Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS22781.roa
File: AS22781.roa (raw, json)
Hash identifier: 2A/m+rEI7G4KLnkS0oobRTZyhVHxff0UmooPjN/TfXA=
Subject key identifier: 0F:23:59:85:1F:F4:3A:47:ED:E7:D0:15:51:27:CB:AE:6F:0F:85:92
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 6F6D580C912610E5C0374FFD935DAB1B5D25B584
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS22781.roa
Signing time: Wed 27 Dec 2023 23:37:54 +0000
ROA not before: Wed 27 Dec 2023 23:32:54 +0000
ROA not after: Wed 25 Dec 2024 23:37:54 +0000
asID: 22781
IP address blocks: 179.61.148.0/24 maxlen: 24
191.96.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:6d:58:0c:91:26:10:e5:c0:37:4f:fd:93:5d:ab:1b:5d:25:b5:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Dec 27 23:32:54 2023 GMT
Not After : Dec 25 23:37:54 2024 GMT
Subject: CN=0F2359851FF43A47EDE7D0155127CBAE6F0F8592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5b:6d:92:b1:83:43:bd:d0:26:63:19:48:61:
e1:7f:ea:7f:22:bd:0c:6d:92:d6:94:5d:6c:06:bc:
f3:b6:a2:d3:2b:77:e1:8f:16:50:16:46:f4:b1:07:
28:8d:05:29:c0:83:1d:73:54:a4:1d:02:c3:a5:07:
9b:e7:a8:5c:0a:40:8b:05:09:78:7d:b3:ea:e7:8b:
f8:53:89:cd:b3:d6:d5:da:87:4a:27:d6:67:22:b5:
07:98:6e:3c:3d:29:45:2a:46:42:15:1e:b3:10:b0:
79:57:76:1d:88:0c:ec:d2:68:64:62:69:e3:94:26:
9e:2f:49:10:e9:6b:88:c7:f4:ad:20:24:17:af:8c:
42:1d:7f:c8:79:f1:90:04:45:20:48:6a:c8:e9:7d:
94:8a:6f:3b:a2:01:18:b4:e8:98:e3:86:47:b4:05:
78:80:f7:7c:ac:ee:07:f0:b0:81:2e:69:12:01:76:
38:53:8d:e6:ab:39:61:44:c4:2a:41:0e:48:e8:c9:
a1:81:a2:49:2d:70:1f:e0:5b:85:07:5d:e0:1f:eb:
61:a5:0f:5b:df:d4:8b:54:24:9f:0c:bd:db:d4:b0:
22:7a:f2:09:ab:3f:ec:e4:c5:e8:4f:d8:e4:af:94:
77:8c:24:29:ea:64:2c:e7:41:94:33:23:91:7e:bd:
70:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:23:59:85:1F:F4:3A:47:ED:E7:D0:15:51:27:CB:AE:6F:0F:85:92
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS22781.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.148.0/24
191.96.11.0/24
Signature Algorithm: sha256WithRSAEncryption
22:70:06:d1:bb:35:e2:54:69:ce:9c:77:c0:df:95:e4:46:04:
e8:d3:12:10:11:9a:6e:4d:97:c7:d9:fa:92:e2:2f:61:97:18:
e8:db:cb:7e:36:9a:59:65:d6:1a:2d:0d:5b:de:dc:b3:27:cc:
04:c8:2b:ad:a8:6b:35:6a:14:a7:1c:42:bf:ef:ec:06:9f:72:
86:7f:45:67:2d:f0:c1:06:7b:61:3c:ad:9b:d5:e5:c3:e4:b9:
a0:9b:56:cd:15:d9:f5:21:1c:b6:89:07:af:79:4e:e3:70:c0:
1f:e3:6c:59:f4:3d:0e:bd:34:1f:ac:a2:56:bf:e2:f0:b4:f6:
23:d4:d8:cf:0f:ba:e9:c0:22:38:1f:d5:31:08:9d:b4:ae:6f:
62:4f:66:63:59:82:f2:a8:70:2c:82:1b:b7:59:f7:d9:a3:63:
73:8a:d0:5d:6f:7c:06:36:34:68:ae:15:e3:2d:3f:2e:2d:e9:
4c:27:31:c6:66:36:c3:68:ca:03:9a:26:7c:73:63:83:3f:90:
77:46:ae:c2:ac:2c:cf:7b:b1:cb:4f:52:58:2d:cb:ae:a7:75:
1e:91:ce:68:a6:17:1a:4f:19:38:0e:2e:c1:c0:7a:a8:c9:67:
14:7c:f5:93:0a:95:c2:10:b4:5e:17:14:f2:1b:b4:17:af:b3:
f1:4e:2d:71
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUb21YDJEmEOXAN0/9k12rG10ltYQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzEyMjcyMzMyNTRaFw0yNDEyMjUyMzM3NTRaMDMxMTAvBgNV
BAMTKDBGMjM1OTg1MUZGNDNBNDdFREU3RDAxNTUxMjdDQkFFNkYwRjg1OTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2W22SsYNDvdAmYxlIYeF/6n8i
vQxtktaUXWwGvPO2otMrd+GPFlAWRvSxByiNBSnAgx1zVKQdAsOlB5vnqFwKQIsF
CXh9s+rni/hTic2z1tXah0on1mcitQeYbjw9KUUqRkIVHrMQsHlXdh2IDOzSaGRi
aeOUJp4vSRDpa4jH9K0gJBevjEIdf8h58ZAERSBIasjpfZSKbzuiARi06Jjjhke0
BXiA93ys7gfwsIEuaRIBdjhTjearOWFExCpBDkjoyaGBokktcB/gW4UHXeAf62Gl
D1vf1ItUJJ8MvdvUsCJ68gmrP+zkxehP2OSvlHeMJCnqZCznQZQzI5F+vXBdAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUDyNZhR/0Okft59AVUSfLrm8PhZIwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjI3ODEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBACzPZQD
BAC/YAswDQYJKoZIhvcNAQELBQADggEBACJwBtG7NeJUac6cd8DfleRGBOjTEhAR
mm5Nl8fZ+pLiL2GXGOjby342mlll1hotDVve3LMnzATIK62oazVqFKccQr/v7Aaf
coZ/RWct8MEGe2E8rZvV5cPkuaCbVs0V2fUhHLaJB695TuNwwB/jbFn0PQ69NB+s
ola/4vC09iPU2M8PuunAIjgf1TEInbSub2JPZmNZgvKocCyCG7dZ99mjY3OK0F1v
fAY2NGiuFeMtPy4t6UwnMcZmNsNoygOaJnxzY4M/kHdGrsKsLM97sctPUlgty66n
dR6RzmimFxpPGTgOLsHAeqjJZxR89ZMKlcIQtF4XFPIbtBevs/FOLXE=
-----END CERTIFICATE-----
Generated at Fri May 10 02:42:21 2024 by rpki-client on console-fra.rpki-client.org