Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215348.roa
File: AS215348.roa (raw, json)
Hash identifier: aM6wUrx7qYiftMLIOLDwgrP3c+QdMKow/Yjpl5Ac4IU=
Subject key identifier: CE:2B:13:6E:44:F4:0D:B2:07:41:E2:3E:4A:58:19:50:87:46:4C:A1
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5B1C895DCA4E7537F6F55855752D55DF749F272E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215348.roa
Signing time: Tue 12 Mar 2024 06:59:24 +0000
ROA not before: Tue 12 Mar 2024 06:54:24 +0000
ROA not after: Tue 11 Mar 2025 06:59:24 +0000
asID: 215348
IP address blocks: 179.61.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 04:39:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:1c:89:5d:ca:4e:75:37:f6:f5:58:55:75:2d:55:df:74:9f:27:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 12 06:54:24 2024 GMT
Not After : Mar 11 06:59:24 2025 GMT
Subject: CN=CE2B136E44F40DB20741E23E4A58195087464CA1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:51:0a:a6:96:ed:c2:ac:a5:0b:b7:9a:7b:5f:
36:70:7a:7f:09:5d:9f:06:d7:1e:4b:f9:76:9a:82:
5a:49:38:bd:ab:1b:33:c1:2a:f0:11:21:13:16:c9:
39:f9:b5:9c:4d:cf:5d:cb:0a:3a:17:a5:74:bc:76:
37:fd:36:dc:bb:5b:07:1b:e7:f4:56:9a:71:4d:e5:
1d:d9:0d:e6:fd:60:44:d3:55:0e:82:b2:57:86:b0:
67:06:47:11:5a:48:f5:2f:f7:5e:64:2e:8a:7b:dd:
27:4a:17:3b:4a:51:7e:43:0e:77:f5:57:aa:0a:35:
a9:94:c6:8e:bb:86:a4:ad:07:ba:1e:ee:57:ab:73:
2d:f9:64:d6:12:bb:fd:60:d4:ce:20:70:66:8a:3d:
d1:4b:d8:d3:94:26:76:b2:ea:8f:37:e4:aa:a8:64:
f9:14:55:ad:0f:28:d1:72:2b:79:83:55:54:12:78:
91:67:ad:e9:47:97:ba:93:9f:c1:89:bb:85:db:7c:
14:28:6e:43:c4:41:6e:93:c1:c6:c6:92:96:bb:9f:
4a:df:05:88:bf:71:39:d9:f8:4b:e8:1a:e1:91:77:
b4:e8:52:76:f1:68:89:95:c9:95:fe:74:11:f6:6c:
ad:99:bc:b1:7a:93:13:13:d2:54:ea:02:77:b6:09:
eb:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:2B:13:6E:44:F4:0D:B2:07:41:E2:3E:4A:58:19:50:87:46:4C:A1
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215348.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.254.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:6e:04:ff:ad:cd:55:16:78:a2:90:ee:a7:cf:1c:3c:58:ec:
40:b6:3c:5d:25:f5:38:9d:ed:a4:fb:ac:8d:d2:98:cd:0d:9d:
c9:76:bf:8e:9c:2f:8c:b0:86:11:6d:dd:24:fb:f2:01:c7:0f:
cf:c0:79:cc:da:3c:f1:5e:a2:bb:89:a2:19:75:24:a6:52:7a:
63:4b:30:db:c2:53:b2:d7:4c:ea:59:f6:1b:48:41:4f:ea:9e:
26:09:a0:a5:59:bf:95:f6:0c:24:2e:1c:67:92:8b:07:ff:5c:
d4:6a:e2:78:07:a0:73:cd:80:4d:f9:e0:14:27:e8:d8:ec:2a:
f0:d0:9d:3d:93:15:86:ec:90:2f:45:5e:48:33:ba:72:c0:1e:
ee:42:a1:83:e4:44:7e:6d:d3:68:2a:21:6b:5d:69:f5:bb:b2:
46:24:60:2a:6f:c5:5a:d0:44:cb:a1:15:1f:12:32:d7:b8:d8:
bf:57:41:32:69:c1:9c:b4:26:e1:9d:20:0b:0c:30:fd:2d:c1:
a3:22:46:f5:3b:fb:e8:ed:58:e7:45:6b:64:7f:7f:33:1f:b0:
67:1f:4a:fc:54:96:2a:33:95:ac:04:79:91:2f:22:4f:c1:4b:
9a:88:70:a5:ad:51:98:44:ac:98:dc:2d:3e:02:5a:76:ad:2c:
76:bc:fc:20
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUWxyJXcpOdTf29VhVdS1V33SfJy4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAzMTIwNjU0MjRaFw0yNTAzMTEwNjU5MjRaMDMxMTAvBgNV
BAMTKENFMkIxMzZFNDRGNDBEQjIwNzQxRTIzRTRBNTgxOTUwODc0NjRDQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcUQqmlu3CrKULt5p7XzZwen8J
XZ8G1x5L+XaaglpJOL2rGzPBKvARIRMWyTn5tZxNz13LCjoXpXS8djf9Nty7Wwcb
5/RWmnFN5R3ZDeb9YETTVQ6CsleGsGcGRxFaSPUv915kLop73SdKFztKUX5DDnf1
V6oKNamUxo67hqStB7oe7lercy35ZNYSu/1g1M4gcGaKPdFL2NOUJnay6o835Kqo
ZPkUVa0PKNFyK3mDVVQSeJFnrelHl7qTn8GJu4XbfBQobkPEQW6TwcbGkpa7n0rf
BYi/cTnZ+EvoGuGRd7ToUnbxaImVyZX+dBH2bK2ZvLF6kxMT0lTqAne2CevLAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUzisTbkT0DbIHQeI+SlgZUIdGTKEwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjE1MzQ4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsz3+
MA0GCSqGSIb3DQEBCwUAA4IBAQBubgT/rc1VFniikO6nzxw8WOxAtjxdJfU4ne2k
+6yN0pjNDZ3Jdr+OnC+MsIYRbd0k+/IBxw/PwHnM2jzxXqK7iaIZdSSmUnpjSzDb
wlOy10zqWfYbSEFP6p4mCaClWb+V9gwkLhxnkosH/1zUauJ4B6BzzYBN+eAUJ+jY
7Crw0J09kxWG7JAvRV5IM7pywB7uQqGD5ER+bdNoKiFrXWn1u7JGJGAqb8Va0ETL
oRUfEjLXuNi/V0EyacGctCbhnSALDDD9LcGjIkb1O/vo7VjnRWtkf38zH7BnH0r8
VJYqM5WsBHmRLyJPwUuaiHClrVGYRKyY3C0+Alp2rSx2vPwg
-----END CERTIFICATE-----
Generated at Fri May 10 08:14:31 2024 by rpki-client on console-ams.rpki-client.org