Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210542.roa
File: AS210542.roa (raw, json)
Hash identifier: gNVQ61/0g2WtlEauiYAC6S9J9M4CZmb1RvWeLxlWF8M=
Subject key identifier: 98:00:38:A2:C0:C2:85:C5:91:2D:AA:F2:1B:13:95:7C:52:0D:39:C6
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 421B94434F6CBDCDDC61766BC5A3BF8466F8C790
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210542.roa
Signing time: Thu 07 Mar 2024 11:30:04 +0000
ROA not before: Thu 07 Mar 2024 11:25:04 +0000
ROA not after: Thu 06 Mar 2025 11:30:04 +0000
asID: 210542
IP address blocks: 181.214.25.0/24 maxlen: 24
181.214.75.0/24 maxlen: 24
181.215.18.0/24 maxlen: 24
185.139.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:1b:94:43:4f:6c:bd:cd:dc:61:76:6b:c5:a3:bf:84:66:f8:c7:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 7 11:25:04 2024 GMT
Not After : Mar 6 11:30:04 2025 GMT
Subject: CN=980038A2C0C285C5912DAAF21B13957C520D39C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:28:50:1f:74:c1:63:0d:49:02:a6:4b:6c:7c:
f4:d1:85:19:08:c2:a1:d1:39:2b:29:75:82:25:d6:
e0:1a:21:59:a8:d6:4b:e9:9a:20:53:bc:65:56:67:
e3:ea:3c:7a:9c:98:72:0c:c8:2d:4a:c4:a3:16:d4:
f3:76:17:7c:26:de:05:94:7d:c3:22:d2:64:02:76:
59:fd:04:db:26:7f:6f:d3:e0:91:13:83:9a:bc:98:
02:e5:77:e8:64:54:66:c8:5f:c9:48:38:ee:f0:9e:
c3:7b:49:7a:b6:d1:e5:95:82:1f:f3:b6:80:33:bd:
e6:bb:ad:4f:e3:53:7d:b0:a2:70:1b:dc:82:9a:99:
fb:49:e8:cc:83:71:7b:68:1e:81:b0:84:7f:d3:08:
d6:30:93:7a:5c:1e:39:9d:a3:1b:56:97:ac:5f:1f:
25:4c:fe:89:33:a9:7e:13:f9:73:64:a0:1c:c6:21:
88:66:0d:7c:47:2d:b1:cb:dd:ff:40:4a:54:b3:20:
8b:ab:13:c3:71:a6:a9:11:af:a8:1d:3b:45:39:84:
2a:0b:13:e0:8d:9c:f4:e5:6f:61:18:52:8c:5e:d7:
b8:19:38:f6:e0:94:53:e4:95:61:63:76:54:1c:b1:
3a:9b:12:75:d9:ad:44:ee:de:ef:b3:5e:34:6f:2a:
c0:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:00:38:A2:C0:C2:85:C5:91:2D:AA:F2:1B:13:95:7C:52:0D:39:C6
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210542.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.25.0/24
181.214.75.0/24
181.215.18.0/24
185.139.238.0/24
Signature Algorithm: sha256WithRSAEncryption
60:4b:c6:5a:b7:30:38:68:e7:a2:74:27:f0:2d:53:8a:2d:45:
ad:e0:4c:16:26:fe:9b:53:62:6b:0b:aa:6e:d6:5c:cb:39:8c:
3f:f7:67:3e:7c:15:11:82:37:18:a4:ef:2d:1a:e0:21:84:2d:
a3:c6:b7:74:a7:7f:e8:2c:02:a4:f9:7a:82:28:ef:09:9f:d5:
6a:f3:e8:ce:9e:8e:43:6d:cd:ae:a6:ad:f4:e2:26:08:90:89:
ce:6f:7d:1b:9e:f6:28:2d:26:34:9a:d0:38:9a:07:9a:62:6d:
86:c2:b6:20:59:6d:bf:37:7a:0b:3f:83:e7:5e:93:79:f0:7f:
7d:9f:06:ce:8b:ed:6a:55:56:b8:1f:ec:34:c1:5e:e7:ac:54:
1c:85:e1:3c:53:39:2e:1c:48:7e:ee:e1:10:b5:2a:1b:c1:e3:
75:9d:c1:c9:31:2d:91:15:31:c6:bc:bf:3b:46:ac:7b:b1:92:
d4:34:3d:5b:aa:94:d0:a3:dd:8f:4a:9c:69:0d:c2:53:03:61:
a9:bc:06:c2:25:a2:d4:0e:b1:f5:cd:38:71:a4:b9:ce:4c:d5:
05:54:c5:65:cf:96:ab:ae:70:3c:56:3f:1f:52:09:65:b3:8b:
3d:06:16:a8:34:f3:c2:73:4f:d8:0a:72:63:b7:54:e7:5c:d8:
a7:c1:86:56
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUQhuUQ09svc3cYXZrxaO/hGb4x5AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAzMDcxMTI1MDRaFw0yNTAzMDYxMTMwMDRaMDMxMTAvBgNV
BAMTKDk4MDAzOEEyQzBDMjg1QzU5MTJEQUFGMjFCMTM5NTdDNTIwRDM5QzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYKFAfdMFjDUkCpktsfPTRhRkI
wqHROSspdYIl1uAaIVmo1kvpmiBTvGVWZ+PqPHqcmHIMyC1KxKMW1PN2F3wm3gWU
fcMi0mQCdln9BNsmf2/T4JETg5q8mALld+hkVGbIX8lIOO7wnsN7SXq20eWVgh/z
toAzvea7rU/jU32wonAb3IKamftJ6MyDcXtoHoGwhH/TCNYwk3pcHjmdoxtWl6xf
HyVM/okzqX4T+XNkoBzGIYhmDXxHLbHL3f9ASlSzIIurE8NxpqkRr6gdO0U5hCoL
E+CNnPTlb2EYUoxe17gZOPbglFPklWFjdlQcsTqbEnXZrUTu3u+zXjRvKsBfAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUmAA4osDChcWRLaryGxOVfFINOcYwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEwNTQyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAtdYZ
AwQAtdZLAwQAtdcSAwQAuYvuMA0GCSqGSIb3DQEBCwUAA4IBAQBgS8ZatzA4aOei
dCfwLVOKLUWt4EwWJv6bU2JrC6pu1lzLOYw/92c+fBURgjcYpO8tGuAhhC2jxrd0
p3/oLAKk+XqCKO8Jn9Vq8+jOno5Dbc2upq304iYIkInOb30bnvYoLSY0mtA4mgea
Ym2GwrYgWW2/N3oLP4PnXpN58H99nwbOi+1qVVa4H+w0wV7nrFQcheE8UzkuHEh+
7uEQtSobweN1ncHJMS2RFTHGvL87Rqx7sZLUND1bqpTQo92PSpxpDcJTA2GpvAbC
JaLUDrH1zThxpLnOTNUFVMVlz5arrnA8Vj8fUglls4s9BhaoNPPCc0/YCnJjt1Tn
XNinwYZW
-----END CERTIFICATE-----
Generated at Fri May 10 10:50:02 2024 by rpki-client on console-fra.rpki-client.org