Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212335.roa
File: AS212335.roa (raw, json)
Hash identifier: mQ4zhkKOio0D9vHQZOItSt8OG3lS7GlD8g56RKscsrw=
Subject key identifier: 12:AE:B6:E5:74:27:F9:3A:BF:2A:90:F6:3C:0F:52:68:F7:AB:76:47
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5855B086EE499B284E2F907CD502BFC780198425
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212335.roa
Signing time: Thu 27 Jul 2023 08:57:35 +0000
ROA not before: Thu 27 Jul 2023 08:52:35 +0000
ROA not after: Thu 25 Jul 2024 08:57:35 +0000
asID: 212335
IP address blocks: 45.137.157.0/24 maxlen: 24
185.170.56.0/24 maxlen: 24
191.96.18.0/24 maxlen: 24
191.96.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:55:b0:86:ee:49:9b:28:4e:2f:90:7c:d5:02:bf:c7:80:19:84:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jul 27 08:52:35 2023 GMT
Not After : Jul 25 08:57:35 2024 GMT
Subject: CN=12AEB6E57427F93ABF2A90F63C0F5268F7AB7647
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:61:5b:33:bd:d4:74:e1:08:47:4c:ff:0b:b3:
c0:7e:fc:88:bc:5b:3c:40:ab:07:9d:4b:ba:bb:0a:
87:20:55:68:70:0f:d7:1f:ca:cd:5a:93:10:69:6d:
9c:bc:dc:ae:d9:1f:ba:ab:b1:65:f1:e9:4f:ad:1a:
37:b3:f2:5c:2a:ff:5e:4f:c6:7b:5e:f9:08:c7:fe:
6a:73:7e:52:c3:ec:4c:35:02:7e:e9:86:bc:97:19:
e7:39:44:98:c1:97:56:d3:24:02:e3:7c:a2:17:97:
9c:66:41:56:1c:1e:0c:b2:5f:8b:12:ba:ff:84:05:
f4:a5:30:0f:cd:d7:71:2b:07:88:43:86:a6:c7:a7:
8d:b9:86:8a:6b:09:7d:2b:f5:de:e0:e3:84:c4:e5:
a8:d1:12:5a:e8:a9:08:56:9c:94:b9:ff:93:1b:db:
3a:bc:82:e7:31:c8:00:ae:25:0f:2c:fe:47:33:f4:
9c:77:d4:30:b8:cf:d9:ef:6a:00:c8:15:2f:5e:90:
30:4a:d2:f2:59:df:08:23:d2:f5:a6:b6:5b:05:34:
ac:0d:77:85:c0:66:f1:ee:85:f3:17:4f:1c:4c:af:
60:58:1b:f8:5e:1c:67:f4:e7:0d:7d:fa:f0:80:cf:
7f:25:95:e3:31:1d:c1:e2:ce:62:ca:87:89:19:3a:
27:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:AE:B6:E5:74:27:F9:3A:BF:2A:90:F6:3C:0F:52:68:F7:AB:76:47
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.157.0/24
185.170.56.0/24
191.96.18.0/24
191.96.187.0/24
Signature Algorithm: sha256WithRSAEncryption
57:dd:09:cc:c0:67:28:7e:7f:20:84:47:49:ea:4e:fb:88:b7:
70:c7:fc:4b:ba:e6:29:92:4c:8b:f3:91:3f:df:82:9a:55:b9:
5c:64:6c:98:52:ca:0a:96:3d:e2:e6:17:90:7b:f8:3c:9f:d7:
bc:96:8f:fe:1d:c2:9b:19:e7:e4:2a:3d:0d:2c:ba:85:37:68:
a1:87:9c:a8:4b:fc:a9:e7:1d:ce:77:b0:11:1e:b2:d5:22:0a:
d4:e7:4a:51:72:dc:0b:0a:21:b4:cf:86:18:fe:f8:cf:e0:d1:
c8:67:27:3f:83:64:24:9b:85:26:ad:53:ef:97:fe:84:06:b2:
cc:eb:4f:f7:18:b7:58:fe:80:e6:75:0e:f4:dd:d5:67:6a:9d:
42:63:0e:f9:1a:8a:68:62:4e:d7:e6:f2:d4:85:4a:99:0c:f2:
32:66:2d:03:7f:b6:a1:94:b4:10:cb:98:e8:b8:c3:4d:ac:29:
a9:b8:97:11:e8:7a:8a:f1:55:6a:72:06:03:0d:8c:4a:e7:9a:
0c:0f:59:be:e3:6e:5b:b8:61:2e:d0:40:95:12:c5:25:de:65:
50:fe:dd:d8:de:cf:14:d8:70:88:8b:12:ed:35:75:b2:22:24:
4d:86:1d:14:93:66:06:09:31:ab:89:98:ea:7b:9f:0c:77:07:
26:74:ef:05
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUWFWwhu5JmyhOL5B81QK/x4AZhCUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzA3MjcwODUyMzVaFw0yNDA3MjUwODU3MzVaMDMxMTAvBgNV
BAMTKDEyQUVCNkU1NzQyN0Y5M0FCRjJBOTBGNjNDMEY1MjY4RjdBQjc2NDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUYVszvdR04QhHTP8Ls8B+/Ii8
WzxAqwedS7q7CocgVWhwD9cfys1akxBpbZy83K7ZH7qrsWXx6U+tGjez8lwq/15P
xnte+QjH/mpzflLD7Ew1An7phryXGec5RJjBl1bTJALjfKIXl5xmQVYcHgyyX4sS
uv+EBfSlMA/N13ErB4hDhqbHp425hoprCX0r9d7g44TE5ajRElroqQhWnJS5/5Mb
2zq8gucxyACuJQ8s/kcz9Jx31DC4z9nvagDIFS9ekDBK0vJZ3wgj0vWmtlsFNKwN
d4XAZvHuhfMXTxxMr2BYG/heHGf05w19+vCAz38lleMxHcHizmLKh4kZOifRAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUEq625XQn+Tq/KpD2PA9SaPerdkcwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEyMzM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYmd
AwQAuao4AwQAv2ASAwQAv2C7MA0GCSqGSIb3DQEBCwUAA4IBAQBX3QnMwGcofn8g
hEdJ6k77iLdwx/xLuuYpkkyL85E/34KaVblcZGyYUsoKlj3i5heQe/g8n9e8lo/+
HcKbGefkKj0NLLqFN2ihh5yoS/yp5x3Od7ARHrLVIgrU50pRctwLCiG0z4YY/vjP
4NHIZyc/g2Qkm4UmrVPvl/6EBrLM60/3GLdY/oDmdQ703dVnap1CYw75GopoYk7X
5vLUhUqZDPIyZi0Df7ahlLQQy5jouMNNrCmpuJcR6HqK8VVqcgYDDYxK55oMD1m+
425buGEu0ECVEsUl3mVQ/t3Y3s8U2HCIixLtNXWyIiRNhh0Uk2YGCTGriZjqe58M
dwcmdO8F
-----END CERTIFICATE-----
Generated at Fri May 10 10:50:02 2024 by rpki-client on console-fra.rpki-client.org