCSqGSIb3DQEBCwUAA4IBAQAdxA8yiIuLvd8jwkTOyaAcw81bmR551KELzE5W
Iw5H9kkv3ouUVYICIuHdpDTPsiwdPAvc9b/6oZCJJMvp+y1Kh3/BKmPxX1FbCrJQ
+UirJ94s0s1DVaotJAtfdgd1+UhOvvdhBCQbdDTU1oWaUPE7WCBjmGOi7Cep/OoG
k+ixrY6Lf8JdOjsPKrrZCJfpWWatMl+bzTV6FSTz1vriOd8U4BgbWIkS1P1L1Tu+
Mm9PScoKCxdEnye7+mT9+GOnWk67ejv8/lkGXfeUbSL82/CJbw/+a6lwajdJblsL
k1mcIOjmdxuZmD3uu6xOf12QxNU1GpZtmLGO7riwOl8zPenZ
-----END CERTIFICATE-----
Generated at Tue May 7 13:14:44 2024 by rpki-client on console-ams.rpki-client.org