Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS269070.roa
File: AS269070.roa (raw, json)
Hash identifier: qzoaVm5HXtMAdQZ9+14PVHjWnpkUN/TwcZGsXyTzyXQ=
Subject key identifier: 52:0A:17:2A:06:7F:F3:C5:F1:6C:E9:C7:37:69:CF:5D:4B:2B:54:64
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 2D558E75681FDD1FAE5698A3F918597C5902D52F
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS269070.roa
Signing time: Tue 24 Dec 2024 10:50:41 +0000
ROA not before: Tue 24 Dec 2024 10:45:41 +0000
ROA not after: Tue 23 Dec 2025 10:50:41 +0000
asID: 269070
IP address blocks: 45.137.28.0/24 maxlen: 24
179.61.154.0/24 maxlen: 24
181.214.95.0/24 maxlen: 24
181.215.0.0/24 maxlen: 24
181.215.28.0/24 maxlen: 24
181.215.34.0/24 maxlen: 24
181.215.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:12:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:55:8e:75:68:1f:dd:1f:ae:56:98:a3:f9:18:59:7c:59:02:d5:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Dec 24 10:45:41 2024 GMT
Not After : Dec 23 10:50:41 2025 GMT
Subject: CN=520A172A067FF3C5F16CE9C73769CF5D4B2B5464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ce:60:c9:a1:93:df:0d:d0:29:a9:03:4c:7f:
c8:ee:db:37:c6:2c:96:d8:8a:5f:b4:7d:a8:d3:06:
e3:27:8b:12:ca:b3:0f:da:47:78:c7:fe:f8:fa:a5:
ff:18:e5:89:42:df:72:c2:c8:dd:9f:ff:1d:50:49:
d9:d1:af:2c:97:0d:76:73:55:fd:4b:d5:84:8f:0a:
47:2e:23:b5:08:53:90:34:db:13:6e:fb:57:11:78:
00:03:7d:a5:69:a0:26:fc:3d:7d:89:84:10:b5:39:
26:a7:e4:6d:4a:cb:df:38:d6:0a:8e:ed:2b:dd:c9:
1c:70:fe:aa:20:a9:c9:82:b9:98:62:05:ab:8b:41:
11:a6:8e:4d:fd:4c:f7:b6:a0:44:a3:38:64:e9:4d:
fa:77:59:55:86:ce:9b:25:e1:f6:3a:77:e0:a4:05:
bb:86:17:41:c2:f7:55:f6:fc:5d:b7:8d:f7:4b:21:
ba:d7:13:72:ad:42:0e:2a:3a:bb:b2:67:83:fc:7d:
cd:53:bf:0d:73:1f:81:5e:4f:3f:da:2e:78:76:a3:
3a:97:51:07:74:44:5d:f3:e3:f3:8f:0a:5b:b9:16:
d0:d0:dd:b7:98:52:85:10:69:45:a5:e0:e8:3a:2b:
33:94:cf:08:c8:54:0f:55:bb:ea:2b:38:ea:b9:9d:
66:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:0A:17:2A:06:7F:F3:C5:F1:6C:E9:C7:37:69:CF:5D:4B:2B:54:64
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS269070.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.28.0/24
179.61.154.0/24
181.214.95.0/24
181.215.0.0/24
181.215.28.0/24
181.215.34.0/24
181.215.48.0/24
Signature Algorithm: sha256WithRSAEncryption
20:bf:97:17:01:a0:98:55:6d:52:1b:a7:8c:3e:26:55:74:30:
3f:d5:6c:53:43:18:30:fd:5c:38:83:5d:73:b1:49:28:92:96:
51:d2:1a:05:66:dd:36:5e:d0:32:ea:24:20:f8:fa:f9:94:ae:
d5:fe:6b:eb:2e:dd:f3:63:da:27:85:06:f0:68:2a:8c:30:fc:
b8:d1:64:d0:ac:b5:91:12:b1:2e:d6:88:b9:d5:b0:8d:95:1c:
57:f4:6f:1b:75:51:46:19:23:8c:4d:ff:01:f4:97:e5:22:95:
0e:23:ea:b7:ba:05:59:2f:18:95:a6:2a:3d:5c:b3:f6:0d:6f:
ec:e7:59:25:10:5a:01:5e:49:c7:40:e5:ca:9e:82:4b:f5:7d:
30:eb:f4:8a:61:42:5c:9f:d0:bc:a6:84:98:1a:79:6f:cb:0f:
19:0b:5f:84:21:b4:fa:7c:ca:27:e0:f4:ab:22:cf:a9:ea:25:
15:ee:78:31:79:a0:c8:1a:4f:e6:f1:cd:8b:a5:95:92:6f:a5:
9a:34:f5:21:f3:13:bd:7b:3c:20:5b:21:61:3f:21:50:9c:b5:
ca:fb:15:32:79:dc:c5:70:cd:f2:5e:ba:74:a6:1d:be:0c:ea:
43:57:fd:be:84:d9:08:09:3f:e3:79:ce:97:64:0c:99:e0:2a:
ed:c5:70:1c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIULVWOdWgf3R+uVpij+RhZfFkC1S8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDEyMjQxMDQ1NDFaFw0yNTEyMjMxMDUwNDFaMDMxMTAvBgNV
BAMTKDUyMEExNzJBMDY3RkYzQzVGMTZDRTlDNzM3NjlDRjVENEIyQjU0NjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnzmDJoZPfDdApqQNMf8ju2zfG
LJbYil+0fajTBuMnixLKsw/aR3jH/vj6pf8Y5YlC33LCyN2f/x1QSdnRryyXDXZz
Vf1L1YSPCkcuI7UIU5A02xNu+1cReAADfaVpoCb8PX2JhBC1OSan5G1Ky9841gqO
7SvdyRxw/qogqcmCuZhiBauLQRGmjk39TPe2oESjOGTpTfp3WVWGzpsl4fY6d+Ck
BbuGF0HC91X2/F23jfdLIbrXE3KtQg4qOruyZ4P8fc1Tvw1zH4FeTz/aLnh2ozqX
UQd0RF3z4/OPClu5FtDQ3beYUoUQaUWl4Og6KzOUzwjIVA9Vu+orOOq5nWb7AgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUUgoXKgZ/88XxbOnHN2nPXUsrVGQwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjY5MDcwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALYkc
AwQAsz2aAwQAtdZfAwQAtdcAAwQAtdccAwQAtdciAwQAtdcwMA0GCSqGSIb3DQEB
CwUAA4IBAQAgv5cXAaCYVW1SG6eMPiZVdDA/1WxTQxgw/Vw4g11zsUkokpZR0hoF
Zt02XtAy6iQg+Pr5lK7V/mvrLt3zY9onhQbwaCqMMPy40WTQrLWRErEu1oi51bCN
lRxX9G8bdVFGGSOMTf8B9JflIpUOI+q3ugVZLxiVpio9XLP2DW/s51klEFoBXknH
QOXKnoJL9X0w6/SKYUJcn9C8poSYGnlvyw8ZC1+EIbT6fMon4PSrIs+p6iUV7ngx
eaDIGk/m8c2LpZWSb6WaNPUh8xO9ezwgWyFhPyFQnLXK+xUyedzFcM3yXrp0ph2+
DOpDV/2+hNkICT/jec6XZAyZ4CrtxXAc
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:16 2025 by rpki-client