Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS211439.roa
File: AS211439.roa (raw, json)
Hash identifier: JB6Q0CTMNVjcoCDYdLiUTS2fPEhqbKGxgyJTTAE0yDM=
Subject key identifier: 73:E6:AE:60:39:EB:C5:F0:E6:3E:73:D4:03:1B:F4:67:AD:C9:52:C0
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3BEA3D7B920D0ECF3ADF052631A053D9D1C084ED
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS211439.roa
Signing time: Tue 18 Feb 2025 15:00:04 +0000
ROA not before: Tue 18 Feb 2025 14:55:04 +0000
ROA not after: Tue 17 Feb 2026 15:00:04 +0000
asID: 211439
IP address blocks: 181.41.209.0/24 maxlen: 24
181.214.172.0/24 maxlen: 24
181.215.24.0/24 maxlen: 24
181.215.54.0/24 maxlen: 24
191.96.2.0/24 maxlen: 24
191.101.143.0/24 maxlen: 24
191.101.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:12:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:ea:3d:7b:92:0d:0e:cf:3a:df:05:26:31:a0:53:d9:d1:c0:84:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Feb 18 14:55:04 2025 GMT
Not After : Feb 17 15:00:04 2026 GMT
Subject: CN=73E6AE6039EBC5F0E63E73D4031BF467ADC952C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b0:7e:4f:36:3f:25:49:68:b6:a8:f4:08:ab:
40:4c:17:2f:2c:1f:8f:75:7a:a3:79:e4:4e:ec:72:
cc:85:28:60:c3:c6:c0:d4:1c:ef:aa:74:39:bb:31:
d9:28:b4:c5:1e:4c:78:02:2f:5d:26:1d:49:ec:76:
4b:4c:2e:0e:c7:61:2f:04:e4:f1:4f:4e:b4:fe:c1:
ab:88:1b:3a:01:34:12:bb:30:3e:76:b5:33:eb:a9:
b6:ca:0e:b1:af:83:2f:31:1d:51:2f:2d:f0:aa:f3:
d4:8a:59:07:69:23:21:c9:95:d1:18:5d:97:22:3d:
29:39:69:db:00:a7:ab:b2:c6:76:f9:b9:3c:ce:c4:
be:e0:ac:54:a5:7b:5e:83:0c:aa:d0:af:54:b2:b8:
72:98:aa:97:30:9e:ab:33:ef:b0:b9:66:ff:ee:5a:
0a:5e:c0:12:ef:79:da:9b:45:d9:14:0d:32:95:08:
90:b3:74:73:f6:ef:ad:68:b9:4d:1c:07:d8:f6:7c:
ca:3f:78:91:27:6f:87:38:6e:66:cf:b3:71:23:70:
ac:95:2e:01:aa:7a:7a:0d:5f:67:97:8e:a5:31:ff:
a1:7f:6d:4d:8e:cd:81:3b:da:a8:d8:b4:a4:c1:d2:
0a:55:48:a1:7d:79:d4:9a:fb:08:c1:e0:36:9d:2f:
10:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:E6:AE:60:39:EB:C5:F0:E6:3E:73:D4:03:1B:F4:67:AD:C9:52:C0
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS211439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.41.209.0/24
181.214.172.0/24
181.215.24.0/24
181.215.54.0/24
191.96.2.0/24
191.101.143.0/24
191.101.248.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:9e:97:cc:91:88:c8:98:9a:20:cf:c2:08:47:f6:72:06:83:
e4:d6:25:7f:07:e8:ec:63:e9:e2:00:62:d6:88:e5:78:6e:2e:
97:a0:dd:a5:24:fd:31:d7:77:be:da:e4:a1:ec:43:23:f7:ab:
8c:e9:40:e4:df:d9:82:24:8a:96:c0:63:90:cc:a2:d4:e8:6b:
b4:f7:14:a2:4e:84:4b:28:f1:57:f6:1d:e1:d6:c7:dc:0e:28:
12:f0:7f:41:0b:05:90:cf:8f:14:ff:6c:b4:d0:6b:32:d4:1e:
b3:49:de:bb:66:47:70:2c:59:54:3b:67:a7:02:64:3b:76:6e:
7f:a4:2b:17:49:ee:f4:01:1a:b8:06:33:8e:d0:cd:1a:6c:ed:
f7:e2:2f:25:ac:92:3c:f7:bb:b3:8c:fb:5c:e8:d1:e5:9c:ab:
a9:39:e2:32:e9:60:12:2c:2f:af:59:b3:88:f2:55:d7:a1:b2:
16:47:73:95:e6:c5:d0:66:57:4c:2e:43:fd:c3:c6:f8:c0:0e:
1b:6e:8c:c6:5b:2c:fa:88:84:2c:02:ce:1d:e2:ed:a6:c5:1a:
56:b2:57:ab:79:65:ee:54:c7:30:97:1a:ec:76:61:f0:be:bf:
2f:49:95:19:3c:ef:71:e2:76:db:cd:22:7e:85:d6:0c:db:1e:
60:d5:a5:c0
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUO+o9e5INDs863wUmMaBT2dHAhO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAyMTgxNDU1MDRaFw0yNjAyMTcxNTAwMDRaMDMxMTAvBgNV
BAMTKDczRTZBRTYwMzlFQkM1RjBFNjNFNzNENDAzMUJGNDY3QURDOTUyQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNsH5PNj8lSWi2qPQIq0BMFy8s
H491eqN55E7scsyFKGDDxsDUHO+qdDm7MdkotMUeTHgCL10mHUnsdktMLg7HYS8E
5PFPTrT+wauIGzoBNBK7MD52tTPrqbbKDrGvgy8xHVEvLfCq89SKWQdpIyHJldEY
XZciPSk5adsAp6uyxnb5uTzOxL7grFSle16DDKrQr1SyuHKYqpcwnqsz77C5Zv/u
WgpewBLvedqbRdkUDTKVCJCzdHP2761ouU0cB9j2fMo/eJEnb4c4bmbPs3EjcKyV
LgGqenoNX2eXjqUx/6F/bU2OzYE72qjYtKTB0gpVSKF9edSa+wjB4DadLxC/AgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUc+auYDnrxfDmPnPUAxv0Z63JUsAwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjExNDM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAtSnR
AwQAtdasAwQAtdcYAwQAtdc2AwQAv2ACAwQAv2WPAwQAv2X4MA0GCSqGSIb3DQEB
CwUAA4IBAQCnnpfMkYjImJogz8IIR/ZyBoPk1iV/B+jsY+niAGLWiOV4bi6XoN2l
JP0x13e+2uSh7EMj96uM6UDk39mCJIqWwGOQzKLU6Gu09xSiToRLKPFX9h3h1sfc
DigS8H9BCwWQz48U/2y00Gsy1B6zSd67ZkdwLFlUO2enAmQ7dm5/pCsXSe70ARq4
BjOO0M0abO334i8lrJI897uzjPtc6NHlnKupOeIy6WASLC+vWbOI8lXXobIWR3OV
5sXQZldMLkP9w8b4wA4bbozGWyz6iIQsAs4d4u2mxRpWslereWXuVMcwlxrsdmHw
vr8vSZUZPO9x4nbbzSJ+hdYM2x5g1aXA
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:31:22 2025 by rpki-client