Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS270353.roa
File: AS270353.roa (raw, json)
Hash identifier: XG6UO2L+3CjwivTT9fviuXc4qawjcmlvN1GvugN2z+4=
Subject key identifier: A2:67:1F:69:BF:0E:23:B7:B7:01:23:CC:E8:A1:92:BC:9F:EB:C0:FC
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 2A3499B37549B98F500095594DE5845251C35419
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS270353.roa
Signing time: Wed 01 Jan 2025 08:53:49 +0000
ROA not before: Wed 01 Jan 2025 08:48:49 +0000
ROA not after: Wed 31 Dec 2025 08:53:49 +0000
asID: 270353
IP address blocks: 191.96.78.0/23 maxlen: 23
191.96.78.0/24 maxlen: 24
191.96.79.0/24 maxlen: 24
191.96.224.0/23 maxlen: 24
191.101.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:12:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:34:99:b3:75:49:b9:8f:50:00:95:59:4d:e5:84:52:51:c3:54:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 1 08:48:49 2025 GMT
Not After : Dec 31 08:53:49 2025 GMT
Subject: CN=A2671F69BF0E23B7B70123CCE8A192BC9FEBC0FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:1a:5b:e2:a4:22:38:7d:6b:bf:38:68:77:85:
34:ed:88:af:d4:43:63:d5:6c:8a:49:1b:f2:72:dc:
6a:e7:be:92:e6:2c:23:ed:d0:3e:26:fc:9b:e4:67:
68:46:b2:30:2c:61:03:92:e5:ab:43:51:33:28:7b:
95:53:c3:da:dc:85:e4:07:b7:80:7a:be:76:44:82:
fb:03:6c:e9:26:3e:25:a8:d0:39:b0:dd:9d:5e:09:
f0:c7:73:d8:bb:5f:c8:f3:1a:2c:ae:ac:41:a5:ff:
80:ee:08:7c:df:2c:f8:55:b2:d2:50:fc:6a:e7:df:
a6:a3:9c:a3:1e:cb:fc:93:e8:d2:63:00:e9:5d:cf:
ff:84:50:41:9e:84:22:02:f4:d7:9c:12:58:da:d7:
ec:9e:93:b5:40:af:e4:6d:cb:ff:31:e4:53:cc:4d:
54:6c:c4:a0:6c:6e:81:5e:d8:f9:a5:26:88:f4:86:
16:7a:a1:42:28:96:d6:94:a7:8a:f4:82:fc:0f:2f:
2b:e1:7b:0a:1f:dd:29:01:2a:fe:8f:b1:46:ca:3a:
fa:0f:01:3d:5f:42:5d:33:d8:2c:ab:ad:8b:bb:55:
5d:6b:df:5a:cd:8d:e4:8c:af:aa:78:0d:b2:86:3f:
51:be:20:d9:1e:5e:01:5f:cf:53:4a:75:5a:52:12:
22:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:67:1F:69:BF:0E:23:B7:B7:01:23:CC:E8:A1:92:BC:9F:EB:C0:FC
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS270353.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.78.0/23
191.96.224.0/23
191.101.131.0/24
Signature Algorithm: sha256WithRSAEncryption
79:7e:6b:51:71:0b:c0:c7:bc:a9:15:d1:43:df:65:bf:43:a2:
d5:4e:4d:bd:66:e5:0c:fd:63:e3:37:b5:6c:f4:7a:42:47:52:
3b:e8:76:4c:16:36:2a:85:e8:5c:9a:34:ab:50:ba:fa:02:9b:
f6:cd:51:dc:b4:0f:f1:05:d1:76:17:2a:c4:a0:3e:1e:2c:83:
7c:aa:2a:f4:8d:60:32:92:92:00:e4:1c:28:96:5f:93:ba:a8:
3b:bf:3d:bc:a2:10:2b:59:d7:14:ef:d5:8f:0d:6f:e1:7d:4a:
be:8a:d0:73:01:7b:59:63:5f:9e:36:d4:4e:b3:bf:a2:d6:3b:
a8:38:e3:08:3a:b9:4a:56:ea:b3:09:f7:c4:96:83:73:71:a6:
ce:62:c2:56:81:39:92:8d:e0:fa:bb:e3:78:b6:21:d0:27:e6:
88:16:1b:c9:b9:35:3a:bd:54:24:18:41:9a:5f:71:4d:de:b9:
02:c0:2b:1b:eb:c7:88:eb:60:0b:8b:88:85:6e:f1:52:01:ce:
75:ac:ec:09:83:c8:76:04:63:10:3a:7e:39:0b:8a:fb:37:dc:
ea:cb:1c:d5:99:01:a7:5b:6e:ad:36:92:c9:f5:02:2a:a9:39:
38:6d:0a:3a:13:ca:2b:bb:b3:fc:ab:3e:f0:0f:b3:07:51:84:
2a:0a:f4:c0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUKjSZs3VJuY9QAJVZTeWEUlHDVBkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAxMDEwODQ4NDlaFw0yNTEyMzEwODUzNDlaMDMxMTAvBgNV
BAMTKEEyNjcxRjY5QkYwRTIzQjdCNzAxMjNDQ0U4QTE5MkJDOUZFQkMwRkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDuGlvipCI4fWu/OGh3hTTtiK/U
Q2PVbIpJG/Jy3GrnvpLmLCPt0D4m/JvkZ2hGsjAsYQOS5atDUTMoe5VTw9rcheQH
t4B6vnZEgvsDbOkmPiWo0Dmw3Z1eCfDHc9i7X8jzGiyurEGl/4DuCHzfLPhVstJQ
/Grn36ajnKMey/yT6NJjAOldz/+EUEGehCIC9NecElja1+yek7VAr+Rty/8x5FPM
TVRsxKBsboFe2PmlJoj0hhZ6oUIoltaUp4r0gvwPLyvhewof3SkBKv6PsUbKOvoP
AT1fQl0z2CyrrYu7VV1r31rNjeSMr6p4DbKGP1G+INkeXgFfz1NKdVpSEiI9AgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUomcfab8OI7e3ASPM6KGSvJ/rwPwwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjcwMzUzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBv2BO
AwQBv2DgAwQAv2WDMA0GCSqGSIb3DQEBCwUAA4IBAQB5fmtRcQvAx7ypFdFD32W/
Q6LVTk29ZuUM/WPjN7Vs9HpCR1I76HZMFjYqhehcmjSrULr6Apv2zVHctA/xBdF2
FyrEoD4eLIN8qir0jWAykpIA5Bwoll+Tuqg7vz28ohArWdcU79WPDW/hfUq+itBz
AXtZY1+eNtROs7+i1juoOOMIOrlKVuqzCffEloNzcabOYsJWgTmSjeD6u+N4tiHQ
J+aIFhvJuTU6vVQkGEGaX3FN3rkCwCsb68eI62ALi4iFbvFSAc51rOwJg8h2BGMQ
On45C4r7N9zqyxzVmQGnW26tNpLJ9QIqqTk4bQo6E8oru7P8qz7wD7MHUYQqCvTA
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:15 2025 by rpki-client