Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3257.roa
File: AS3257.roa (raw, json)
Hash identifier: VMANu/CyEbbGCmfEA6jyBL4HqCLppZ0YqvTEi8ka66A=
Subject key identifier: D8:D4:93:C3:3D:A6:E8:F4:29:7F:0D:CD:B4:E9:57:F0:A2:F7:28:D6
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 2CE9B9BCA2F23382E8D6A636F158E3343D6F62B4
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3257.roa
Signing time: Sun 15 Oct 2023 00:00:10 +0000
ROA not before: Sat 14 Oct 2023 23:55:10 +0000
ROA not after: Sun 13 Oct 2024 00:00:10 +0000
asID: 3257
IP address blocks: 5.252.77.0/24 maxlen: 24
5.253.202.0/24 maxlen: 24
45.93.45.0/24 maxlen: 24
45.93.47.0/24 maxlen: 24
45.95.13.0/24 maxlen: 24
45.95.23.0/24 maxlen: 24
45.137.30.0/24 maxlen: 24
149.62.42.0/24 maxlen: 24
149.62.43.0/24 maxlen: 24
179.61.163.0/24 maxlen: 24
179.61.180.0/24 maxlen: 24
181.214.6.0/24 maxlen: 24
181.214.8.0/24 maxlen: 24
181.214.37.0/24 maxlen: 24
181.214.186.0/24 maxlen: 24
181.214.206.0/24 maxlen: 24
191.96.48.0/24 maxlen: 24
191.101.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:e9:b9:bc:a2:f2:33:82:e8:d6:a6:36:f1:58:e3:34:3d:6f:62:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 14 23:55:10 2023 GMT
Not After : Oct 13 00:00:10 2024 GMT
Subject: CN=D8D493C33DA6E8F4297F0DCDB4E957F0A2F728D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:38:65:e2:7e:b6:32:70:d5:3c:6d:6c:cb:34:
bf:99:04:56:2e:93:b5:65:c3:67:11:08:0f:65:40:
a9:de:17:6d:03:4c:b6:fa:5b:ab:d8:f3:90:d9:df:
b8:30:d8:3a:2a:72:80:17:87:e1:56:47:1b:98:fa:
60:f2:14:ef:46:f4:ce:a5:9f:4c:52:55:c0:00:e2:
99:38:50:3f:85:41:db:96:98:ec:a5:c8:7a:15:c6:
58:16:52:4b:70:30:3f:7f:97:43:ac:94:6f:d7:05:
b6:a8:5a:22:4a:01:47:41:26:12:d2:dc:bb:94:79:
42:45:3f:ea:d4:b3:23:6e:c4:80:5f:86:78:d4:5d:
1c:0b:d7:12:8d:e0:0d:50:5e:6f:a5:5a:55:7d:01:
ab:4a:6c:1c:80:9f:d4:09:18:1f:4f:4b:79:a7:dc:
30:78:8c:df:ea:4b:8b:70:e9:98:b7:0f:45:ab:9a:
aa:27:94:aa:aa:a6:f0:fd:a1:5f:a4:77:8c:62:fa:
79:28:23:31:0b:1d:12:3a:c1:d6:b9:0f:3a:e9:7b:
03:86:e4:e1:7a:42:4a:14:1e:a1:7d:b0:02:e2:58:
03:9c:1c:78:8d:a7:ca:27:9f:10:c5:50:b2:54:41:
d6:ac:f5:fa:a4:6f:36:4b:c6:b1:aa:b4:34:fc:fa:
91:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:D4:93:C3:3D:A6:E8:F4:29:7F:0D:CD:B4:E9:57:F0:A2:F7:28:D6
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3257.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.77.0/24
5.253.202.0/24
45.93.45.0/24
45.93.47.0/24
45.95.13.0/24
45.95.23.0/24
45.137.30.0/24
149.62.42.0/23
179.61.163.0/24
179.61.180.0/24
181.214.6.0/24
181.214.8.0/24
181.214.37.0/24
181.214.186.0/24
181.214.206.0/24
191.96.48.0/24
191.101.209.0/24
Signature Algorithm: sha256WithRSAEncryption
25:1c:67:7a:85:17:63:52:3c:79:68:5e:e6:d5:b9:41:ee:88:
dc:e7:b8:4c:9f:6e:50:d4:1c:e2:a8:45:86:9e:96:ad:2e:de:
1e:bc:3c:48:0a:07:f8:ba:36:64:fa:54:fc:f8:18:7e:46:0f:
ec:af:76:fb:e1:80:80:16:b0:93:53:ba:7a:bc:c6:7b:38:27:
5d:67:62:dd:b3:ad:95:d5:b0:ed:56:3d:0a:bb:ff:e1:3f:fb:
04:c5:3d:12:d0:c2:2d:81:79:c2:77:d2:10:b6:23:e2:28:b4:
8a:7f:97:11:42:29:72:67:03:f3:3a:17:9c:22:30:59:6f:de:
d6:b3:94:14:92:27:ac:f5:83:9c:4e:40:30:df:2d:d9:cf:73:
d6:00:69:aa:4d:c5:b2:d7:7f:29:97:39:53:3b:31:eb:f0:40:
64:6c:1f:fe:18:9e:1f:b5:b8:57:29:cf:34:36:54:b3:20:2a:
2e:16:b1:12:63:1d:29:76:90:b1:41:2e:dd:b8:d0:8c:f1:24:
fa:db:fb:22:e5:59:43:7d:47:f3:75:a6:29:99:7d:f1:d2:d0:
30:bd:f9:65:6b:31:fe:a2:90:67:a8:bd:ed:72:28:65:b1:a0:
13:0d:6c:9e:1d:f7:fe:a4:e7:2d:0a:f9:84:d1:e7:bd:f4:8b:
0e:b6:79:a3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULOm5vKLyM4Lo1qY28VjjND1vYrQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzEwMTQyMzU1MTBaFw0yNDEwMTMwMDAwMTBaMDMxMTAvBgNV
BAMTKEQ4RDQ5M0MzM0RBNkU4RjQyOTdGMERDREI0RTk1N0YwQTJGNzI4RDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClOGXifrYycNU8bWzLNL+ZBFYu
k7Vlw2cRCA9lQKneF20DTLb6W6vY85DZ37gw2DoqcoAXh+FWRxuY+mDyFO9G9M6l
n0xSVcAA4pk4UD+FQduWmOylyHoVxlgWUktwMD9/l0OslG/XBbaoWiJKAUdBJhLS
3LuUeUJFP+rUsyNuxIBfhnjUXRwL1xKN4A1QXm+lWlV9AatKbByAn9QJGB9PS3mn
3DB4jN/qS4tw6Zi3D0WrmqonlKqqpvD9oV+kd4xi+nkoIzELHRI6wda5DzrpewOG
5OF6QkoUHqF9sALiWAOcHHiNp8onnxDFULJUQdas9fqkbzZLxrGqtDT8+pGbAgMB
AAGjggJoMIICZDAdBgNVHQ4EFgQU2NSTwz2m6PQpfw3NtOlX8KL3KNYwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzI1Ny5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB/BggrBgEFBQcBBwEB/wRwMG4wbAQCAAEwZgMEAAX8TQME
AAX9ygMEAC1dLQMEAC1dLwMEAC1fDQMEAC1fFwMEAC2JHgMEAZU+KgMEALM9owME
ALM9tAMEALXWBgMEALXWCAMEALXWJQMEALXWugMEALXWzgMEAL9gMAMEAL9l0TAN
BgkqhkiG9w0BAQsFAAOCAQEAJRxneoUXY1I8eWhe5tW5Qe6I3Oe4TJ9uUNQc4qhF
hp6WrS7eHrw8SAoH+Lo2ZPpU/PgYfkYP7K92++GAgBawk1O6erzGezgnXWdi3bOt
ldWw7VY9Crv/4T/7BMU9EtDCLYF5wnfSELYj4ii0in+XEUIpcmcD8zoXnCIwWW/e
1rOUFJInrPWDnE5AMN8t2c9z1gBpqk3Fstd/KZc5Uzsx6/BAZGwf/hieH7W4VynP
NDZUsyAqLhaxEmMdKXaQsUEu3bjQjPEk+tv7IuVZQ31H83WmKZl98dLQML35ZWsx
/qKQZ6i97XIoZbGgEw1snh33/qTnLQr5hNHnvfSLDrZ5ow==
-----END CERTIFICATE-----
Generated at Sat May 4 03:15:27 2024 by rpki-client on console-fra.rpki-client.org