Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS211439.roa
File: AS211439.roa (raw, json)
Hash identifier: uQaKNAOcGx43wpChsvhHcZJMsaTPjTeBNPzEES2QJfI=
Subject key identifier: 0B:A9:26:57:86:9A:6E:14:04:18:3C:87:0D:45:7A:FB:2E:1F:C9:16
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 421192236798B8E5610EA89A24C5AE062290E50B
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS211439.roa
Signing time: Thu 29 Feb 2024 13:13:40 +0000
ROA not before: Thu 29 Feb 2024 13:08:40 +0000
ROA not after: Thu 27 Feb 2025 13:13:40 +0000
asID: 211439
IP address blocks: 45.231.207.0/24 maxlen: 24
181.41.209.0/24 maxlen: 24
181.214.172.0/24 maxlen: 24
181.215.24.0/24 maxlen: 24
181.215.54.0/24 maxlen: 24
191.96.2.0/24 maxlen: 24
191.101.143.0/24 maxlen: 24
191.101.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:11:92:23:67:98:b8:e5:61:0e:a8:9a:24:c5:ae:06:22:90:e5:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Feb 29 13:08:40 2024 GMT
Not After : Feb 27 13:13:40 2025 GMT
Subject: CN=0BA92657869A6E1404183C870D457AFB2E1FC916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:d9:12:08:29:85:a4:40:7a:6a:f7:84:2b:4e:
22:1a:ad:28:fb:68:fc:c0:41:d0:5f:82:40:3e:11:
3b:bd:87:41:4c:5f:dd:03:d9:73:a0:b1:13:dd:cf:
37:d8:9a:33:0d:f4:2a:88:e9:a8:1d:db:f8:6d:27:
14:3b:f7:03:f4:64:ff:80:c7:00:47:c8:e0:c2:3d:
9b:53:c0:1f:96:c8:8f:bd:80:32:9b:09:de:55:54:
c1:a4:25:c7:95:b2:93:45:a7:b0:7c:bb:61:84:c2:
40:9a:74:4d:a6:dc:f3:4e:05:d6:61:9b:5c:cc:6c:
8f:64:80:f4:6e:e6:27:0d:62:21:c1:9c:f1:2e:8c:
77:c8:fd:b3:40:38:ea:df:58:68:79:e1:eb:b9:3e:
6b:ac:49:0c:96:be:06:ff:64:9c:fe:ca:5f:8c:22:
71:0f:e9:69:f4:87:34:5b:73:75:f4:64:8c:47:9f:
05:56:4a:cb:83:0d:ce:06:84:19:35:b8:c8:c6:c5:
a1:28:73:78:1b:ef:9c:b3:23:15:50:79:29:c2:26:
8b:e1:c9:4e:0f:38:69:66:15:2d:aa:0a:2c:8d:e2:
8e:00:ce:cc:3d:b9:be:8e:91:6b:2f:e7:9d:f2:60:
7d:08:3b:4d:ec:15:60:ab:b3:ae:b9:27:4e:ee:62:
15:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:A9:26:57:86:9A:6E:14:04:18:3C:87:0D:45:7A:FB:2E:1F:C9:16
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS211439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.231.207.0/24
181.41.209.0/24
181.214.172.0/24
181.215.24.0/24
181.215.54.0/24
191.96.2.0/24
191.101.143.0/24
191.101.248.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:86:96:47:f6:a5:ee:d4:31:cb:04:79:78:aa:0e:7c:8e:1d:
9d:6a:66:55:47:df:43:43:c8:6c:51:30:f9:44:ec:85:a2:1f:
6e:73:30:47:17:d1:39:5d:b0:3f:02:47:d1:3b:5c:c1:c5:ae:
4a:a0:33:1c:cf:68:8d:ab:6d:eb:db:3b:d9:2a:c3:6c:4c:1a:
fa:a8:f8:8e:3d:d2:cb:43:db:d4:cc:bc:40:cd:57:d5:63:0f:
38:17:99:08:d9:61:2f:04:b3:74:18:b3:b1:fa:4f:c8:1a:6d:
98:9c:5d:8d:c0:d3:b5:fb:f3:7c:70:05:d9:a5:64:db:c0:36:
aa:ef:b1:99:be:f6:a0:d2:ad:e6:92:cb:d5:d8:bb:23:4a:4c:
66:6b:0d:15:7b:06:04:97:ed:d1:6a:46:ab:f0:67:4a:db:6c:
af:4d:51:42:26:1d:0e:72:2a:9a:cf:2e:85:12:52:bb:85:fc:
4e:83:be:05:ec:5f:60:cf:f4:80:40:ab:88:23:9c:c4:ef:47:
bb:a2:38:84:28:4b:44:d6:69:bf:ca:b7:a1:3d:6d:ca:dc:82:
f8:f4:f6:95:ff:c2:1d:f1:a7:b4:e4:d6:1e:09:2f:dd:5e:14:
09:ff:ff:81:d7:7a:fa:e6:e1:10:47:bd:46:7f:47:69:e9:ae:
df:99:b2:87
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUQhGSI2eYuOVhDqiaJMWuBiKQ5QswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAyMjkxMzA4NDBaFw0yNTAyMjcxMzEzNDBaMDMxMTAvBgNV
BAMTKDBCQTkyNjU3ODY5QTZFMTQwNDE4M0M4NzBENDU3QUZCMkUxRkM5MTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD02RIIKYWkQHpq94QrTiIarSj7
aPzAQdBfgkA+ETu9h0FMX90D2XOgsRPdzzfYmjMN9CqI6agd2/htJxQ79wP0ZP+A
xwBHyODCPZtTwB+WyI+9gDKbCd5VVMGkJceVspNFp7B8u2GEwkCadE2m3PNOBdZh
m1zMbI9kgPRu5icNYiHBnPEujHfI/bNAOOrfWGh54eu5PmusSQyWvgb/ZJz+yl+M
InEP6Wn0hzRbc3X0ZIxHnwVWSsuDDc4GhBk1uMjGxaEoc3gb75yzIxVQeSnCJovh
yU4POGlmFS2qCiyN4o4Azsw9ub6OkWsv553yYH0IO03sFWCrs665J07uYhW5AgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUC6kmV4aabhQEGDyHDUV6+y4fyRYwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjExNDM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALefP
AwQAtSnRAwQAtdasAwQAtdcYAwQAtdc2AwQAv2ACAwQAv2WPAwQAv2X4MA0GCSqG
SIb3DQEBCwUAA4IBAQCrhpZH9qXu1DHLBHl4qg58jh2damZVR99DQ8hsUTD5ROyF
oh9uczBHF9E5XbA/AkfRO1zBxa5KoDMcz2iNq23r2zvZKsNsTBr6qPiOPdLLQ9vU
zLxAzVfVYw84F5kI2WEvBLN0GLOx+k/IGm2YnF2NwNO1+/N8cAXZpWTbwDaq77GZ
vvag0q3mksvV2LsjSkxmaw0VewYEl+3Rakar8GdK22yvTVFCJh0Ociqazy6FElK7
hfxOg74F7F9gz/SAQKuII5zE70e7ojiEKEtE1mm/yrehPW3K3IL49PaV/8Id8ae0
5NYeCS/dXhQJ//+B13r65uEQR71Gf0dp6a7fmbKH
-----END CERTIFICATE-----
Generated at Fri May 10 10:50:02 2024 by rpki-client on console-fra.rpki-client.org