Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: Oljsum/BTl+/iswaj0cf5Wf2wmgQqBg5eeMJ8+SLHow=
Subject key identifier: 9F:16:F0:41:8E:E9:C5:CA:43:C1:FC:DE:DF:11:60:19:62:0A:19:9E
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 40115EF1D88A80D888CF38E116004444622F641E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS21859.roa
Signing time: Tue 12 Nov 2024 09:11:41 +0000
ROA not before: Tue 12 Nov 2024 09:06:41 +0000
ROA not after: Tue 11 Nov 2025 09:11:41 +0000
asID: 21859
IP address blocks: 181.215.205.0/24 maxlen: 24
181.215.237.0/24 maxlen: 24
191.101.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:11:5e:f1:d8:8a:80:d8:88:cf:38:e1:16:00:44:44:62:2f:64:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Nov 12 09:06:41 2024 GMT
Not After : Nov 11 09:11:41 2025 GMT
Subject: CN=9F16F0418EE9C5CA43C1FCDEDF116019620A199E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:01:b9:dc:91:f2:23:2e:f5:46:56:aa:6a:d5:
e2:dd:a3:10:1a:39:64:10:32:5b:f9:14:4b:5b:1a:
78:51:f8:b8:ac:e1:62:cd:eb:47:e7:13:64:db:cb:
fb:79:e2:f5:f4:88:01:ce:35:db:d9:15:05:ec:4b:
a1:54:7e:7c:4c:c3:17:53:73:d7:74:3e:cf:56:a6:
fe:37:e9:22:fc:29:51:eb:5c:e3:b5:47:34:a9:a3:
92:05:8c:de:91:c3:5d:6b:86:02:1c:2f:23:4e:85:
78:24:0a:da:3f:1c:08:ef:9a:90:5a:66:61:e8:6e:
a3:a0:8c:41:56:be:f6:89:f0:8c:44:18:2b:d9:15:
86:ba:d8:4b:66:ac:ac:5e:72:52:df:34:6f:c5:8f:
02:b7:4c:6f:d6:74:8e:51:ba:b0:2b:d8:ef:72:3d:
fa:b0:33:59:26:97:aa:ba:42:b0:7e:62:0c:f0:d3:
59:6e:b3:10:be:42:ce:db:a8:e5:bd:01:b5:53:39:
6a:94:75:6a:3e:c9:a6:20:b8:c0:78:eb:c6:79:41:
86:cd:f9:c5:58:6d:b3:1b:e4:3d:e2:fb:9c:d1:13:
de:5f:e6:85:f6:ba:e3:82:28:04:a0:e5:2c:3e:9a:
b9:8d:ed:7f:5c:85:a6:59:c0:2e:25:15:a6:79:7d:
a8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:16:F0:41:8E:E9:C5:CA:43:C1:FC:DE:DF:11:60:19:62:0A:19:9E
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.215.205.0/24
181.215.237.0/24
191.101.189.0/24
Signature Algorithm: sha256WithRSAEncryption
64:0d:68:e0:76:b2:ac:91:e6:b7:4d:6d:2b:09:7d:55:b3:28:
c8:ea:4a:1c:f1:30:4b:58:dd:e8:c8:0c:ea:a5:45:4c:8a:44:
40:27:7c:b8:08:31:89:8b:61:5d:f5:2a:f1:10:63:a3:f5:41:
1b:e5:ea:ee:7f:9f:05:9d:d1:36:8e:4e:85:ca:fc:fc:cb:64:
d2:f2:0b:70:3f:8a:66:89:c9:0b:49:75:12:b1:b1:f8:06:8d:
c9:e9:4c:c8:2a:4d:50:e9:79:b4:ad:94:95:c8:1f:6f:a1:22:
7f:c2:33:b1:e1:c5:5f:6a:93:1c:8e:96:7a:45:a6:01:2a:85:
f2:e2:ce:b2:ba:bc:71:08:02:e9:c1:53:2e:a2:40:c2:6a:3f:
44:96:d4:48:8f:a8:5f:cb:0c:c5:e0:43:29:32:d1:20:79:90:
9a:33:3c:af:71:3e:1e:d3:1e:15:37:c0:38:19:73:19:96:25:
c8:78:ca:24:1d:10:25:e7:3a:09:47:12:85:8b:44:57:66:69:
e4:92:be:37:4d:bd:0b:cf:14:9e:29:ad:12:65:96:04:ef:83:
f5:a9:e6:ff:d3:c4:db:2d:b5:c3:45:9a:c7:d6:25:b7:d3:69:
43:67:c3:43:bd:62:5e:69:dc:58:93:f1:76:d9:f9:6c:ec:63:
00:3c:cc:fc
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUQBFe8diKgNiIzzjhFgBERGIvZB4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDExMTIwOTA2NDFaFw0yNTExMTEwOTExNDFaMDMxMTAvBgNV
BAMTKDlGMTZGMDQxOEVFOUM1Q0E0M0MxRkNERURGMTE2MDE5NjIwQTE5OUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyAbnckfIjLvVGVqpq1eLdoxAa
OWQQMlv5FEtbGnhR+Lis4WLN60fnE2Tby/t54vX0iAHONdvZFQXsS6FUfnxMwxdT
c9d0Ps9Wpv436SL8KVHrXOO1RzSpo5IFjN6Rw11rhgIcLyNOhXgkCto/HAjvmpBa
ZmHobqOgjEFWvvaJ8IxEGCvZFYa62EtmrKxeclLfNG/FjwK3TG/WdI5RurAr2O9y
PfqwM1kml6q6QrB+Ygzw01lusxC+Qs7bqOW9AbVTOWqUdWo+yaYguMB468Z5QYbN
+cVYbbMb5D3i+5zRE95f5oX2uuOCKASg5Sw+mrmN7X9chaZZwC4lFaZ5fag9AgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUnxbwQY7pxcpDwfze3xFgGWIKGZ4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAC1180D
BAC11+0DBAC/Zb0wDQYJKoZIhvcNAQELBQADggEBAGQNaOB2sqyR5rdNbSsJfVWz
KMjqShzxMEtY3ejIDOqlRUyKREAnfLgIMYmLYV31KvEQY6P1QRvl6u5/nwWd0TaO
ToXK/PzLZNLyC3A/imaJyQtJdRKxsfgGjcnpTMgqTVDpebStlJXIH2+hIn/CM7Hh
xV9qkxyOlnpFpgEqhfLizrK6vHEIAunBUy6iQMJqP0SW1EiPqF/LDMXgQyky0SB5
kJozPK9xPh7THhU3wDgZcxmWJch4yiQdECXnOglHEoWLRFdmaeSSvjdNvQvPFJ4p
rRJllgTvg/Wp5v/TxNsttcNFmsfWJbfTaUNnw0O9Yl5p3FiT8XbZ+WzsYwA8zPw=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:18 2024 by rpki-client on console-ams.rpki-client.org