Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS24875.roa
File: AS24875.roa (raw, json)
Hash identifier: k5L9hAxOMecAkB7sfi/EbgIOYqUXJkfNgEli2VdRp84=
Subject key identifier: D2:20:CD:1C:FB:4C:25:13:32:60:1F:3F:17:84:AC:78:99:65:2C:50
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 21D6E864D70B061512A394277243B79F8D03BAA1
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS24875.roa
Signing time: Mon 04 Nov 2024 09:40:52 +0000
ROA not before: Mon 04 Nov 2024 09:35:52 +0000
ROA not after: Mon 03 Nov 2025 09:40:52 +0000
asID: 24875
IP address blocks: 181.215.178.0/24 maxlen: 24
191.96.100.0/24 maxlen: 24
191.96.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:d6:e8:64:d7:0b:06:15:12:a3:94:27:72:43:b7:9f:8d:03:ba:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Nov 4 09:35:52 2024 GMT
Not After : Nov 3 09:40:52 2025 GMT
Subject: CN=D220CD1CFB4C251332601F3F1784AC7899652C50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:46:33:42:4e:2e:f5:2a:d4:db:ec:2b:6f:58:
0e:58:4f:1e:c4:e9:ef:fc:86:37:3e:f9:38:06:32:
99:5a:e5:45:6f:c0:2a:5e:9d:f9:aa:af:a1:da:50:
d2:db:63:33:e5:76:19:1a:7a:f5:08:3d:22:51:85:
9b:ba:b7:05:20:10:c2:e4:52:70:b2:d3:c1:66:7e:
15:92:1d:8c:6d:01:6c:f3:97:80:f8:22:14:f5:17:
ad:83:5a:d8:d8:6e:14:59:30:61:3f:f6:b8:b7:e8:
1b:d5:fb:da:c0:3f:f0:cd:fd:b0:47:1f:8d:37:e2:
ca:ca:ae:34:cc:33:bb:8d:18:af:e2:8b:80:7b:3a:
35:7f:e7:e5:83:06:56:34:b7:64:dc:ea:79:fb:7c:
2d:dd:ca:04:ff:77:8e:6d:bd:c1:35:f4:d6:85:20:
27:b3:e8:58:41:ac:eb:f6:81:de:b6:22:d2:6e:2d:
46:f7:24:d4:bb:63:dc:7a:bc:92:82:36:8f:68:02:
1c:42:b0:4e:67:5b:2e:e2:f1:93:4f:18:e9:85:9a:
8a:6a:be:91:93:74:d9:02:e2:1a:4f:f0:ac:ae:1b:
da:f9:d9:d6:0c:96:47:e6:8b:55:1e:e4:f1:03:c2:
6d:11:f2:74:7d:86:c9:05:fb:f9:b1:16:98:e0:67:
50:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:20:CD:1C:FB:4C:25:13:32:60:1F:3F:17:84:AC:78:99:65:2C:50
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS24875.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.215.178.0/24
191.96.100.0/24
191.96.136.0/24
Signature Algorithm: sha256WithRSAEncryption
97:4a:7e:21:57:a7:9f:fd:16:a2:07:a3:d5:32:be:23:76:ff:
cb:92:08:3a:7a:1c:6a:50:06:eb:67:89:d8:d2:d9:8b:53:e8:
01:5b:aa:bf:31:a3:55:9a:01:6f:aa:a0:63:41:c1:9c:fa:2f:
f5:6c:b1:1f:2b:ba:e4:b0:2b:99:e1:cc:44:d2:ef:4c:84:50:
e1:3a:4f:db:c6:10:04:87:14:4f:48:e1:41:53:5b:a8:ca:0c:
95:d6:ea:4d:8d:b9:8c:17:0f:f9:42:ea:65:15:27:5a:c6:10:
0d:6d:ec:18:8a:05:05:f6:52:4c:ec:d9:d0:a3:a6:81:4a:9c:
17:77:9c:6a:af:70:df:97:35:24:b5:7c:f3:40:43:35:15:d7:
93:59:a6:fa:34:de:fb:f4:d3:98:48:7b:55:32:e9:e5:82:3b:
4b:e4:06:67:07:d0:cd:0b:f4:ab:57:b1:ca:3d:fa:c1:72:26:
04:3b:04:d8:a7:eb:5d:3d:0f:2c:e3:b2:c6:53:b4:b2:d6:62:
29:0c:c6:4c:31:dc:6f:63:a6:c1:59:8b:3f:48:57:fe:e7:28:
25:96:c1:d7:5f:bc:b2:f0:b0:c7:fc:24:7e:c8:0a:f2:2a:ef:
5c:66:60:f2:ba:4b:17:a4:67:66:2f:bc:00:e8:7a:e2:58:b8:
47:aa:fc:ab
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUIdboZNcLBhUSo5QnckO3n40DuqEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDExMDQwOTM1NTJaFw0yNTExMDMwOTQwNTJaMDMxMTAvBgNV
BAMTKEQyMjBDRDFDRkI0QzI1MTMzMjYwMUYzRjE3ODRBQzc4OTk2NTJDNTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTRjNCTi71KtTb7CtvWA5YTx7E
6e/8hjc++TgGMpla5UVvwCpenfmqr6HaUNLbYzPldhkaevUIPSJRhZu6twUgEMLk
UnCy08FmfhWSHYxtAWzzl4D4IhT1F62DWtjYbhRZMGE/9ri36BvV+9rAP/DN/bBH
H4034srKrjTMM7uNGK/ii4B7OjV/5+WDBlY0t2Tc6nn7fC3dygT/d45tvcE19NaF
ICez6FhBrOv2gd62ItJuLUb3JNS7Y9x6vJKCNo9oAhxCsE5nWy7i8ZNPGOmFmopq
vpGTdNkC4hpP8KyuG9r52dYMlkfmi1Ue5PEDwm0R8nR9hskF+/mxFpjgZ1BlAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQU0iDNHPtMJRMyYB8/F4SseJllLFAwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjQ4NzUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAC117ID
BAC/YGQDBAC/YIgwDQYJKoZIhvcNAQELBQADggEBAJdKfiFXp5/9FqIHo9UyviN2
/8uSCDp6HGpQButnidjS2YtT6AFbqr8xo1WaAW+qoGNBwZz6L/VssR8ruuSwK5nh
zETS70yEUOE6T9vGEASHFE9I4UFTW6jKDJXW6k2NuYwXD/lC6mUVJ1rGEA1t7BiK
BQX2Ukzs2dCjpoFKnBd3nGqvcN+XNSS1fPNAQzUV15NZpvo03vv005hIe1Uy6eWC
O0vkBmcH0M0L9KtXsco9+sFyJgQ7BNin6109DyzjssZTtLLWYikMxkwx3G9jpsFZ
iz9IV/7nKCWWwddfvLLwsMf8JH7ICvIq71xmYPK6SxekZ2YvvADoeuJYuEeq/Ks=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:39:58 2024 by rpki-client on console-ams.rpki-client.org