Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212335.roa
File: AS212335.roa (raw, json)
Hash identifier: J6EnUaBNtMEwhXi+tWAYLwciybRJWLd3fYzyndgHTjY=
Subject key identifier: E7:4E:A8:40:14:22:B8:97:6F:16:97:28:4C:92:A7:77:8B:AC:4D:4E
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3C58FE7881141254E519304B1FB77336F795E0BF
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212335.roa
Signing time: Thu 27 Jun 2024 09:05:18 +0000
ROA not before: Thu 27 Jun 2024 09:00:18 +0000
ROA not after: Thu 26 Jun 2025 09:05:18 +0000
asID: 212335
IP address blocks: 45.137.157.0/24 maxlen: 24
185.170.56.0/24 maxlen: 24
191.96.18.0/24 maxlen: 24
191.96.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:58:fe:78:81:14:12:54:e5:19:30:4b:1f:b7:73:36:f7:95:e0:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 27 09:00:18 2024 GMT
Not After : Jun 26 09:05:18 2025 GMT
Subject: CN=E74EA8401422B8976F1697284C92A7778BAC4D4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:93:b0:7b:ef:ed:52:81:36:69:78:49:f2:df:
67:e3:a0:bb:b2:9c:2b:2a:4f:c0:85:13:06:13:4d:
52:67:ca:e5:75:45:84:a3:49:a7:e7:cf:5e:0f:9f:
8f:ab:13:d2:50:f7:d0:44:94:ef:bb:b3:8a:fb:7d:
0a:db:2a:ce:47:26:91:5d:34:bb:90:db:b3:dc:49:
ae:1c:53:cd:72:60:f2:2f:27:cd:88:07:73:b3:ac:
cf:4a:26:28:98:89:4d:99:4f:ab:02:5f:e8:df:73:
2a:b7:e4:c6:d7:50:bd:6a:90:f8:cd:02:76:c8:b6:
d2:cf:f4:c5:14:aa:e3:9a:b3:f1:c7:b2:43:29:b1:
3f:e3:d0:83:85:0f:2a:cc:30:3c:e9:de:80:3a:3c:
71:49:f6:b9:c8:79:9f:c7:a7:5c:fd:b0:ed:7f:b7:
91:8a:68:ec:9e:9b:db:10:2e:ab:7c:9b:14:c4:c1:
2e:1f:e7:a0:ba:9a:3a:04:29:09:81:fc:f8:28:bc:
05:0e:bf:98:aa:94:3a:0b:e1:ba:11:74:96:e1:68:
f4:42:52:38:fa:6a:5e:5f:fb:44:d1:25:11:72:a4:
47:af:91:95:d2:26:ba:c3:b3:6d:8b:01:f2:d6:01:
df:a1:89:5e:1b:ae:52:c4:9f:a5:51:2f:ac:b7:4a:
f3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:4E:A8:40:14:22:B8:97:6F:16:97:28:4C:92:A7:77:8B:AC:4D:4E
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.157.0/24
185.170.56.0/24
191.96.18.0/24
191.96.187.0/24
Signature Algorithm: sha256WithRSAEncryption
95:42:81:27:89:67:ea:ba:ec:e6:3d:55:a7:77:6f:c2:b1:6a:
fb:c6:c4:40:63:94:f4:15:65:3b:da:2a:f0:a8:3f:04:f5:f7:
70:25:d4:1b:cc:a6:04:54:d5:d7:29:ac:65:e1:ae:05:8a:3a:
b7:30:8c:f0:fb:48:fa:6e:49:7b:92:fd:6b:7c:0a:18:a8:45:
e9:43:a7:f3:1e:ca:3d:b7:64:a7:0c:38:5b:ee:31:68:7a:e5:
cd:bb:d2:cd:59:ed:8d:d1:6c:93:02:22:cc:59:ec:3c:6b:6c:
a6:16:3f:5a:f8:70:5f:fb:9d:61:a5:6e:5d:4e:a3:a4:9b:cc:
62:ca:7b:bc:bf:f9:f9:10:73:3b:6b:a4:3b:cc:ef:85:e0:e0:
82:ea:78:04:04:df:76:62:68:fa:4d:29:0f:d8:91:df:8c:cd:
67:b3:98:23:0c:c4:9f:ca:a6:d1:08:fa:2d:dd:6c:0d:6c:21:
b2:6f:e2:0f:c6:ff:ca:39:77:77:bd:fd:62:bb:e3:e6:c7:91:
46:85:85:a7:fa:d9:dd:6d:f1:f4:e9:ad:28:ef:96:cb:32:9d:
28:4d:d5:97:a3:70:1f:09:67:5b:05:1b:df:0e:92:f7:d0:b6:
8c:3d:53:57:ab:6e:61:2f:16:73:80:25:39:1f:04:cc:81:f4:
1d:8b:e7:9f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUPFj+eIEUElTlGTBLH7dzNveV4L8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA2MjcwOTAwMThaFw0yNTA2MjYwOTA1MThaMDMxMTAvBgNV
BAMTKEU3NEVBODQwMTQyMkI4OTc2RjE2OTcyODRDOTJBNzc3OEJBQzRENEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDk7B77+1SgTZpeEny32fjoLuy
nCsqT8CFEwYTTVJnyuV1RYSjSafnz14Pn4+rE9JQ99BElO+7s4r7fQrbKs5HJpFd
NLuQ27PcSa4cU81yYPIvJ82IB3OzrM9KJiiYiU2ZT6sCX+jfcyq35MbXUL1qkPjN
AnbIttLP9MUUquOas/HHskMpsT/j0IOFDyrMMDzp3oA6PHFJ9rnIeZ/Hp1z9sO1/
t5GKaOyem9sQLqt8mxTEwS4f56C6mjoEKQmB/PgovAUOv5iqlDoL4boRdJbhaPRC
Ujj6al5f+0TRJRFypEevkZXSJrrDs22LAfLWAd+hiV4brlLEn6VRL6y3SvPhAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQU506oQBQiuJdvFpcoTJKnd4usTU4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEyMzM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYmd
AwQAuao4AwQAv2ASAwQAv2C7MA0GCSqGSIb3DQEBCwUAA4IBAQCVQoEniWfquuzm
PVWnd2/CsWr7xsRAY5T0FWU72irwqD8E9fdwJdQbzKYEVNXXKaxl4a4Fijq3MIzw
+0j6bkl7kv1rfAoYqEXpQ6fzHso9t2SnDDhb7jFoeuXNu9LNWe2N0WyTAiLMWew8
a2ymFj9a+HBf+51hpW5dTqOkm8xiynu8v/n5EHM7a6Q7zO+F4OCC6ngEBN92Ymj6
TSkP2JHfjM1ns5gjDMSfyqbRCPot3WwNbCGyb+IPxv/KOXd3vf1iu+Pmx5FGhYWn
+tndbfH06a0o75bLMp0oTdWXo3AfCWdbBRvfDpL30LaMPVNXq25hLxZzgCU5HwTM
gfQdi+ef
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:44:46 2024 by rpki-client on console-fra.rpki-client.org