Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS270564.roa
File: AS270564.roa (raw, json)
Hash identifier: EtgfdVTUClsU0gOiLfSDf9yG2hlhMcbu3EhBp9jTQ14=
Subject key identifier: BC:14:47:00:28:0B:B4:C2:FF:01:76:94:2D:48:05:EF:95:14:6B:E4
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 646471F4223F9B060AC8AA85CDE9B1DE123E2517
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS270564.roa
Signing time: Wed 31 Jan 2024 08:05:09 +0000
ROA not before: Wed 31 Jan 2024 08:00:09 +0000
ROA not after: Wed 29 Jan 2025 08:05:09 +0000
asID: 270564
IP address blocks: 181.41.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:64:71:f4:22:3f:9b:06:0a:c8:aa:85:cd:e9:b1:de:12:3e:25:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 31 08:00:09 2024 GMT
Not After : Jan 29 08:05:09 2025 GMT
Subject: CN=BC144700280BB4C2FF0176942D4805EF95146BE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:87:a7:92:fa:c4:a0:dd:6b:f3:7f:b0:8d:6c:
45:8b:d5:ca:fd:ba:11:2e:4e:8c:66:8e:a3:bb:ef:
30:f5:f9:45:be:b3:31:4c:3c:e3:74:aa:9f:69:83:
82:36:05:e3:b1:c6:93:46:38:2b:dd:1e:e1:2f:47:
6d:47:9e:06:3e:32:ec:46:c8:f5:83:28:b2:89:a8:
85:fd:ff:24:cf:c6:fa:f0:aa:4e:ae:a2:94:b8:83:
44:6a:05:3f:9a:dd:a1:d3:b8:d4:35:d5:62:b2:1e:
4d:cf:de:3c:4e:0a:4f:23:70:04:3d:a2:22:5c:f5:
35:93:76:b7:1a:99:48:42:4c:1d:4c:09:b0:39:00:
e0:7d:37:33:98:d7:b2:81:ce:80:a4:7d:11:45:8b:
c8:d4:c5:a2:ae:a3:63:54:b7:21:3b:3b:d6:81:de:
e4:fe:94:7d:62:dc:ae:bf:2e:9e:06:82:8c:56:d8:
e1:e3:7d:66:e4:40:d6:73:a2:ba:ee:36:52:09:30:
fb:08:ab:2b:90:05:ac:58:02:25:60:c3:e7:44:6a:
44:b4:0a:f7:27:78:7e:88:08:5d:9d:69:b5:a6:a0:
68:d4:cb:7c:53:a5:31:17:ec:9a:74:f9:95:de:f5:
af:b3:36:eb:28:44:a6:d9:64:e3:a2:ad:db:a3:90:
c2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:14:47:00:28:0B:B4:C2:FF:01:76:94:2D:48:05:EF:95:14:6B:E4
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS270564.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.41.200.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:ef:74:e5:28:34:e2:06:19:ec:d9:e4:2d:36:b8:98:18:fb:
5d:a3:e3:77:37:1c:5a:53:bb:e4:3f:52:38:1e:28:9c:6c:dc:
d3:a9:7c:45:91:98:9f:2d:e3:18:5d:79:c5:d9:d1:40:76:b7:
ea:e8:39:96:2d:c6:ac:1d:2b:78:b8:20:2c:1d:e0:d8:62:4f:
89:3e:06:fd:9a:36:43:dd:45:a1:51:5a:9e:7f:4e:d8:91:98:
93:6f:9d:c0:77:c3:44:c7:4c:a5:43:33:c4:bf:02:60:03:5d:
86:e5:85:f9:06:95:27:c2:f8:5b:13:0b:73:b3:71:85:3c:f6:
3d:01:17:41:2a:7d:e6:4c:f8:70:bf:54:7d:21:ad:95:7a:f9:
7e:50:0e:bb:3b:5d:41:be:60:b9:e9:9c:fe:22:ca:17:b3:e0:
5d:62:33:ba:d2:99:37:99:01:d3:df:9b:49:ab:b6:f4:c6:be:
f1:8d:5c:17:13:2f:9f:7f:3e:f6:1b:41:58:8f:05:08:b9:e1:
bd:58:10:a0:3e:11:48:df:c7:03:a6:00:af:e5:9e:2a:5d:80:
aa:94:f0:3a:00:a7:91:cb:c5:48:a5:ca:04:04:ab:cc:c3:9b:
6b:f1:83:1a:c4:6e:c0:2a:e2:5c:a0:c6:16:61:13:e5:81:77:
97:12:6b:ce
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUZGRx9CI/mwYKyKqFzemx3hI+JRcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAxMzEwODAwMDlaFw0yNTAxMjkwODA1MDlaMDMxMTAvBgNV
BAMTKEJDMTQ0NzAwMjgwQkI0QzJGRjAxNzY5NDJENDgwNUVGOTUxNDZCRTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2h6eS+sSg3Wvzf7CNbEWL1cr9
uhEuToxmjqO77zD1+UW+szFMPON0qp9pg4I2BeOxxpNGOCvdHuEvR21HngY+MuxG
yPWDKLKJqIX9/yTPxvrwqk6uopS4g0RqBT+a3aHTuNQ11WKyHk3P3jxOCk8jcAQ9
oiJc9TWTdrcamUhCTB1MCbA5AOB9NzOY17KBzoCkfRFFi8jUxaKuo2NUtyE7O9aB
3uT+lH1i3K6/Lp4GgoxW2OHjfWbkQNZzorruNlIJMPsIqyuQBaxYAiVgw+dEakS0
CvcneH6ICF2dabWmoGjUy3xTpTEX7Jp0+ZXe9a+zNusoRKbZZOOirdujkMKnAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUvBRHACgLtML/AXaULUgF75UUa+QwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjcwNTY0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtSnI
MA0GCSqGSIb3DQEBCwUAA4IBAQA873TlKDTiBhns2eQtNriYGPtdo+N3NxxaU7vk
P1I4HiicbNzTqXxFkZifLeMYXXnF2dFAdrfq6DmWLcasHSt4uCAsHeDYYk+JPgb9
mjZD3UWhUVqef07YkZiTb53Ad8NEx0ylQzPEvwJgA12G5YX5BpUnwvhbEwtzs3GF
PPY9ARdBKn3mTPhwv1R9Ia2Vevl+UA67O11BvmC56Zz+IsoXs+BdYjO60pk3mQHT
35tJq7b0xr7xjVwXEy+ffz72G0FYjwUIueG9WBCgPhFI38cDpgCv5Z4qXYCqlPA6
AKeRy8VIpcoEBKvMw5tr8YMaxG7AKuJcoMYWYRPlgXeXEmvO
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:39:58 2024 by rpki-client on console-ams.rpki-client.org