Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS22168.roa
File: AS22168.roa (raw, json)
Hash identifier: tyug1gd45/AguyWmqNuEBOer3t+XNTccG/Dmy+zGFL4=
Subject key identifier: DD:84:26:35:B8:2F:E6:50:0E:E8:54:7D:7C:92:ED:1B:3C:2D:2A:CF
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 15D0D08E3682C2CE76688FE4916AF50740BD739C
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS22168.roa
Signing time: Thu 25 Apr 2024 12:09:14 +0000
ROA not before: Thu 25 Apr 2024 12:04:14 +0000
ROA not after: Thu 24 Apr 2025 12:09:14 +0000
asID: 22168
IP address blocks: 179.61.168.0/24 maxlen: 24
181.41.192.0/24 maxlen: 24
181.214.62.0/24 maxlen: 24
181.214.90.0/24 maxlen: 24
181.214.234.0/24 maxlen: 24
181.214.245.0/24 maxlen: 24
181.215.138.0/24 maxlen: 24
181.215.145.0/24 maxlen: 24
181.215.208.0/24 maxlen: 24
191.96.20.0/24 maxlen: 24
191.96.22.0/24 maxlen: 24
191.96.127.0/24 maxlen: 24
191.101.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 04:39:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:d0:d0:8e:36:82:c2:ce:76:68:8f:e4:91:6a:f5:07:40:bd:73:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 25 12:04:14 2024 GMT
Not After : Apr 24 12:09:14 2025 GMT
Subject: CN=DD842635B82FE6500EE8547D7C92ED1B3C2D2ACF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:28:8f:49:d8:d0:7c:26:47:63:3f:5d:19:01:
55:13:74:a0:e7:ee:66:d6:37:0c:9e:34:e8:b9:fb:
e8:6a:23:04:71:39:96:5a:8a:00:5b:66:8f:54:91:
75:08:f1:d7:34:28:d5:31:c0:bf:b8:74:85:30:25:
92:8b:4c:7d:a5:11:92:13:89:e7:b3:4e:d5:ae:ab:
13:51:71:71:ab:cc:28:99:6f:62:4a:ae:a3:19:e5:
8e:dc:2f:7f:9c:2c:5d:8f:1e:5d:18:f1:7f:36:70:
50:12:5f:74:91:9f:23:39:0a:6b:64:b8:8e:c8:5a:
02:3c:2c:99:9c:12:fa:64:9c:63:28:68:e4:57:a9:
12:ea:e8:64:f0:bc:f0:39:fb:e4:91:94:4c:79:7e:
75:b9:af:39:11:1a:3d:86:98:b9:e5:2e:98:b9:ed:
fb:7c:ed:46:7a:0e:b5:5c:98:25:ad:80:28:11:e3:
85:df:80:d3:3c:22:a5:04:e4:10:1e:89:74:b4:ed:
5f:dd:2c:e8:92:a8:b2:d8:4b:53:cd:2e:ed:7f:0f:
97:33:14:ee:84:52:47:99:fc:69:4d:3a:3c:71:4c:
ac:23:65:1f:da:b1:48:64:8f:8a:d0:40:4c:39:6b:
9b:8c:f2:14:29:7b:81:99:b4:8d:05:ee:7c:d2:30:
3a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:84:26:35:B8:2F:E6:50:0E:E8:54:7D:7C:92:ED:1B:3C:2D:2A:CF
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS22168.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.168.0/24
181.41.192.0/24
181.214.62.0/24
181.214.90.0/24
181.214.234.0/24
181.214.245.0/24
181.215.138.0/24
181.215.145.0/24
181.215.208.0/24
191.96.20.0/24
191.96.22.0/24
191.96.127.0/24
191.101.103.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:ec:29:b1:2f:f2:1c:29:1e:f9:45:94:3c:7c:b8:f8:16:54:
52:b3:27:42:76:b2:0b:45:47:2f:4e:6c:0e:70:85:d1:a8:bf:
df:93:e7:20:33:2a:dd:23:37:e7:50:f5:da:7d:f5:82:d4:7a:
31:b8:91:16:b5:49:22:58:d5:6d:83:de:f2:5b:a0:3e:92:bd:
cb:a9:a1:28:c3:a8:26:c5:8b:58:5d:58:77:8d:62:93:c2:d6:
7c:90:d4:b3:81:cf:29:81:d9:1e:01:49:bc:3a:cc:0b:1f:d4:
0e:17:30:46:9f:7c:5e:9f:f9:85:52:61:a7:7e:6a:92:06:68:
48:71:01:28:64:c9:81:0e:a3:6d:d4:dd:ec:f3:d6:c2:a8:a7:
a9:14:57:27:d7:af:4c:9a:c1:13:80:6c:7c:25:86:04:de:36:
b3:56:e1:32:cf:1a:a0:6d:6b:90:46:58:17:71:31:ac:a2:14:
32:43:c2:da:76:2b:cc:fc:fe:33:8c:2b:61:01:03:73:90:fe:
c3:e1:ad:a9:0c:df:77:e6:af:57:43:73:db:cc:a7:29:c6:02:
51:8d:76:93:e9:ea:67:9f:84:93:d9:91:e0:ce:6a:64:e2:20:
5b:86:ba:91:23:38:84:e7:4f:42:03:33:aa:df:b2:16:78:8c:
dc:35:63:80
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUFdDQjjaCws52aI/kkWr1B0C9c5wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA0MjUxMjA0MTRaFw0yNTA0MjQxMjA5MTRaMDMxMTAvBgNV
BAMTKEREODQyNjM1QjgyRkU2NTAwRUU4NTQ3RDdDOTJFRDFCM0MyRDJBQ0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCLKI9J2NB8JkdjP10ZAVUTdKDn
7mbWNwyeNOi5++hqIwRxOZZaigBbZo9UkXUI8dc0KNUxwL+4dIUwJZKLTH2lEZIT
ieezTtWuqxNRcXGrzCiZb2JKrqMZ5Y7cL3+cLF2PHl0Y8X82cFASX3SRnyM5Cmtk
uI7IWgI8LJmcEvpknGMoaORXqRLq6GTwvPA5++SRlEx5fnW5rzkRGj2GmLnlLpi5
7ft87UZ6DrVcmCWtgCgR44XfgNM8IqUE5BAeiXS07V/dLOiSqLLYS1PNLu1/D5cz
FO6EUkeZ/GlNOjxxTKwjZR/asUhkj4rQQEw5a5uM8hQpe4GZtI0F7nzSMDrHAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQU3YQmNbgv5lAO6FR9fJLtGzwtKs8wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjIxNjgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwZwYIKwYBBQUHAQcBAf8EWDBWMFQEAgABME4DBACzPagD
BAC1KcADBAC11j4DBAC11loDBAC11uoDBAC11vUDBAC114oDBAC115EDBAC119AD
BAC/YBQDBAC/YBYDBAC/YH8DBAC/ZWcwDQYJKoZIhvcNAQELBQADggEBAKTsKbEv
8hwpHvlFlDx8uPgWVFKzJ0J2sgtFRy9ObA5whdGov9+T5yAzKt0jN+dQ9dp99YLU
ejG4kRa1SSJY1W2D3vJboD6SvcupoSjDqCbFi1hdWHeNYpPC1nyQ1LOBzymB2R4B
Sbw6zAsf1A4XMEaffF6f+YVSYad+apIGaEhxAShkyYEOo23U3ezz1sKop6kUVyfX
r0yawROAbHwlhgTeNrNW4TLPGqBta5BGWBdxMayiFDJDwtp2K8z8/jOMK2EBA3OQ
/sPhrakM33fmr1dDc9vMpynGAlGNdpPp6mefhJPZkeDOamTiIFuGupEjOITnT0ID
M6rfshZ4jNw1Y4A=
-----END CERTIFICATE-----
Generated at Fri May 10 08:14:31 2024 by rpki-client on console-ams.rpki-client.org