Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS270353.roa
File: AS270353.roa (raw, json)
Hash identifier: ZmSpKLfc5udqeyJPZtRd9mYgB6VZRofjGHeoEdx3ObY=
Subject key identifier: 22:EE:80:9F:67:9E:F3:F5:D6:98:89:73:8E:F1:17:0A:03:61:F1:8E
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 0BA24430CB87F394A0755F024BE19D6BB6E645AE
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS270353.roa
Signing time: Wed 31 Jan 2024 08:05:10 +0000
ROA not before: Wed 31 Jan 2024 08:00:10 +0000
ROA not after: Wed 29 Jan 2025 08:05:10 +0000
asID: 270353
IP address blocks: 191.96.78.0/23 maxlen: 23
191.96.78.0/24 maxlen: 24
191.96.79.0/24 maxlen: 24
191.96.224.0/23 maxlen: 24
191.101.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:46:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:a2:44:30:cb:87:f3:94:a0:75:5f:02:4b:e1:9d:6b:b6:e6:45:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 31 08:00:10 2024 GMT
Not After : Jan 29 08:05:10 2025 GMT
Subject: CN=22EE809F679EF3F5D69889738EF1170A0361F18E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:a4:bd:0b:8f:bb:8e:57:a1:9d:84:51:67:d2:
35:ba:a9:a2:e2:ae:cd:4f:7c:a3:fd:59:4c:64:3b:
2d:aa:78:49:01:4c:a1:6c:db:06:27:4b:38:01:dd:
9f:60:24:3a:c9:b8:50:6e:36:f0:64:ad:55:c8:65:
b8:2d:19:d7:2b:7f:8e:d5:e9:b1:2c:c0:fc:11:74:
83:4a:ba:72:c4:68:e2:06:74:45:a8:d2:40:c4:7e:
94:af:7f:90:e1:ba:cb:31:9c:40:aa:2d:ad:ae:c3:
2b:d6:35:4a:31:10:4e:bd:47:7e:45:aa:d8:4c:6a:
7e:fc:78:41:7b:88:2a:0c:ee:f7:e5:f0:a4:d8:31:
28:2e:0f:19:94:f7:68:31:27:9d:96:2c:73:0c:7b:
9d:12:e0:08:a6:37:6c:82:c6:5c:01:52:29:12:2e:
58:2e:56:73:05:75:8f:d3:91:77:20:a1:64:f1:38:
de:07:52:19:13:d0:96:46:2e:ea:82:bd:ad:2a:fd:
a6:6d:75:22:ff:11:a1:0e:87:32:ca:50:69:ae:96:
a3:4d:f9:54:cb:5e:0a:29:d1:d8:1d:cb:18:b2:0f:
d4:92:40:39:ef:e5:77:b5:25:36:1a:35:9d:e9:d6:
94:75:f4:72:57:63:4c:48:60:5e:21:4f:b0:e8:d9:
01:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:EE:80:9F:67:9E:F3:F5:D6:98:89:73:8E:F1:17:0A:03:61:F1:8E
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS270353.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.78.0/23
191.96.224.0/23
191.101.131.0/24
Signature Algorithm: sha256WithRSAEncryption
50:a7:d6:0e:08:32:e2:96:01:a0:f4:c7:4a:eb:c7:79:88:1e:
11:49:42:36:7e:59:87:43:4b:8e:d4:3b:3a:8d:64:64:d7:ce:
07:77:eb:40:37:1c:8d:7b:a8:cb:1d:60:7e:af:6b:dd:af:c7:
fd:39:d4:ae:ec:57:19:e4:9d:98:f0:46:10:5a:ac:96:fe:52:
ae:ab:65:9d:8d:ce:5b:a3:57:fa:f0:22:c7:b3:6d:bf:1a:86:
55:be:8e:82:d6:ad:a5:bc:83:a3:74:a3:57:ab:24:ee:42:11:
3d:ae:6c:d9:dc:f0:ce:4e:81:90:a6:44:7b:1c:ee:b2:a8:24:
13:36:ad:2e:ea:4d:52:7d:0e:21:0d:67:d5:9f:03:82:67:87:
18:f2:91:7a:af:5e:26:47:72:e0:2a:8a:37:53:d9:fb:00:25:
0b:91:3e:bd:18:39:13:b7:97:68:67:8e:50:a4:5a:89:26:a9:
3e:2e:64:96:2c:21:10:b2:63:f4:01:33:ec:a3:4b:69:be:28:
81:d7:b1:65:0c:63:bc:9d:3e:ef:a9:7d:f2:37:d6:2b:fd:97:
c9:16:18:df:ad:25:5a:53:94:c4:54:75:e6:e2:7c:46:0c:1c:
6a:b1:7c:d4:fb:ab:dc:3b:97:0f:35:ea:30:18:7a:79:93:88:
44:4c:30:9e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUC6JEMMuH85SgdV8CS+Gda7bmRa4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAxMzEwODAwMTBaFw0yNTAxMjkwODA1MTBaMDMxMTAvBgNV
BAMTKDIyRUU4MDlGNjc5RUYzRjVENjk4ODk3MzhFRjExNzBBMDM2MUYxOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWpL0Lj7uOV6GdhFFn0jW6qaLi
rs1PfKP9WUxkOy2qeEkBTKFs2wYnSzgB3Z9gJDrJuFBuNvBkrVXIZbgtGdcrf47V
6bEswPwRdINKunLEaOIGdEWo0kDEfpSvf5DhussxnECqLa2uwyvWNUoxEE69R35F
qthMan78eEF7iCoM7vfl8KTYMSguDxmU92gxJ52WLHMMe50S4AimN2yCxlwBUikS
LlguVnMFdY/TkXcgoWTxON4HUhkT0JZGLuqCva0q/aZtdSL/EaEOhzLKUGmulqNN
+VTLXgop0dgdyxiyD9SSQDnv5Xe1JTYaNZ3p1pR19HJXY0xIYF4hT7Do2QHpAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUIu6An2ee8/XWmIlzjvEXCgNh8Y4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjcwMzUzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBv2BO
AwQBv2DgAwQAv2WDMA0GCSqGSIb3DQEBCwUAA4IBAQBQp9YOCDLilgGg9MdK68d5
iB4RSUI2flmHQ0uO1Ds6jWRk184Hd+tANxyNe6jLHWB+r2vdr8f9OdSu7FcZ5J2Y
8EYQWqyW/lKuq2Wdjc5bo1f68CLHs22/GoZVvo6C1q2lvIOjdKNXqyTuQhE9rmzZ
3PDOToGQpkR7HO6yqCQTNq0u6k1SfQ4hDWfVnwOCZ4cY8pF6r14mR3LgKoo3U9n7
ACULkT69GDkTt5doZ45QpFqJJqk+LmSWLCEQsmP0ATPso0tpviiB17FlDGO8nT7v
qX3yN9Yr/ZfJFhjfrSVaU5TEVHXm4nxGDBxqsXzU+6vcO5cPNeowGHp5k4hETDCe
-----END CERTIFICATE-----
Generated at Thu May 2 00:23:44 2024 by rpki-client on console-fra.rpki-client.org