Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS269070.roa
File: AS269070.roa (raw, json)
Hash identifier: rd/2dQRROWVXNbydgBN6vOkVBThiJoJvrkM+oz2eIFM=
Subject key identifier: D1:02:74:38:CB:43:33:65:63:F2:4F:F3:9D:FC:1E:A7:42:84:8E:2D
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 545C181EA1ED7A4076FA31535F29C15E03D35934
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS269070.roa
Signing time: Wed 05 Jun 2024 14:14:14 +0000
ROA not before: Wed 05 Jun 2024 14:09:14 +0000
ROA not after: Wed 04 Jun 2025 14:14:14 +0000
asID: 269070
IP address blocks: 45.137.28.0/24 maxlen: 24
179.61.154.0/24 maxlen: 24
181.214.95.0/24 maxlen: 24
181.215.0.0/24 maxlen: 24
181.215.28.0/24 maxlen: 24
181.215.34.0/24 maxlen: 24
181.215.48.0/24 maxlen: 24
181.215.180.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:5c:18:1e:a1:ed:7a:40:76:fa:31:53:5f:29:c1:5e:03:d3:59:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 5 14:09:14 2024 GMT
Not After : Jun 4 14:14:14 2025 GMT
Subject: CN=D1027438CB43336563F24FF39DFC1EA742848E2D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c5:17:0b:7e:f6:a1:bc:20:3c:9e:5e:39:a7:
3d:fb:6a:c3:04:37:de:ae:66:b9:5e:bd:ed:dd:9c:
07:a5:1c:71:7d:cd:f2:7e:3b:bf:52:fa:60:1b:14:
cf:34:b0:be:ec:15:ce:e1:fe:a6:1a:d5:be:07:a4:
70:77:9b:91:75:54:92:a8:e7:54:1e:ed:59:74:59:
0b:12:e4:3b:2b:80:af:72:9f:a5:70:ce:9e:fd:61:
29:9e:45:8d:e3:18:ee:33:aa:7d:21:c4:18:65:20:
ae:3a:93:25:50:da:20:c6:65:5a:0a:04:24:a8:39:
b8:39:28:89:81:19:f7:eb:56:5b:1b:d0:44:c8:37:
69:a3:68:d3:72:95:1b:f3:0c:fd:f4:d2:e2:03:bc:
6a:d2:2c:10:b9:60:fa:93:56:ea:01:6b:9d:f8:5e:
f5:d0:35:77:fa:d8:60:b6:a3:ac:53:83:2d:18:52:
6a:58:f1:69:f6:c7:50:4b:df:3c:8f:5c:9d:18:47:
d6:65:63:c5:d8:b8:2a:f4:ce:d8:9e:d6:df:39:27:
e2:d9:ed:aa:79:fc:86:a3:cd:c5:15:bb:9c:5a:08:
35:bb:38:7f:01:01:b3:18:e6:22:b9:01:30:41:68:
97:9b:a6:13:08:36:14:59:7b:be:64:b2:3f:5c:75:
42:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:02:74:38:CB:43:33:65:63:F2:4F:F3:9D:FC:1E:A7:42:84:8E:2D
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS269070.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.28.0/24
179.61.154.0/24
181.214.95.0/24
181.215.0.0/24
181.215.28.0/24
181.215.34.0/24
181.215.48.0/24
181.215.180.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:5b:41:dd:5e:93:79:e4:72:fe:45:68:9d:ab:f8:0e:2d:2d:
63:2f:8e:2e:b1:0c:39:42:30:86:15:eb:9b:aa:ff:5c:22:f7:
c3:9b:b0:25:e0:f5:c4:cb:9d:53:17:e3:40:48:d2:69:98:43:
69:be:49:58:1c:f5:4c:20:4a:2b:59:59:92:48:7d:df:50:8d:
e1:19:9a:0e:7a:29:b9:da:5b:6f:23:d7:c3:e7:86:50:14:54:
bc:89:ec:d2:13:62:c3:34:b1:86:41:6e:24:22:3e:78:21:6e:
14:9e:1d:d8:0a:bb:ee:de:71:3a:8a:ed:4f:01:da:32:89:19:
b4:5d:45:9f:05:bc:9d:9e:7b:c3:1c:7a:e3:28:df:4b:27:96:
37:c5:12:4b:df:bb:27:fd:45:8d:70:1c:b9:73:b5:04:15:e9:
ca:4a:55:b8:24:4a:51:93:e5:33:c8:71:39:8f:a4:85:8a:6a:
59:dc:ca:0b:91:a0:1b:c8:3f:4c:1c:7c:fe:55:12:35:5c:e6:
a6:61:10:7f:77:cf:e0:9f:29:be:2d:2d:72:32:2e:3c:08:80:
c6:c6:cb:50:62:f9:e6:a0:8d:42:f9:aa:ce:0d:77:67:dd:0f:
20:49:ad:4a:b0:c6:4d:b9:b6:eb:b7:13:17:50:e7:4b:b2:54:
d7:d2:2b:a0
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUVFwYHqHtekB2+jFTXynBXgPTWTQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA2MDUxNDA5MTRaFw0yNTA2MDQxNDE0MTRaMDMxMTAvBgNV
BAMTKEQxMDI3NDM4Q0I0MzMzNjU2M0YyNEZGMzlERkMxRUE3NDI4NDhFMkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbxRcLfvahvCA8nl45pz37asME
N96uZrleve3dnAelHHF9zfJ+O79S+mAbFM80sL7sFc7h/qYa1b4HpHB3m5F1VJKo
51Qe7Vl0WQsS5DsrgK9yn6Vwzp79YSmeRY3jGO4zqn0hxBhlIK46kyVQ2iDGZVoK
BCSoObg5KImBGffrVlsb0ETIN2mjaNNylRvzDP300uIDvGrSLBC5YPqTVuoBa534
XvXQNXf62GC2o6xTgy0YUmpY8Wn2x1BL3zyPXJ0YR9ZlY8XYuCr0ztie1t85J+LZ
7ap5/IajzcUVu5xaCDW7OH8BAbMY5iK5ATBBaJebphMINhRZe75ksj9cdUIPAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU0QJ0OMtDM2Vj8k/znfwep0KEji0wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjY5MDcwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALYkc
AwQAsz2aAwQAtdZfAwQAtdcAAwQAtdccAwQAtdciAwQAtdcwAwQAtde0MA0GCSqG
SIb3DQEBCwUAA4IBAQCKW0HdXpN55HL+RWidq/gOLS1jL44usQw5QjCGFeubqv9c
IvfDm7Al4PXEy51TF+NASNJpmENpvklYHPVMIEorWVmSSH3fUI3hGZoOeim52ltv
I9fD54ZQFFS8iezSE2LDNLGGQW4kIj54IW4Unh3YCrvu3nE6iu1PAdoyiRm0XUWf
BbydnnvDHHrjKN9LJ5Y3xRJL37sn/UWNcBy5c7UEFenKSlW4JEpRk+UzyHE5j6SF
impZ3MoLkaAbyD9MHHz+VRI1XOamYRB/d8/gnym+LS1yMi48CIDGxstQYvnmoI1C
+arODXdn3Q8gSa1KsMZNubbrtxMXUOdLslTX0iug
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:11 2024 by rpki-client on console-fra.rpki-client.org