Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS270014.roa
File: AS270014.roa (raw, json)
Hash identifier: eXl9ND9TkqHmdThxkcU6Hf0PNERkCZdp+JTo7//7r7U=
Subject key identifier: 8D:6A:6B:CC:F1:DE:00:2A:DE:F4:63:2A:C6:38:A6:5B:58:E7:0A:2B
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 527FFF27160C1A89EC6B2E18FC8F2346B326743C
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS270014.roa
Signing time: Tue 26 Dec 2023 14:01:56 +0000
ROA not before: Tue 26 Dec 2023 13:56:56 +0000
ROA not after: Tue 24 Dec 2024 14:01:56 +0000
asID: 270014
IP address blocks: 191.96.184.0/24 maxlen: 24
191.101.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:7f:ff:27:16:0c:1a:89:ec:6b:2e:18:fc:8f:23:46:b3:26:74:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Dec 26 13:56:56 2023 GMT
Not After : Dec 24 14:01:56 2024 GMT
Subject: CN=8D6A6BCCF1DE002ADEF4632AC638A65B58E70A2B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ed:30:f1:aa:3a:6a:91:7f:12:42:37:8a:c1:
91:fb:9c:9e:63:9f:bf:f8:59:b6:1b:95:2a:93:c6:
2d:79:f1:9c:aa:97:6c:68:d0:2a:7f:94:c6:ab:d0:
7c:6a:55:0d:7b:15:e0:60:04:ce:db:23:44:89:2f:
74:3e:b1:f6:94:27:c5:58:c2:1c:c7:89:0b:7a:92:
30:73:7e:9b:84:fe:92:3f:0d:3d:7e:05:13:ab:21:
59:ca:f1:41:3d:42:25:19:a2:62:05:50:3a:c1:f1:
0e:fc:5e:a3:cf:9d:29:da:05:62:99:9b:1c:47:4a:
a6:2d:47:3c:8d:7a:c9:89:54:d1:85:f6:37:38:22:
41:4a:ae:38:8f:92:fe:bc:27:12:58:26:36:0c:fc:
b3:63:0a:aa:e5:de:ea:1c:a9:48:bf:0e:17:41:3d:
f8:a8:bf:d1:dd:cb:85:75:1d:8b:d5:cc:ae:c8:48:
b5:53:35:e9:4f:a8:e7:a0:20:7b:d2:4a:6c:4c:4f:
0b:f2:ba:61:a5:13:ba:2e:62:d5:56:bd:52:30:ab:
19:38:26:2e:f4:2e:cd:ce:04:62:e6:4e:7e:0b:4b:
7b:f0:13:c7:a9:21:7e:dc:8f:75:c0:d2:e8:24:4c:
79:9e:57:fb:9d:1e:20:a0:fe:e3:b1:d7:ec:a2:d1:
9e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:6A:6B:CC:F1:DE:00:2A:DE:F4:63:2A:C6:38:A6:5B:58:E7:0A:2B
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS270014.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.184.0/24
191.101.193.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:4f:51:5c:2a:2d:ff:73:9d:17:b1:db:2f:dd:8f:32:ef:82:
9c:5b:a8:87:ec:b2:1a:04:93:dd:ac:93:91:d2:25:92:da:ea:
d3:c9:6b:57:62:7d:59:dc:c0:fd:4e:ca:f5:b7:c8:84:ea:45:
55:15:74:8f:e0:a0:7a:29:46:7a:e9:aa:44:58:b0:4c:38:91:
ea:35:4f:fc:18:a7:a4:4b:7a:e0:72:4b:08:fb:e5:b2:fa:7a:
1f:60:d8:2e:1d:77:00:3b:05:9c:4a:43:bc:61:97:19:db:42:
d2:9c:93:41:84:03:e5:df:51:dd:dc:ec:02:98:5a:e5:c8:12:
fe:f4:f4:9c:83:21:06:d7:98:30:99:af:93:f0:87:4c:55:52:
60:a6:45:53:24:13:1e:8d:2b:93:44:54:40:a6:4b:13:35:4b:
8b:51:5f:f2:c8:88:c4:55:7c:9f:ba:e1:00:1d:57:84:75:7e:
13:e2:85:74:ac:9f:25:f5:e8:7d:a2:92:6b:65:85:8d:2b:92:
9e:d0:94:cf:23:3e:80:b7:f2:67:e2:e0:3a:37:1f:fa:3e:e4:
9c:6a:7a:19:7a:41:d4:e5:ad:f3:0b:32:b2:ba:b0:99:34:bd:
de:eb:85:93:f7:e5:79:1f:8e:ac:1e:06:1d:63:0b:11:c8:f0:
3a:c1:18:8d
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUUn//JxYMGonsay4Y/I8jRrMmdDwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzEyMjYxMzU2NTZaFw0yNDEyMjQxNDAxNTZaMDMxMTAvBgNV
BAMTKDhENkE2QkNDRjFERTAwMkFERUY0NjMyQUM2MzhBNjVCNThFNzBBMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo7TDxqjpqkX8SQjeKwZH7nJ5j
n7/4WbYblSqTxi158Zyql2xo0Cp/lMar0HxqVQ17FeBgBM7bI0SJL3Q+sfaUJ8VY
whzHiQt6kjBzfpuE/pI/DT1+BROrIVnK8UE9QiUZomIFUDrB8Q78XqPPnSnaBWKZ
mxxHSqYtRzyNesmJVNGF9jc4IkFKrjiPkv68JxJYJjYM/LNjCqrl3uocqUi/DhdB
Pfiov9Hdy4V1HYvVzK7ISLVTNelPqOegIHvSSmxMTwvyumGlE7ouYtVWvVIwqxk4
Ji70Ls3OBGLmTn4LS3vwE8epIX7cj3XA0ugkTHmeV/udHiCg/uOx1+yi0Z7dAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUjWprzPHeACre9GMqxjimW1jnCiswHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjcwMDE0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAv2C4
AwQAv2XBMA0GCSqGSIb3DQEBCwUAA4IBAQA/T1FcKi3/c50Xsdsv3Y8y74KcW6iH
7LIaBJPdrJOR0iWS2urTyWtXYn1Z3MD9Tsr1t8iE6kVVFXSP4KB6KUZ66apEWLBM
OJHqNU/8GKekS3rgcksI++Wy+nofYNguHXcAOwWcSkO8YZcZ20LSnJNBhAPl31Hd
3OwCmFrlyBL+9PScgyEG15gwma+T8IdMVVJgpkVTJBMejSuTRFRApksTNUuLUV/y
yIjEVXyfuuEAHVeEdX4T4oV0rJ8l9eh9opJrZYWNK5Ke0JTPIz6At/Jn4uA6Nx/6
PuScanoZekHU5a3zCzKyurCZNL3e64WT9+V5H46sHgYdYwsRyPA6wRiN
-----END CERTIFICATE-----
Generated at Fri May 10 02:42:21 2024 by rpki-client on console-fra.rpki-client.org