Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS25198.roa
File: AS25198.roa (raw, json)
Hash identifier: e9RbM2CH79vyMt6WlldIz/cImZt7RtoDZ2MbhnJAyEo=
Subject key identifier: 83:C0:A0:29:92:05:2E:B0:E4:F3:D2:C5:82:7B:15:10:6F:8A:B2:11
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 2F94DDF43B13B39858C1FA3BD07939ED2A224AA4
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS25198.roa
Signing time: Tue 25 Jul 2023 12:11:39 +0000
ROA not before: Tue 25 Jul 2023 12:06:39 +0000
ROA not after: Tue 23 Jul 2024 12:11:39 +0000
asID: 25198
IP address blocks: 213.109.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:94:dd:f4:3b:13:b3:98:58:c1:fa:3b:d0:79:39:ed:2a:22:4a:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jul 25 12:06:39 2023 GMT
Not After : Jul 23 12:11:39 2024 GMT
Subject: CN=83C0A02992052EB0E4F3D2C5827B15106F8AB211
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:85:15:12:28:1e:fd:5d:05:ec:c7:5c:d2:69:
e8:4b:03:c4:ab:5a:78:e3:24:89:32:e3:bf:b0:b7:
08:43:f9:ed:bc:2b:20:55:b9:b9:86:a6:42:d3:c2:
06:b7:d9:d7:e7:e8:1d:a2:0c:e3:3f:69:8c:01:22:
e3:fc:3f:9d:6f:ef:be:31:a6:14:8c:3e:c4:76:40:
56:88:28:91:e6:59:b1:9a:2c:43:f2:82:40:c4:36:
78:2b:a4:f5:e7:06:6c:88:8a:17:84:d5:a7:b8:6e:
eb:0d:86:cc:e0:9e:66:bc:75:95:43:a2:dc:60:ff:
c2:a4:37:cc:ad:a7:30:0d:18:1a:a5:a0:a8:3c:34:
34:f3:f7:97:e7:a7:04:79:7b:6b:75:16:24:02:4c:
e5:5f:a9:67:0f:06:c7:0c:96:00:de:45:6c:cf:82:
d5:f7:74:dc:89:8d:67:f6:b4:65:f5:a0:5e:35:7f:
c3:82:cf:fc:d5:4b:d0:56:23:b7:8f:d7:87:e0:04:
92:10:5b:5e:e3:f6:25:a8:ee:0b:87:39:79:a1:1f:
c4:dd:6d:8a:41:9a:4c:74:bd:4f:17:3f:44:64:0d:
fb:b7:03:5c:10:ad:2f:93:0c:00:cc:2a:0b:6b:51:
3b:8f:f0:72:ee:b4:91:4c:e5:5d:6c:d9:61:12:93:
96:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:C0:A0:29:92:05:2E:B0:E4:F3:D2:C5:82:7B:15:10:6F:8A:B2:11
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS25198.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.168.0/24
Signature Algorithm: sha256WithRSAEncryption
77:48:89:da:e7:e7:63:09:47:d1:54:9c:c0:c5:75:63:ae:4b:
50:d5:b9:f7:11:d2:9e:fc:e1:a9:02:0b:30:04:14:02:f4:d6:
2c:39:40:74:66:76:da:64:de:b3:7a:6b:61:97:74:4e:0b:6e:
0d:08:86:d9:ac:15:78:4b:56:99:21:40:27:74:4a:a3:e6:17:
0e:37:18:a4:e3:4e:6e:d4:52:ba:02:57:fa:02:d7:49:d4:14:
1d:13:e1:37:2c:0c:5d:27:6a:c7:47:68:75:df:55:0a:e7:17:
5c:f0:3d:d6:8f:9c:57:6b:64:73:ad:b1:d6:55:77:1d:d5:4c:
01:73:f4:db:fc:98:8d:fb:37:11:72:1b:a1:af:97:5d:e1:0c:
86:8b:24:fd:63:aa:71:95:cf:5c:b0:f1:f2:32:41:ca:ee:98:
31:64:2e:d0:d7:df:ad:b1:69:08:fc:20:b3:97:fd:09:9e:08:
a3:5f:de:de:58:57:bf:17:4f:0a:9e:ab:db:5e:99:ed:62:54:
9c:cf:6d:ff:f8:d8:e8:7d:8b:b2:75:dc:62:03:d8:19:e2:a0:
c8:69:61:d4:a3:1b:99:44:49:c9:79:75:54:ff:53:9d:fd:33:
b1:92:38:5f:c4:38:ff:18:fc:0e:fd:42:4d:d8:f4:24:a8:54:
d9:c0:18:87
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUL5Td9DsTs5hYwfo70Hk57SoiSqQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzA3MjUxMjA2MzlaFw0yNDA3MjMxMjExMzlaMDMxMTAvBgNV
BAMTKDgzQzBBMDI5OTIwNTJFQjBFNEYzRDJDNTgyN0IxNTEwNkY4QUIyMTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDChRUSKB79XQXsx1zSaehLA8Sr
WnjjJIky47+wtwhD+e28KyBVubmGpkLTwga32dfn6B2iDOM/aYwBIuP8P51v774x
phSMPsR2QFaIKJHmWbGaLEPygkDENngrpPXnBmyIiheE1ae4busNhszgnma8dZVD
otxg/8KkN8ytpzANGBqloKg8NDTz95fnpwR5e2t1FiQCTOVfqWcPBscMlgDeRWzP
gtX3dNyJjWf2tGX1oF41f8OCz/zVS9BWI7eP14fgBJIQW17j9iWo7guHOXmhH8Td
bYpBmkx0vU8XP0RkDfu3A1wQrS+TDADMKgtrUTuP8HLutJFM5V1s2WESk5b9AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUg8CgKZIFLrDk89LFgnsVEG+KshEwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjUxOTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADVbagw
DQYJKoZIhvcNAQELBQADggEBAHdIidrn52MJR9FUnMDFdWOuS1DVufcR0p784akC
CzAEFAL01iw5QHRmdtpk3rN6a2GXdE4Lbg0IhtmsFXhLVpkhQCd0SqPmFw43GKTj
Tm7UUroCV/oC10nUFB0T4TcsDF0nasdHaHXfVQrnF1zwPdaPnFdrZHOtsdZVdx3V
TAFz9Nv8mI37NxFyG6Gvl13hDIaLJP1jqnGVz1yw8fIyQcrumDFkLtDX362xaQj8
ILOX/QmeCKNf3t5YV78XTwqeq9teme1iVJzPbf/42Oh9i7J13GID2BnioMhpYdSj
G5lEScl5dVT/U539M7GSOF/EOP8Y/A79Qk3Y9CSoVNnAGIc=
-----END CERTIFICATE-----
Generated at Fri May 10 02:42:21 2024 by rpki-client on console-fra.rpki-client.org