Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS32098.roa
File: AS32098.roa (raw, json)
Hash identifier: GYwZQATxSBCDPtSCA59d9CrIBc2S25niIttVC/kJz8I=
Subject key identifier: E3:55:0E:C0:36:92:22:FB:16:4A:6C:BD:3A:3E:85:16:18:63:61:C7
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 2CBA561345B7A27234C1A2B28C24DB7A5FD46C
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS32098.roa
Signing time: Sat 09 Nov 2024 05:51:56 +0000
ROA not before: Sat 09 Nov 2024 05:46:56 +0000
ROA not after: Sat 08 Nov 2025 05:51:56 +0000
asID: 32098
IP address blocks: 191.96.145.0/24 maxlen: 24
191.96.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:ba:56:13:45:b7:a2:72:34:c1:a2:b2:8c:24:db:7a:5f:d4:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Nov 9 05:46:56 2024 GMT
Not After : Nov 8 05:51:56 2025 GMT
Subject: CN=E3550EC0369222FB164A6CBD3A3E8516186361C7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f4:d5:2a:40:a4:f9:b3:47:cb:9b:20:39:95:
6d:9c:93:91:7d:08:12:a1:87:52:b2:40:59:6a:b0:
11:71:ac:15:b8:a4:d1:04:dc:34:2b:3d:90:7b:ab:
37:cd:74:8f:82:02:23:b8:30:77:d2:ca:00:f2:8b:
e0:ef:58:76:55:2c:32:ac:6a:82:cf:88:d0:17:96:
28:88:ed:f8:35:0a:63:9a:ce:49:fc:67:54:db:f6:
c1:51:8c:fc:ac:80:4d:2b:fd:27:46:4d:fa:6c:5e:
2b:fa:8e:ad:62:62:14:1e:82:45:dc:67:ca:41:d0:
0f:b2:f7:cd:43:ae:ff:df:50:66:e6:4f:c3:90:05:
ff:3f:4b:69:e4:f4:e2:38:a4:80:e6:85:83:f7:8f:
b3:2f:e0:84:3f:8b:a9:0b:fe:39:da:f0:f5:51:2f:
4d:52:0b:c8:0a:eb:8e:e5:8f:c9:bd:55:4f:b6:cb:
a3:68:42:af:55:10:0b:aa:86:7e:da:cc:e5:a4:e1:
4b:ef:6f:83:a0:47:2c:96:77:dc:26:b4:83:37:04:
9e:07:43:04:60:ff:ac:be:ad:f4:d5:a7:b5:7f:7a:
32:33:e5:fe:bb:8c:d5:26:37:74:65:e2:1a:4d:03:
2b:42:fd:87:46:80:f0:40:2a:ea:28:90:d0:c1:3d:
8e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:55:0E:C0:36:92:22:FB:16:4A:6C:BD:3A:3E:85:16:18:63:61:C7
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS32098.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.145.0/24
191.96.190.0/24
Signature Algorithm: sha256WithRSAEncryption
76:bd:14:45:91:af:0a:d9:be:4a:31:de:bc:c8:37:33:7c:70:
b9:64:ff:d3:08:3f:0e:0c:22:e4:42:8d:5d:d8:a7:51:24:83:
52:a3:97:a2:61:1e:d4:56:3d:b9:dd:52:52:e8:46:14:c1:61:
e4:a8:fe:01:0a:94:37:03:c4:c3:dc:fd:3d:f8:3e:04:da:51:
85:bf:84:6d:c3:4a:c5:d4:a7:98:24:52:76:4d:b6:9a:eb:b8:
2c:a1:27:6d:87:eb:b6:2c:fa:93:31:a5:9f:bf:f9:6f:62:a8:
73:52:98:90:0d:bb:79:10:fe:aa:1f:55:73:52:8f:86:30:00:
15:12:76:a5:19:ac:c9:05:21:fc:06:73:74:46:4e:c0:82:87:
1e:54:62:d6:d4:ce:30:19:b1:f6:96:e6:6f:2a:29:af:65:40:
08:ef:36:37:41:a5:19:92:3f:06:34:45:c5:7d:fc:9f:06:7c:
33:ec:7f:73:75:c7:ba:7c:e0:e1:03:cc:4d:03:1b:e9:fe:92:
4b:82:7a:9e:e4:67:aa:e7:f3:43:dd:ee:83:6a:8c:b1:db:e4:
2a:e5:85:9b:06:7c:8d:0d:4b:3c:5a:6f:f2:78:44:da:f8:62:
6c:49:5e:ed:9d:2d:00:47:f8:10:78:b6:ba:e9:6c:17:f7:e0:
46:7f:2b:1a
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgITLLpWE0W3onI0waKyjCTbel/UbDANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg2MWIxYmI0NDQ3NzE4ZjE2YjNkMzY2NzVkMjA1YzRkZWE0
MWJiYTBhMB4XDTI0MTEwOTA1NDY1NloXDTI1MTEwODA1NTE1NlowMzExMC8GA1UE
AxMoRTM1NTBFQzAzNjkyMjJGQjE2NEE2Q0JEM0EzRTg1MTYxODYzNjFDNzCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKz01SpApPmzR8ubIDmVbZyTkX0I
EqGHUrJAWWqwEXGsFbik0QTcNCs9kHurN810j4ICI7gwd9LKAPKL4O9YdlUsMqxq
gs+I0BeWKIjt+DUKY5rOSfxnVNv2wVGM/KyATSv9J0ZN+mxeK/qOrWJiFB6CRdxn
ykHQD7L3zUOu/99QZuZPw5AF/z9LaeT04jikgOaFg/ePsy/ghD+LqQv+Odrw9VEv
TVILyArrjuWPyb1VT7bLo2hCr1UQC6qGftrM5aThS+9vg6BHLJZ33Ca0gzcEngdD
BGD/rL6t9NWntX96MjPl/ruM1SY3dGXiGk0DK0L9h0aA8EAq6iiQ0ME9jkECAwEA
AaOCAg8wggILMB0GA1UdDgQWBBTjVQ7ANpIi+xZKbL06PoUWGGNhxzAfBgNVHSME
GDAWgBRhsbtER3GPFrPTZnXSBcTepBu6CjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS81Mzc0NTllNy0yYTgzLTQzZDEtOWFhMS01ODQxN2FiYWM0
YjYvMS82MUIxQkI0NDQ3NzE4RjE2QjNEMzY2NzVEMjA1QzRERUE0MUJCQTBBLmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvWWJHN1JFZHhqeGF6MDJaMTBnWEUzcVFi
dWdvLmNlcjB6BggrBgEFBQcBCwRuMGwwagYIKwYBBQUHMAuGXnJzeW5jOi8vcnN5
bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00
M2QxLTlhYTEtNTg0MTdhYmFjNGI2LzEvQVMzMjA5OC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAL9gkQME
AL9gvjANBgkqhkiG9w0BAQsFAAOCAQEAdr0URZGvCtm+SjHevMg3M3xwuWT/0wg/
Dgwi5EKNXdinUSSDUqOXomEe1FY9ud1SUuhGFMFh5Kj+AQqUNwPEw9z9Pfg+BNpR
hb+EbcNKxdSnmCRSdk22muu4LKEnbYfrtiz6kzGln7/5b2Koc1KYkA27eRD+qh9V
c1KPhjAAFRJ2pRmsyQUh/AZzdEZOwIKHHlRi1tTOMBmx9pbmbyopr2VACO82N0Gl
GZI/BjRFxX38nwZ8M+x/c3XHunzg4QPMTQMb6f6SS4J6nuRnqufzQ93ug2qMsdvk
KuWFmwZ8jQ1LPFpv8nhE2vhibEle7Z0tAEf4EHi2uulsF/fgRn8rGg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:44:47 2024 by rpki-client on console-fra.rpki-client.org