Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS265867.roa
File: AS265867.roa (raw, json)
Hash identifier: IKceJQgrmtzOLLgUeP2n64sDHE304m0i7hvp+YqtN4E=
Subject key identifier: 4D:AD:73:F1:09:E3:C6:6A:40:88:E7:0D:B2:F5:98:2F:81:81:60:25
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 75BAD9180EC305A1F86D2D6DA4CE54C48F7EDAEF
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS265867.roa
Signing time: Wed 23 Oct 2024 18:16:44 +0000
ROA not before: Wed 23 Oct 2024 18:11:44 +0000
ROA not after: Wed 22 Oct 2025 18:16:44 +0000
asID: 265867
IP address blocks: 179.61.230.0/23 maxlen: 24
179.61.234.0/23 maxlen: 24
181.214.137.0/24 maxlen: 24
181.214.158.0/23 maxlen: 24
181.214.192.0/23 maxlen: 23
181.214.192.0/23 maxlen: 24
191.96.200.0/24 maxlen: 24
191.96.216.0/23 maxlen: 24
191.96.218.0/23 maxlen: 24
191.101.40.0/24 maxlen: 24
191.101.96.0/24 maxlen: 24
191.101.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:ba:d9:18:0e:c3:05:a1:f8:6d:2d:6d:a4:ce:54:c4:8f:7e:da:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 23 18:11:44 2024 GMT
Not After : Oct 22 18:16:44 2025 GMT
Subject: CN=4DAD73F109E3C66A4088E70DB2F5982F81816025
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:07:59:a9:67:5d:5f:ca:96:8c:bf:b4:fa:41:
de:08:70:a1:35:d7:e2:d0:67:6f:fb:f6:68:c0:ea:
9a:68:a4:a4:dd:25:5c:29:67:d4:67:c1:e3:e6:62:
5c:f4:b1:66:2c:fb:f3:30:47:92:f4:e8:51:ba:2e:
8c:59:55:cf:d4:48:7e:e8:e0:e3:f3:90:6c:d9:9a:
ed:1d:47:b3:7d:23:ce:24:ff:66:2a:fd:cf:2b:73:
73:b8:45:8d:9a:b3:df:29:2f:cf:83:29:dd:14:0f:
d9:46:89:9a:2d:c6:0e:53:e1:0a:92:a7:6e:20:85:
73:eb:15:61:6c:d3:f4:37:b1:99:b8:3d:e2:7e:cc:
0a:0e:9f:53:91:5d:e6:a9:45:65:f0:e9:78:10:23:
77:da:2e:04:35:fe:03:e6:56:bf:d2:0f:ba:35:4f:
e4:aa:4d:18:40:b6:d3:b8:da:dd:e0:5f:53:02:14:
c6:16:e2:42:17:e7:5a:02:96:0c:f7:07:e5:9d:b7:
a5:c4:a7:b1:78:58:62:28:66:37:cc:fa:fe:1c:49:
63:e2:2c:03:0a:33:c4:92:df:54:a3:a5:03:28:51:
84:33:09:58:ee:85:28:6a:df:d6:b3:05:bf:d1:de:
a5:90:c2:3d:27:79:b8:a3:39:67:96:e4:64:0d:2c:
d2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:AD:73:F1:09:E3:C6:6A:40:88:E7:0D:B2:F5:98:2F:81:81:60:25
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS265867.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.230.0/23
179.61.234.0/23
181.214.137.0/24
181.214.158.0/23
181.214.192.0/23
191.96.200.0/24
191.96.216.0/22
191.101.40.0/24
191.101.96.0/24
191.101.153.0/24
Signature Algorithm: sha256WithRSAEncryption
96:b3:26:69:5e:51:dc:15:97:aa:93:17:a4:c0:2c:1e:f1:aa:
c6:86:f9:c8:b1:c7:42:91:ed:f6:fb:95:eb:b4:6a:e2:51:c1:
5c:2d:ad:71:92:da:ee:6e:29:35:5b:09:ad:80:44:f6:7e:71:
a4:3f:1d:42:74:91:93:e3:89:99:bb:ca:6f:e8:85:0b:a0:cc:
7b:d1:66:a5:8e:26:80:cb:8d:c7:e8:4d:00:56:b6:2b:ae:4e:
70:a3:6f:bb:36:ab:f3:2c:a7:f5:0c:60:a8:85:a3:a6:92:86:
c9:3d:47:2c:a0:5a:e7:4c:28:3b:2c:8b:a1:07:aa:10:69:41:
58:09:67:56:aa:91:06:81:82:17:75:d4:86:c4:af:e2:d7:f3:
e1:34:87:93:44:f3:c1:19:2d:d4:d3:54:b6:0f:8c:73:4e:1e:
9e:ba:45:59:54:69:76:85:4e:1d:d9:01:2a:51:e7:ff:66:ba:
59:b4:6a:63:94:29:6f:2c:8f:38:a9:23:c8:4c:0f:91:28:f5:
03:90:39:ef:dd:99:ae:3e:cd:43:5f:f6:4e:ea:c5:01:1f:53:
29:f8:d8:1e:b1:7b:0d:be:58:b7:3f:20:1d:51:9e:99:c5:c9:
a9:a5:10:46:2f:45:02:5d:04:68:fc:e9:de:b3:b2:f2:49:9d:
1c:48:ac:5b
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUdbrZGA7DBaH4bS1tpM5UxI9+2u8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDEwMjMxODExNDRaFw0yNTEwMjIxODE2NDRaMDMxMTAvBgNV
BAMTKDREQUQ3M0YxMDlFM0M2NkE0MDg4RTcwREIyRjU5ODJGODE4MTYwMjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrB1mpZ11fypaMv7T6Qd4IcKE1
1+LQZ2/79mjA6ppopKTdJVwpZ9RnwePmYlz0sWYs+/MwR5L06FG6LoxZVc/USH7o
4OPzkGzZmu0dR7N9I84k/2Yq/c8rc3O4RY2as98pL8+DKd0UD9lGiZotxg5T4QqS
p24ghXPrFWFs0/Q3sZm4PeJ+zAoOn1ORXeapRWXw6XgQI3faLgQ1/gPmVr/SD7o1
T+SqTRhAttO42t3gX1MCFMYW4kIX51oClgz3B+Wdt6XEp7F4WGIoZjfM+v4cSWPi
LAMKM8SS31SjpQMoUYQzCVjuhShq39azBb/R3qWQwj0nebijOWeW5GQNLNLDAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUTa1z8QnjxmpAiOcNsvWYL4GBYCUwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjY1ODY3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBsz3m
AwQBsz3qAwQAtdaJAwQBtdaeAwQBtdbAAwQAv2DIAwQCv2DYAwQAv2UoAwQAv2Vg
AwQAv2WZMA0GCSqGSIb3DQEBCwUAA4IBAQCWsyZpXlHcFZeqkxekwCwe8arGhvnI
scdCke32+5XrtGriUcFcLa1xktrubik1WwmtgET2fnGkPx1CdJGT44mZu8pv6IUL
oMx70WaljiaAy43H6E0AVrYrrk5wo2+7NqvzLKf1DGCohaOmkobJPUcsoFrnTCg7
LIuhB6oQaUFYCWdWqpEGgYIXddSGxK/i1/PhNIeTRPPBGS3U01S2D4xzTh6eukVZ
VGl2hU4d2QEqUef/ZrpZtGpjlClvLI84qSPITA+RKPUDkDnv3ZmuPs1DX/ZO6sUB
H1Mp+NgesXsNvli3PyAdUZ6ZxcmppRBGL0UCXQRo/Ones7LySZ0cSKxb
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:06:21 2025 by rpki-client