Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212384.roa
File: AS212384.roa (raw, json)
Hash identifier: JE9/AS+RR0YbUs+W7An+kobk57AU3mn53kcWG6SbSZQ=
Subject key identifier: A5:8F:E4:FE:DD:48:18:56:55:6F:44:99:A2:67:C0:04:B3:44:DD:C3
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 25C0CAB4CD4BA39FF8EB6E315A0E6F1E2BFF53A8
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212384.roa
Signing time: Mon 11 Nov 2024 07:23:16 +0000
ROA not before: Mon 11 Nov 2024 07:18:16 +0000
ROA not after: Mon 10 Nov 2025 07:23:16 +0000
asID: 212384
IP address blocks: 85.209.179.0/24 maxlen: 24
181.214.63.0/24 maxlen: 24
181.214.169.0/24 maxlen: 24
181.214.241.0/24 maxlen: 24
181.215.29.0/24 maxlen: 24
185.139.239.0/24 maxlen: 24
185.170.42.0/24 maxlen: 24
191.96.211.0/24 maxlen: 24
191.101.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:c0:ca:b4:cd:4b:a3:9f:f8:eb:6e:31:5a:0e:6f:1e:2b:ff:53:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Nov 11 07:18:16 2024 GMT
Not After : Nov 10 07:23:16 2025 GMT
Subject: CN=A58FE4FEDD481856556F4499A267C004B344DDC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5a:a4:c1:ec:09:60:3e:20:bb:fb:27:52:a5:
ed:fd:7d:d4:98:fc:42:22:83:f8:fa:66:59:7e:c2:
e6:3f:1b:f7:e7:c0:7b:d1:f6:b7:3b:cc:d5:ce:49:
36:ab:a3:24:24:70:6c:bd:18:c2:85:2d:f2:d1:d1:
cb:c2:73:b9:69:2e:8f:9a:07:ab:26:b8:d1:ed:44:
da:7c:88:60:95:ef:8b:27:db:2f:3f:fa:b5:89:0e:
41:f6:86:68:1f:cd:83:21:09:fb:90:d8:f6:b8:c4:
87:a9:7a:3f:0c:e4:81:a9:00:bf:88:5f:82:6e:a7:
c2:8a:e0:b5:0b:9f:fb:91:96:5f:cc:d2:0b:e2:99:
0a:1a:ec:b2:06:83:4d:40:60:78:cf:54:8d:0f:85:
d0:97:b8:31:07:04:2e:fd:2d:84:45:af:ad:bf:6e:
33:94:b6:26:30:12:84:bd:ad:f6:2a:d4:a9:56:f4:
0c:3c:a1:e3:c1:f1:4c:bb:d1:d2:65:ed:22:41:de:
16:dc:6f:a5:a1:6f:15:ab:fb:69:3e:79:ae:66:ad:
97:ec:7e:b5:1d:4a:3e:c0:ad:23:c8:1a:77:c1:7a:
28:07:29:bb:95:b1:43:93:a9:f3:d6:c8:d3:f9:16:
e0:11:22:e5:a9:6b:16:b1:be:1d:5c:14:13:2a:69:
f2:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:8F:E4:FE:DD:48:18:56:55:6F:44:99:A2:67:C0:04:B3:44:DD:C3
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212384.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.179.0/24
181.214.63.0/24
181.214.169.0/24
181.214.241.0/24
181.215.29.0/24
185.139.239.0/24
185.170.42.0/24
191.96.211.0/24
191.101.122.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:6a:99:79:0d:a4:b6:5a:4b:80:19:3e:72:ac:50:a7:d4:8b:
cc:28:3b:63:e0:bc:26:12:1a:df:4f:93:83:19:86:ca:c5:58:
74:09:2d:5e:bd:c6:17:07:e7:2e:aa:5a:7e:99:8f:3c:f4:87:
3c:e6:dc:ae:4b:e3:da:ba:8e:09:c0:64:f9:19:b4:fe:e3:96:
1b:83:94:80:35:ae:a1:f7:b4:85:81:ac:83:fc:98:88:1a:40:
50:00:30:d3:60:b8:30:91:f9:ed:97:85:a4:54:59:7b:77:7d:
5e:1e:6a:1e:84:19:e5:7d:6e:e7:2f:2f:5d:62:8b:fb:72:58:
bb:70:41:97:a1:fd:bb:f8:7e:95:75:36:bb:42:b5:f2:98:35:
05:c3:12:eb:9c:44:30:df:63:a0:82:b5:b0:5d:7d:5a:ad:d7:
10:88:57:de:37:5e:be:47:4d:39:ac:29:ad:f2:80:50:3f:9c:
9b:fa:50:6e:7e:aa:47:58:09:e9:04:de:20:a1:d6:db:6a:21:
05:d9:9d:73:80:9c:ae:0c:a0:69:69:ee:29:5b:55:cf:0f:f2:
7d:c5:c4:42:11:98:b0:c7:68:79:8e:3d:b4:2c:2b:9f:1e:d0:
95:f9:fb:52:24:1e:9d:a7:35:09:35:64:39:76:33:f2:ff:83:
06:20:e2:b1
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIUJcDKtM1Lo5/4624xWg5vHiv/U6gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDExMTEwNzE4MTZaFw0yNTExMTAwNzIzMTZaMDMxMTAvBgNV
BAMTKEE1OEZFNEZFREQ0ODE4NTY1NTZGNDQ5OUEyNjdDMDA0QjM0NEREQzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9WqTB7AlgPiC7+ydSpe39fdSY
/EIig/j6Zll+wuY/G/fnwHvR9rc7zNXOSTaroyQkcGy9GMKFLfLR0cvCc7lpLo+a
B6smuNHtRNp8iGCV74sn2y8/+rWJDkH2hmgfzYMhCfuQ2Pa4xIepej8M5IGpAL+I
X4Jup8KK4LULn/uRll/M0gvimQoa7LIGg01AYHjPVI0PhdCXuDEHBC79LYRFr62/
bjOUtiYwEoS9rfYq1KlW9Aw8oePB8Uy70dJl7SJB3hbcb6WhbxWr+2k+ea5mrZfs
frUdSj7ArSPIGnfBeigHKbuVsUOTqfPWyNP5FuARIuWpaxaxvh1cFBMqafJdAgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQUpY/k/t1IGFZVb0SZomfABLNE3cMwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEyMzg0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVdGz
AwQAtdY/AwQAtdapAwQAtdbxAwQAtdcdAwQAuYvvAwQAuaoqAwQAv2DTAwQAv2V6
MA0GCSqGSIb3DQEBCwUAA4IBAQA+apl5DaS2WkuAGT5yrFCn1IvMKDtj4LwmEhrf
T5ODGYbKxVh0CS1evcYXB+cuqlp+mY889Ic85tyuS+Pauo4JwGT5GbT+45Ybg5SA
Na6h97SFgayD/JiIGkBQADDTYLgwkfntl4WkVFl7d31eHmoehBnlfW7nLy9dYov7
cli7cEGXof27+H6VdTa7QrXymDUFwxLrnEQw32OggrWwXX1ardcQiFfeN16+R005
rCmt8oBQP5yb+lBufqpHWAnpBN4godbbaiEF2Z1zgJyuDKBpae4pW1XPD/J9xcRC
EZiwx2h5jj20LCufHtCV+ftSJB6dpzUJNWQ5djPy/4MGIOKx
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:10 2024 by rpki-client on console-fra.rpki-client.org