Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212609.roa
File: AS212609.roa (raw, json)
Hash identifier: VH5HdKWxajB4T+PPXvwO0PnjQehZncMtvWvnwwG+Zdk=
Subject key identifier: 45:52:82:EE:6B:8E:BF:7F:66:FE:88:63:ED:64:14:7A:7B:8D:AD:ED
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 7327770D4F75F46E7C06A89968A550814573EFC4
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212609.roa
Signing time: Tue 23 Apr 2024 13:08:49 +0000
ROA not before: Tue 23 Apr 2024 13:03:49 +0000
ROA not after: Tue 22 Apr 2025 13:08:49 +0000
asID: 212609
IP address blocks: 191.101.248.0/24 maxlen: 24
191.101.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:27:77:0d:4f:75:f4:6e:7c:06:a8:99:68:a5:50:81:45:73:ef:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 23 13:03:49 2024 GMT
Not After : Apr 22 13:08:49 2025 GMT
Subject: CN=455282EE6B8EBF7F66FE8863ED64147A7B8DADED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:df:bc:3f:e2:70:74:e2:08:0c:1d:21:bb:1c:
2f:3d:b5:f0:f5:5b:04:85:1e:05:2a:5a:f2:da:1b:
c4:c8:4e:77:8b:90:fd:3c:8d:5c:46:e1:72:ce:fb:
1a:8a:fe:69:e3:03:4c:ae:e8:bb:7f:53:d7:22:36:
69:db:53:33:c9:12:42:e3:57:cd:8f:e7:a9:39:bf:
1a:5b:30:6a:e4:b5:56:8b:b1:df:d7:2a:a6:71:e4:
ba:89:9e:da:ee:68:3b:ae:0b:2a:1c:02:eb:a2:2f:
5d:a6:f2:f7:87:06:2e:d0:dc:3a:ff:c8:e4:7a:26:
37:f8:fc:6d:ef:00:2a:9a:d9:ed:7a:47:e6:d3:91:
a0:ca:67:1d:98:36:52:c6:01:30:29:2f:18:ba:2b:
e8:78:b3:f9:26:6e:fd:62:80:3e:f0:f2:46:b5:9a:
62:b2:18:af:5e:13:9e:7e:98:32:21:68:44:51:6d:
90:a4:4e:de:d9:0d:36:9d:84:58:e6:b9:e5:1e:8f:
b6:85:85:57:98:9b:4d:94:53:52:e5:35:11:e4:7d:
b0:93:4c:8f:91:64:84:03:00:1a:db:54:d5:5b:ca:
6b:c5:f2:fe:ec:f8:40:79:62:45:c8:53:4c:0d:20:
78:e7:c2:42:80:7f:14:cf:d1:b4:3a:cd:81:89:d4:
59:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:52:82:EE:6B:8E:BF:7F:66:FE:88:63:ED:64:14:7A:7B:8D:AD:ED
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212609.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.101.248.0/24
191.101.251.0/24
Signature Algorithm: sha256WithRSAEncryption
94:79:40:8f:3a:16:95:06:86:c7:91:ac:c1:90:06:a6:71:53:
e4:7a:44:04:ee:8c:61:34:54:eb:bb:9e:09:10:92:33:91:5d:
91:f2:af:6d:56:45:31:40:b0:23:9d:eb:32:35:0c:54:e5:3b:
85:dc:0a:4b:9d:3b:82:56:53:ad:86:b5:18:0b:da:71:eb:71:
a3:dd:c4:ba:24:ab:00:e2:8f:f8:20:d7:f1:9d:c5:bc:f2:89:
87:0f:d8:5e:2a:54:f4:a2:8e:15:70:d5:8b:c7:5d:2c:a8:c6:
1f:cd:42:6f:5b:6f:0f:62:55:b0:11:7e:f7:b4:4d:88:42:a6:
8b:90:48:4e:93:c7:ce:84:ad:24:ee:b0:b0:1e:ac:44:35:8a:
b9:7e:c8:94:3b:08:be:00:0a:ca:04:91:25:68:28:22:99:28:
eb:c0:55:dd:29:87:ee:91:7f:3f:61:5d:35:37:9e:26:4e:92:
58:84:d4:cb:da:0a:36:66:5f:a3:ff:c9:82:c2:53:5c:36:e7:
91:0d:ae:c4:0f:50:99:fd:54:94:c8:9a:ec:cd:28:53:c8:ba:
b0:29:f9:28:2a:98:9a:6e:91:c0:52:dd:25:6b:e7:5e:4f:9c:
2e:50:43:8c:5f:8c:5b:e5:84:7a:8a:3b:ac:95:06:e5:07:2e:
93:65:78:71
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUcyd3DU919G58BqiZaKVQgUVz78QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA0MjMxMzAzNDlaFw0yNTA0MjIxMzA4NDlaMDMxMTAvBgNV
BAMTKDQ1NTI4MkVFNkI4RUJGN0Y2NkZFODg2M0VENjQxNDdBN0I4REFERUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC237w/4nB04ggMHSG7HC89tfD1
WwSFHgUqWvLaG8TITneLkP08jVxG4XLO+xqK/mnjA0yu6Lt/U9ciNmnbUzPJEkLj
V82P56k5vxpbMGrktVaLsd/XKqZx5LqJntruaDuuCyocAuuiL12m8veHBi7Q3Dr/
yOR6Jjf4/G3vACqa2e16R+bTkaDKZx2YNlLGATApLxi6K+h4s/kmbv1igD7w8ka1
mmKyGK9eE55+mDIhaERRbZCkTt7ZDTadhFjmueUej7aFhVeYm02UU1LlNRHkfbCT
TI+RZIQDABrbVNVbymvF8v7s+EB5YkXIU0wNIHjnwkKAfxTP0bQ6zYGJ1Fm9AgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQURVKC7muOv39m/ohj7WQUenuNre0wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEyNjA5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAv2X4
AwQAv2X7MA0GCSqGSIb3DQEBCwUAA4IBAQCUeUCPOhaVBobHkazBkAamcVPkekQE
7oxhNFTru54JEJIzkV2R8q9tVkUxQLAjnesyNQxU5TuF3ApLnTuCVlOthrUYC9px
63Gj3cS6JKsA4o/4INfxncW88omHD9heKlT0oo4VcNWLx10sqMYfzUJvW28PYlWw
EX73tE2IQqaLkEhOk8fOhK0k7rCwHqxENYq5fsiUOwi+AArKBJElaCgimSjrwFXd
KYfukX8/YV01N54mTpJYhNTL2go2Zl+j/8mCwlNcNueRDa7ED1CZ/VSUyJrszShT
yLqwKfkoKpiabpHAUt0la+deT5wuUEOMX4xb5YR6ijuslQblBy6TZXhx
-----END CERTIFICATE-----
Generated at Fri May 10 02:42:20 2024 by rpki-client on console-fra.rpki-client.org