Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212384.roa
File: AS212384.roa (raw, json)
Hash identifier: qw3M84QdE9TlCoKIycjWbMQn6vy3QOQByK83xyJyp0k=
Subject key identifier: 3A:FC:A1:17:FE:50:0F:7E:7F:4A:B4:46:67:A3:03:15:FC:F3:DA:BC
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 421BF37D2617D2891772212B1CE28CB2026FF503
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212384.roa
Signing time: Thu 07 Mar 2024 07:17:04 +0000
ROA not before: Thu 07 Mar 2024 07:12:04 +0000
ROA not after: Thu 06 Mar 2025 07:17:04 +0000
asID: 212384
IP address blocks: 85.209.179.0/24 maxlen: 24
181.214.63.0/24 maxlen: 24
181.214.169.0/24 maxlen: 24
181.214.241.0/24 maxlen: 24
185.139.239.0/24 maxlen: 24
185.170.42.0/24 maxlen: 24
191.96.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:1b:f3:7d:26:17:d2:89:17:72:21:2b:1c:e2:8c:b2:02:6f:f5:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 7 07:12:04 2024 GMT
Not After : Mar 6 07:17:04 2025 GMT
Subject: CN=3AFCA117FE500F7E7F4AB44667A30315FCF3DABC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4c:09:bd:31:ab:5c:45:97:bd:63:c3:57:ad:
b3:4b:06:8c:e8:5a:b4:10:40:dd:80:df:12:af:e2:
56:77:13:68:ca:78:7a:e4:21:cb:e9:2a:8b:07:b7:
da:c0:bb:25:21:e0:a6:9e:25:df:5c:4b:35:7a:5a:
e1:4e:fb:28:8c:fc:59:f0:79:d7:21:fd:39:b4:e7:
39:14:b3:46:98:a1:89:ef:cb:12:0f:13:fe:8a:26:
8e:16:21:45:f5:c4:5e:54:ff:e4:5a:1f:a3:54:60:
27:96:4f:83:11:fa:5c:98:6c:dc:ea:20:b4:46:13:
c0:bd:82:75:a5:e2:93:98:35:0f:41:44:74:ba:42:
ad:4f:e5:50:a5:9a:81:47:2e:b1:b7:5d:e3:e7:df:
87:d1:7b:c2:8a:61:67:3f:88:fc:a8:53:9c:31:7b:
5e:86:38:bb:9a:86:47:c1:b0:42:cd:59:26:c8:15:
ba:b4:42:30:37:f5:3e:0e:56:be:5c:b0:5e:72:b9:
52:45:a6:fb:7a:bd:c2:bd:f9:78:2b:03:a9:14:a0:
bc:2c:d7:92:19:4d:16:14:aa:6a:81:89:ed:f7:3b:
c7:b6:41:ce:69:04:2b:d1:3e:5d:79:ee:cc:d6:0d:
a3:d8:45:f9:f7:d8:c9:ef:a3:15:f5:f1:39:03:0e:
cf:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:FC:A1:17:FE:50:0F:7E:7F:4A:B4:46:67:A3:03:15:FC:F3:DA:BC
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212384.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.179.0/24
181.214.63.0/24
181.214.169.0/24
181.214.241.0/24
185.139.239.0/24
185.170.42.0/24
191.96.211.0/24
Signature Algorithm: sha256WithRSAEncryption
79:53:df:1b:68:85:ae:ef:4a:8b:09:ad:75:d0:7d:c3:9f:a7:
a9:44:65:92:03:3e:e3:c1:ea:ec:53:01:b8:c3:52:1b:df:2e:
b6:76:1a:38:5d:52:47:f8:41:cb:30:4a:91:e6:4c:51:58:df:
e6:6a:52:d0:ee:43:40:35:db:d9:ae:75:0d:d5:70:2e:9f:81:
f1:ec:e2:c2:e5:8d:2c:96:c9:a2:bd:50:67:43:33:2c:3b:cd:
1e:e7:d4:a6:49:f1:36:95:39:43:66:e3:d8:26:48:b8:0e:57:
8d:b0:35:8e:ba:e9:cf:3f:5c:7b:f9:4a:d0:70:ab:7a:9b:8b:
33:89:57:4b:7e:52:94:b4:8d:36:51:22:dc:45:96:86:50:cc:
2d:82:26:00:93:d3:9c:17:03:07:62:30:45:f8:f8:5c:69:c0:
5d:69:12:94:f5:2b:57:4f:d6:84:43:a3:b4:e9:41:c6:35:e1:
b5:21:e9:71:ee:da:be:c6:c4:0b:20:ff:4a:be:70:dc:8e:66:
28:04:f2:0b:f5:eb:46:52:04:56:a9:d9:2f:4f:49:8c:3b:a6:
89:09:e0:a3:fd:ea:2b:49:01:30:38:a7:7b:18:4c:a2:4b:cc:
f1:e6:f7:6f:cf:63:4c:a9:5a:3a:93:d0:b3:ba:16:5c:46:57:
37:49:43:1f
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUQhvzfSYX0okXciErHOKMsgJv9QMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAzMDcwNzEyMDRaFw0yNTAzMDYwNzE3MDRaMDMxMTAvBgNV
BAMTKDNBRkNBMTE3RkU1MDBGN0U3RjRBQjQ0NjY3QTMwMzE1RkNGM0RBQkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKTAm9MatcRZe9Y8NXrbNLBozo
WrQQQN2A3xKv4lZ3E2jKeHrkIcvpKosHt9rAuyUh4KaeJd9cSzV6WuFO+yiM/Fnw
edch/Tm05zkUs0aYoYnvyxIPE/6KJo4WIUX1xF5U/+RaH6NUYCeWT4MR+lyYbNzq
ILRGE8C9gnWl4pOYNQ9BRHS6Qq1P5VClmoFHLrG3XePn34fRe8KKYWc/iPyoU5wx
e16GOLuahkfBsELNWSbIFbq0QjA39T4OVr5csF5yuVJFpvt6vcK9+XgrA6kUoLws
15IZTRYUqmqBie33O8e2Qc5pBCvRPl157szWDaPYRfn32MnvoxX18TkDDs/VAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUOvyhF/5QD35/SrRGZ6MDFfzz2rwwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEyMzg0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVdGz
AwQAtdY/AwQAtdapAwQAtdbxAwQAuYvvAwQAuaoqAwQAv2DTMA0GCSqGSIb3DQEB
CwUAA4IBAQB5U98baIWu70qLCa110H3Dn6epRGWSAz7jwersUwG4w1Ib3y62dho4
XVJH+EHLMEqR5kxRWN/malLQ7kNANdvZrnUN1XAun4Hx7OLC5Y0slsmivVBnQzMs
O80e59SmSfE2lTlDZuPYJki4DleNsDWOuunPP1x7+UrQcKt6m4sziVdLflKUtI02
USLcRZaGUMwtgiYAk9OcFwMHYjBF+PhcacBdaRKU9StXT9aEQ6O06UHGNeG1Ielx
7tq+xsQLIP9KvnDcjmYoBPIL9etGUgRWqdkvT0mMO6aJCeCj/eorSQEwOKd7GEyi
S8zx5vdvz2NMqVo6k9CzuhZcRlc3SUMf
-----END CERTIFICATE-----
Generated at Fri May 10 02:42:20 2024 by rpki-client on console-fra.rpki-client.org