Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS25369.roa
File: AS25369.roa (raw, json)
Hash identifier: ObkrQzbnJ3bufHBaCW1wLcZ62uxxvP1JKbsS92XdhsQ=
Subject key identifier: EC:8C:BB:91:B1:18:9D:BC:80:AA:39:78:A4:55:0E:BD:3D:B3:F9:9B
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 18F1664224F9A13A6AF6C84F6C968D3DBEE91154
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS25369.roa
Signing time: Tue 23 Apr 2024 00:00:17 +0000
ROA not before: Mon 22 Apr 2024 23:55:17 +0000
ROA not after: Tue 22 Apr 2025 00:00:17 +0000
asID: 25369
IP address blocks: 179.61.185.0/24 maxlen: 24
179.61.198.0/24 maxlen: 24
191.96.66.0/24 maxlen: 24
191.96.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:f1:66:42:24:f9:a1:3a:6a:f6:c8:4f:6c:96:8d:3d:be:e9:11:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 22 23:55:17 2024 GMT
Not After : Apr 22 00:00:17 2025 GMT
Subject: CN=EC8CBB91B1189DBC80AA3978A4550EBD3DB3F99B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c6:c6:ce:8f:ed:65:23:fc:b6:0e:31:01:93:
8c:91:d2:ef:57:12:a7:49:7e:d4:3c:bd:c7:4c:6f:
bf:49:3a:29:75:2c:2f:85:43:4f:a3:c5:62:dd:98:
45:93:e5:92:81:bb:fc:4a:c8:a8:da:e0:1a:f6:80:
d0:d2:12:9c:6f:2c:d0:d4:5b:af:8b:4b:73:75:9d:
73:12:b9:09:79:63:47:4e:33:d1:4f:0e:fa:2a:4f:
32:b1:24:8e:fd:c8:c5:12:3f:90:1b:d7:d3:17:fd:
c1:f6:c0:5c:5f:02:13:c1:9b:01:1a:eb:45:68:87:
f7:cc:52:8d:17:ab:21:f9:9d:27:c9:a3:1b:5b:20:
e4:3f:5b:f9:ea:50:d7:f0:dc:6e:01:a2:fe:4f:f6:
d8:f1:44:5f:e3:49:d5:ec:31:6c:8a:a8:76:7e:ab:
f8:3a:55:49:de:2c:da:df:6b:58:61:5c:10:57:1a:
70:8f:26:3c:b5:63:a0:c2:34:7e:87:40:1c:fb:f2:
f9:77:67:ff:22:46:0e:7f:60:fb:d4:33:e1:33:bf:
01:60:6b:d0:86:ff:21:98:1a:ed:e2:0a:be:15:a2:
70:c8:c2:80:e3:5d:4a:af:a0:a3:af:04:5c:8f:ec:
3a:da:b5:1f:06:8e:bd:68:58:00:ac:3f:9d:63:23:
99:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:8C:BB:91:B1:18:9D:BC:80:AA:39:78:A4:55:0E:BD:3D:B3:F9:9B
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS25369.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.185.0/24
179.61.198.0/24
191.96.66.0/24
191.96.202.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:71:52:18:02:d7:12:66:40:df:2b:fc:6e:47:f9:21:5c:f9:
e6:96:7e:6f:52:8f:00:46:df:71:df:11:fe:e7:e5:57:19:41:
72:ec:d2:1b:da:29:0e:0c:e1:39:cb:5b:00:4a:ad:50:80:8d:
c8:b5:e0:e8:ef:8a:a1:78:59:48:39:e2:ce:87:23:c9:51:ed:
86:f1:01:8c:46:51:50:01:e4:fd:95:d0:8d:88:fb:d4:a1:9c:
b5:7f:e4:f4:e1:58:09:62:34:64:1f:40:9f:61:08:df:55:d0:
76:41:2c:60:b8:aa:1e:7e:0a:53:85:cf:e4:f6:e9:75:88:8c:
d4:bd:77:69:13:b0:04:be:6a:63:a2:73:43:18:4b:a7:80:7d:
ff:68:a7:d3:08:d6:53:4f:05:ed:c6:68:17:83:db:48:22:39:
be:9d:79:a4:9f:c3:22:34:e7:3d:6a:a0:e5:7b:55:78:c1:27:
d3:ab:1f:ff:db:c9:ff:1d:5d:27:3a:03:5e:91:a4:13:36:1f:
28:fe:c2:7b:0c:f0:ee:4d:5f:54:f5:06:ab:be:03:c3:85:6e:
87:96:fd:5f:ee:39:e4:e4:94:74:f0:31:e5:dc:ea:8a:38:63:
83:79:f5:0c:90:fb:e5:1b:d7:3d:b8:92:e1:9b:3d:f1:b5:a5:
96:3f:48:84
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUGPFmQiT5oTpq9shPbJaNPb7pEVQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA0MjIyMzU1MTdaFw0yNTA0MjIwMDAwMTdaMDMxMTAvBgNV
BAMTKEVDOENCQjkxQjExODlEQkM4MEFBMzk3OEE0NTUwRUJEM0RCM0Y5OUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNxsbOj+1lI/y2DjEBk4yR0u9X
EqdJftQ8vcdMb79JOil1LC+FQ0+jxWLdmEWT5ZKBu/xKyKja4Br2gNDSEpxvLNDU
W6+LS3N1nXMSuQl5Y0dOM9FPDvoqTzKxJI79yMUSP5Ab19MX/cH2wFxfAhPBmwEa
60Voh/fMUo0XqyH5nSfJoxtbIOQ/W/nqUNfw3G4Bov5P9tjxRF/jSdXsMWyKqHZ+
q/g6VUneLNrfa1hhXBBXGnCPJjy1Y6DCNH6HQBz78vl3Z/8iRg5/YPvUM+EzvwFg
a9CG/yGYGu3iCr4VonDIwoDjXUqvoKOvBFyP7DratR8Gjr1oWACsP51jI5n3AgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQU7Iy7kbEYnbyAqjl4pFUOvT2z+ZswHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjUzNjkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACzPbkD
BACzPcYDBAC/YEIDBAC/YMowDQYJKoZIhvcNAQELBQADggEBADtxUhgC1xJmQN8r
/G5H+SFc+eaWfm9SjwBG33HfEf7n5VcZQXLs0hvaKQ4M4TnLWwBKrVCAjci14Ojv
iqF4WUg54s6HI8lR7YbxAYxGUVAB5P2V0I2I+9ShnLV/5PThWAliNGQfQJ9hCN9V
0HZBLGC4qh5+ClOFz+T26XWIjNS9d2kTsAS+amOic0MYS6eAff9op9MI1lNPBe3G
aBeD20giOb6deaSfwyI05z1qoOV7VXjBJ9OrH//byf8dXSc6A16RpBM2Hyj+wnsM
8O5NX1T1Bqu+A8OFboeW/V/uOeTklHTwMeXc6oo4Y4N59QyQ++Ub1z24kuGbPfG1
pZY/SIQ=
-----END CERTIFICATE-----
Generated at Fri May 3 16:58:05 2024 by rpki-client on console-ams.rpki-client.org