Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS211091.roa
File: AS211091.roa (raw, json)
Hash identifier: sydJ8aFQitnZ8zqBvj8rIHQhORkk/U/iBSDuoZMM244=
Subject key identifier: B7:7A:37:05:36:58:B6:69:13:59:44:FC:65:1B:92:19:C0:92:E0:2C
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 450E812D47CC949F0983C41B37BA6F04D81F2476
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS211091.roa
Signing time: Tue 31 Oct 2023 09:29:06 +0000
ROA not before: Tue 31 Oct 2023 09:24:06 +0000
ROA not after: Tue 29 Oct 2024 09:29:06 +0000
asID: 211091
IP address blocks: 191.96.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:0e:81:2d:47:cc:94:9f:09:83:c4:1b:37:ba:6f:04:d8:1f:24:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 31 09:24:06 2023 GMT
Not After : Oct 29 09:29:06 2024 GMT
Subject: CN=B77A37053658B669135944FC651B9219C092E02C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:57:69:e3:ce:75:65:2f:93:a2:34:33:0e:4f:
4e:cb:13:d9:62:c4:ed:95:c5:4d:c7:65:1d:ca:9a:
09:4c:57:15:04:41:28:01:84:91:47:a3:91:83:6b:
a9:a2:85:4f:fc:db:16:b3:97:9f:47:38:75:47:0c:
9a:d3:a7:8a:1e:4f:d1:6e:b8:d2:b3:b9:6d:92:77:
45:39:25:24:c7:47:1a:1a:fd:b5:2e:39:c8:de:02:
bc:14:53:cb:17:59:61:1d:a3:7a:f2:b9:37:70:79:
7a:46:4e:1b:4e:60:d9:73:8e:0d:38:14:5a:8c:16:
54:89:4c:41:2e:b7:4f:98:75:a9:c2:23:43:4d:6d:
3b:d3:92:35:7a:47:42:39:e4:f8:cb:04:9f:8a:bb:
60:6e:ff:1d:5c:52:df:3e:f7:3b:6b:d2:42:7d:fe:
a2:ea:fc:e7:fc:1d:13:15:80:73:77:e3:bf:5e:51:
d4:9b:5f:b0:d1:bc:6e:9f:60:e6:09:98:04:d9:29:
b5:93:3f:0c:b3:d5:23:9b:8d:8f:01:f0:55:1a:8b:
19:78:6f:1f:0c:b1:04:eb:f3:62:6c:ed:51:c3:bd:
56:3a:5c:8d:40:f3:20:20:e2:f0:8e:c5:7d:7b:49:
ba:be:17:bb:44:e9:e2:39:4f:d7:54:ba:89:eb:1c:
1e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:7A:37:05:36:58:B6:69:13:59:44:FC:65:1B:92:19:C0:92:E0:2C
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS211091.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.59.0/24
Signature Algorithm: sha256WithRSAEncryption
91:a1:b4:a9:2c:51:bb:70:8b:65:a2:ba:95:fb:54:67:45:80:
f6:a2:3f:62:a7:64:6b:49:27:50:fd:49:65:4b:40:cc:8d:06:
3b:36:7c:0e:3a:ff:19:e5:1d:c5:05:a3:87:aa:31:05:d5:30:
a5:66:7c:b0:84:60:8f:dc:75:58:f1:8c:f5:ae:b0:2c:6a:7c:
a2:be:fa:b0:a2:dd:e5:88:f0:41:42:c1:f8:f5:d0:d0:7e:da:
19:e4:aa:6f:e1:f2:98:a7:74:eb:9b:e6:d2:a4:89:53:ea:6a:
9f:82:db:97:31:75:62:7e:68:9d:04:68:af:0c:8c:06:0d:00:
8c:60:f9:92:7f:79:7d:d4:95:dd:62:c6:1a:31:2e:8a:8a:37:
b4:22:e2:ac:d1:af:c7:48:19:6d:51:bd:60:d6:0c:77:f6:46:
9e:df:b3:d0:fb:c5:bc:11:64:18:25:0b:4d:64:de:95:5d:b0:
3a:09:70:a9:b9:31:ce:37:31:18:00:17:ca:49:12:9b:db:64:
e0:b8:23:27:c5:83:c6:84:03:d5:14:96:7c:51:9c:cb:71:d7:
65:96:4c:8b:e6:35:bc:83:82:41:7d:25:ce:f2:d4:42:dc:59:
41:3b:56:e0:5c:c7:9d:ea:63:8d:2d:e0:ac:2b:e1:55:76:4d:
83:fe:ad:1d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIURQ6BLUfMlJ8Jg8QbN7pvBNgfJHYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzEwMzEwOTI0MDZaFw0yNDEwMjkwOTI5MDZaMDMxMTAvBgNV
BAMTKEI3N0EzNzA1MzY1OEI2NjkxMzU5NDRGQzY1MUI5MjE5QzA5MkUwMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXV2njznVlL5OiNDMOT07LE9li
xO2VxU3HZR3KmglMVxUEQSgBhJFHo5GDa6mihU/82xazl59HOHVHDJrTp4oeT9Fu
uNKzuW2Sd0U5JSTHRxoa/bUuOcjeArwUU8sXWWEdo3ryuTdweXpGThtOYNlzjg04
FFqMFlSJTEEut0+YdanCI0NNbTvTkjV6R0I55PjLBJ+Ku2Bu/x1cUt8+9ztr0kJ9
/qLq/Of8HRMVgHN3479eUdSbX7DRvG6fYOYJmATZKbWTPwyz1SObjY8B8FUaixl4
bx8MsQTr82Js7VHDvVY6XI1A8yAg4vCOxX17Sbq+F7tE6eI5T9dUuonrHB77AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUt3o3BTZYtmkTWUT8ZRuSGcCS4CwwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjExMDkxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2A7
MA0GCSqGSIb3DQEBCwUAA4IBAQCRobSpLFG7cItlorqV+1RnRYD2oj9ip2RrSSdQ
/UllS0DMjQY7NnwOOv8Z5R3FBaOHqjEF1TClZnywhGCP3HVY8Yz1rrAsanyivvqw
ot3liPBBQsH49dDQftoZ5Kpv4fKYp3Trm+bSpIlT6mqfgtuXMXVifmidBGivDIwG
DQCMYPmSf3l91JXdYsYaMS6Kije0IuKs0a/HSBltUb1g1gx39kae37PQ+8W8EWQY
JQtNZN6VXbA6CXCpuTHONzEYABfKSRKb22TguCMnxYPGhAPVFJZ8UZzLcddllkyL
5jW8g4JBfSXO8tRC3FlBO1bgXMed6mONLeCsK+FVdk2D/q0d
-----END CERTIFICATE-----
Generated at Thu May 9 19:13:38 2024 by rpki-client on console-ams.rpki-client.org