Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS272696.roa
File: AS272696.roa (raw, json)
Hash identifier: XOqdDA1WXqyiX6oatXC/v4CMhUJxB5IusvSawYQBKl8=
Subject key identifier: 7D:93:D4:E3:4D:20:2F:4A:68:13:5E:0A:5B:11:2A:74:DF:83:F5:90
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 72CEAD50923497D230AD1A2C89107AD674CA815C
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS272696.roa
Signing time: Thu 07 Sep 2023 14:34:49 +0000
ROA not before: Thu 07 Sep 2023 14:29:49 +0000
ROA not after: Thu 05 Sep 2024 14:34:49 +0000
asID: 272696
IP address blocks: 181.215.4.0/24 maxlen: 24
191.96.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:ce:ad:50:92:34:97:d2:30:ad:1a:2c:89:10:7a:d6:74:ca:81:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Sep 7 14:29:49 2023 GMT
Not After : Sep 5 14:34:49 2024 GMT
Subject: CN=7D93D4E34D202F4A68135E0A5B112A74DF83F590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:94:6b:ee:a7:48:08:b5:66:ac:ad:bf:dc:fb:
bd:58:dd:52:f8:ee:24:21:a5:50:22:f9:67:89:ac:
19:b0:90:ba:ff:5c:e8:4e:81:cc:03:99:c9:cf:83:
16:b4:4e:23:fc:7f:91:3f:6b:3c:f9:c8:a5:aa:50:
da:8f:5c:c2:98:d6:df:9b:12:62:8a:2a:7e:e1:45:
f1:75:43:64:06:33:88:5d:ee:91:af:e1:d1:6b:ca:
92:7c:00:57:59:8e:96:6c:a5:a3:14:68:c9:99:b7:
ba:5a:8f:be:0f:18:45:ea:16:ac:6e:f8:3a:63:59:
ff:39:1d:02:b1:88:ea:62:e9:a6:73:7b:56:fe:6d:
20:f2:a1:8f:fd:b1:d9:06:f5:94:c8:23:ad:7d:93:
8e:14:7f:f4:e1:d4:a4:9b:b0:c3:c3:0b:9e:53:28:
79:4c:ce:49:53:07:c8:a9:45:a5:21:0b:c0:c5:a4:
05:c3:b3:97:95:f5:fb:c3:ad:25:f5:e9:8c:57:94:
1d:6b:04:fa:17:e1:3d:6a:14:f7:6b:a5:d8:99:ad:
5e:cb:e7:c0:e1:ac:75:7a:2f:44:57:85:b1:b6:c9:
19:77:2a:34:06:87:0f:0b:6b:fc:dd:cd:7c:e2:65:
3c:71:a5:44:e1:9a:34:da:45:da:f1:c0:df:c1:11:
81:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:93:D4:E3:4D:20:2F:4A:68:13:5E:0A:5B:11:2A:74:DF:83:F5:90
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS272696.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.215.4.0/24
191.96.156.0/24
Signature Algorithm: sha256WithRSAEncryption
80:d7:b6:a3:9e:0b:9d:b2:f0:66:41:18:fa:91:52:8c:bb:b8:
40:f1:45:f6:7c:26:fa:0d:1f:92:7e:13:07:39:91:a6:24:d6:
05:2a:f0:ca:79:eb:e0:b3:10:47:ab:b4:c2:b5:f7:32:68:bf:
2b:61:12:bb:c7:52:5d:2e:43:fd:08:85:d9:31:a6:f1:5d:72:
ab:35:f9:71:83:5e:cd:7c:d4:b1:2f:80:19:42:58:da:06:f9:
f4:58:50:03:60:c2:99:ea:ad:0b:de:5f:ce:ef:cc:ad:9e:83:
fd:ef:9b:4a:50:6e:ab:2e:01:c0:0e:ee:f3:37:51:af:1f:e3:
59:e9:4f:2c:11:36:ed:05:49:b1:30:e6:29:74:59:84:d0:13:
57:78:25:03:c3:58:aa:a8:bf:4f:27:43:4e:48:cf:0f:a1:bd:
ac:7c:e5:bb:c6:db:c2:9d:38:f1:0b:73:03:da:40:53:4b:eb:
90:a3:a9:96:13:2c:be:61:02:05:d8:8d:65:6e:25:c3:38:f0:
fd:a3:7c:9d:40:5f:1f:3d:4f:5f:65:36:d9:4b:52:32:b1:71:
af:1c:b1:4c:1c:7a:be:78:49:b5:d0:0a:90:fb:b0:39:29:9c:
68:5f:53:23:8b:be:5a:92:ad:9b:2b:33:04:6e:70:77:ed:e1:
8b:b3:7a:7d
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUcs6tUJI0l9IwrRosiRB61nTKgVwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzA5MDcxNDI5NDlaFw0yNDA5MDUxNDM0NDlaMDMxMTAvBgNV
BAMTKDdEOTNENEUzNEQyMDJGNEE2ODEzNUUwQTVCMTEyQTc0REY4M0Y1OTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqlGvup0gItWasrb/c+71Y3VL4
7iQhpVAi+WeJrBmwkLr/XOhOgcwDmcnPgxa0TiP8f5E/azz5yKWqUNqPXMKY1t+b
EmKKKn7hRfF1Q2QGM4hd7pGv4dFrypJ8AFdZjpZspaMUaMmZt7paj74PGEXqFqxu
+DpjWf85HQKxiOpi6aZze1b+bSDyoY/9sdkG9ZTII619k44Uf/Th1KSbsMPDC55T
KHlMzklTB8ipRaUhC8DFpAXDs5eV9fvDrSX16YxXlB1rBPoX4T1qFPdrpdiZrV7L
58DhrHV6L0RXhbG2yRl3KjQGhw8La/zdzXziZTxxpUThmjTaRdrxwN/BEYH1AgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUfZPU400gL0poE14KWxEqdN+D9ZAwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjcyNjk2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAtdcE
AwQAv2CcMA0GCSqGSIb3DQEBCwUAA4IBAQCA17ajngudsvBmQRj6kVKMu7hA8UX2
fCb6DR+SfhMHOZGmJNYFKvDKeevgsxBHq7TCtfcyaL8rYRK7x1JdLkP9CIXZMabx
XXKrNflxg17NfNSxL4AZQljaBvn0WFADYMKZ6q0L3l/O78ytnoP975tKUG6rLgHA
Du7zN1GvH+NZ6U8sETbtBUmxMOYpdFmE0BNXeCUDw1iqqL9PJ0NOSM8Pob2sfOW7
xtvCnTjxC3MD2kBTS+uQo6mWEyy+YQIF2I1lbiXDOPD9o3ydQF8fPU9fZTbZS1Iy
sXGvHLFMHHq+eEm10AqQ+7A5KZxoX1Mji75akq2bKzMEbnB37eGLs3p9
-----END CERTIFICATE-----
Generated at Fri May 10 10:50:03 2024 by rpki-client on console-fra.rpki-client.org