Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3356.roa
File: AS3356.roa (raw, json)
Hash identifier: ZkIkkmHvxJ5j/6mbzT6NiU5rHgFs04RPqw/iFu5ujJY=
Subject key identifier: 84:C6:F3:C3:3B:12:92:17:8B:7A:CC:D4:97:48:BA:58:85:22:FA:FE
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 270F047E037110E7B6819E88885288ED9F87C4E0
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3356.roa
Signing time: Wed 14 Aug 2024 14:34:27 +0000
ROA not before: Wed 14 Aug 2024 14:29:27 +0000
ROA not after: Wed 13 Aug 2025 14:34:27 +0000
asID: 3356
IP address blocks: 5.252.72.0/24 maxlen: 24
45.89.248.0/24 maxlen: 24
45.89.255.0/24 maxlen: 24
45.133.169.0/24 maxlen: 24
45.133.171.0/24 maxlen: 24
89.19.47.0/24 maxlen: 24
92.118.161.0/24 maxlen: 24
130.185.126.0/24 maxlen: 24
141.98.91.0/24 maxlen: 24
179.61.128.0/24 maxlen: 24
179.61.135.0/24 maxlen: 24
179.61.139.0/24 maxlen: 24
179.61.160.0/24 maxlen: 24
179.61.162.0/24 maxlen: 24
179.61.172.0/24 maxlen: 24
181.214.12.0/24 maxlen: 24
181.214.13.0/24 maxlen: 24
181.214.16.0/24 maxlen: 24
181.215.38.0/24 maxlen: 24
181.215.133.0/24 maxlen: 24
181.215.171.0/24 maxlen: 24
185.158.150.0/24 maxlen: 24
191.96.41.0/24 maxlen: 24
191.101.60.0/24 maxlen: 24
191.101.208.0/24 maxlen: 24
213.109.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:0f:04:7e:03:71:10:e7:b6:81:9e:88:88:52:88:ed:9f:87:c4:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Aug 14 14:29:27 2024 GMT
Not After : Aug 13 14:34:27 2025 GMT
Subject: CN=84C6F3C33B1292178B7ACCD49748BA588522FAFE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f5:fe:fa:26:1c:cf:06:7b:5d:e7:d2:a1:ee:
f3:ae:7f:9b:67:4b:e7:85:52:ba:aa:d2:91:67:b3:
cc:ba:d3:26:49:ad:c7:ee:5b:20:df:0e:2c:dd:72:
85:89:63:e0:4b:18:91:a6:c9:1f:76:1c:1e:00:b2:
5a:54:49:1e:61:39:41:8f:1f:65:7c:8e:4f:dc:30:
d9:94:42:0e:77:34:94:4c:6d:5c:ca:92:82:c0:4e:
13:b1:5d:7e:25:f8:22:47:cd:0d:cc:17:7a:00:b3:
5d:4f:06:32:90:be:d2:b8:38:97:f7:fd:93:97:41:
45:3a:5d:81:59:96:c1:5a:93:1b:37:a1:03:6a:36:
d7:ff:23:84:b0:0c:fb:2f:16:69:64:e9:6d:29:98:
88:d3:10:94:df:8f:38:00:c8:9d:6b:a2:82:59:d7:
d2:b8:4b:2e:3c:4f:2f:a7:9e:04:87:a8:dd:d2:f3:
78:c8:9a:fb:fa:8e:45:2a:07:95:a2:5b:16:00:04:
57:22:5a:09:7e:b3:68:7c:37:c7:8b:23:63:3e:8c:
f3:ad:f7:c6:aa:01:d4:06:6a:08:67:97:1a:e9:a0:
60:bb:e8:a7:16:92:fc:e2:a5:ae:4e:2d:78:36:a2:
c3:d9:be:b2:10:5c:8c:f1:80:b7:d3:77:18:51:cb:
0d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:C6:F3:C3:3B:12:92:17:8B:7A:CC:D4:97:48:BA:58:85:22:FA:FE
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.72.0/24
45.89.248.0/24
45.89.255.0/24
45.133.169.0/24
45.133.171.0/24
89.19.47.0/24
92.118.161.0/24
130.185.126.0/24
141.98.91.0/24
179.61.128.0/24
179.61.135.0/24
179.61.139.0/24
179.61.160.0/24
179.61.162.0/24
179.61.172.0/24
181.214.12.0/23
181.214.16.0/24
181.215.38.0/24
181.215.133.0/24
181.215.171.0/24
185.158.150.0/24
191.96.41.0/24
191.101.60.0/24
191.101.208.0/24
213.109.170.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:88:ac:f9:ca:25:a1:e2:4c:c8:2f:b0:ba:39:cc:b2:32:7b:
b2:11:78:cf:74:d6:09:ca:2b:76:aa:2d:c5:a6:e6:7f:cb:f4:
f4:fd:68:23:c4:77:b8:e8:2f:b9:39:ec:f6:c4:33:24:a0:07:
f4:85:3e:ba:e9:fe:4c:05:b6:a9:00:85:b4:dd:c9:71:4e:ed:
07:e4:a9:bb:b8:d5:48:87:5d:4c:f8:8b:6d:02:b7:73:64:39:
21:82:af:fc:db:1b:0f:43:3f:9c:09:a3:7b:6e:5a:ec:79:a9:
cf:78:50:0a:3c:88:66:23:7c:f0:47:e7:00:d4:cf:f0:6d:1a:
d1:bc:bc:93:14:f0:9a:7f:ff:b7:a4:32:ce:01:35:f0:da:84:
31:e6:c6:ad:3a:b6:97:93:37:33:04:ba:44:a2:c6:df:a3:e1:
c0:04:8f:d5:79:0a:a7:b2:d7:c7:4c:fd:40:fc:64:21:74:ff:
e6:d0:47:aa:10:95:f7:1e:8c:60:94:4c:3b:e3:0b:4d:56:60:
b8:64:8c:c0:c5:25:70:2f:89:1f:c9:3f:f3:90:ea:5a:12:af:
5c:0e:ed:87:48:88:6a:49:5a:ea:d0:f1:c5:c9:dc:80:03:b3:
f4:97:68:5c:0b:75:2c:8a:18:5a:c8:72:d4:d7:0f:21:a2:e7:
2e:ef:4a:35
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIUJw8EfgNxEOe2gZ6IiFKI7Z+HxOAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA4MTQxNDI5MjdaFw0yNTA4MTMxNDM0MjdaMDMxMTAvBgNV
BAMTKDg0QzZGM0MzM0IxMjkyMTc4QjdBQ0NENDk3NDhCQTU4ODUyMkZBRkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM9f76JhzPBntd59Kh7vOuf5tn
S+eFUrqq0pFns8y60yZJrcfuWyDfDizdcoWJY+BLGJGmyR92HB4AslpUSR5hOUGP
H2V8jk/cMNmUQg53NJRMbVzKkoLAThOxXX4l+CJHzQ3MF3oAs11PBjKQvtK4OJf3
/ZOXQUU6XYFZlsFakxs3oQNqNtf/I4SwDPsvFmlk6W0pmIjTEJTfjzgAyJ1rooJZ
19K4Sy48Ty+nngSHqN3S83jImvv6jkUqB5WiWxYABFciWgl+s2h8N8eLI2M+jPOt
98aqAdQGaghnlxrpoGC76KcWkvzipa5OLXg2osPZvrIQXIzxgLfTdxhRyw1vAgMB
AAGjggKdMIICmTAdBgNVHQ4EFgQUhMbzwzsSkheLeszUl0i6WIUi+v4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzM1Ni5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBswYIKwYBBQUHAQcBAf8EgaMwgaAwgZ0EAgABMIGWAwQA
BfxIAwQALVn4AwQALVn/AwQALYWpAwQALYWrAwQAWRMvAwQAXHahAwQAgrl+AwQA
jWJbAwQAsz2AAwQAsz2HAwQAsz2LAwQAsz2gAwQAsz2iAwQAsz2sAwQBtdYMAwQA
tdYQAwQAtdcmAwQAtdeFAwQAtderAwQAuZ6WAwQAv2ApAwQAv2U8AwQAv2XQAwQA
1W2qMA0GCSqGSIb3DQEBCwUAA4IBAQA+iKz5yiWh4kzIL7C6OcyyMnuyEXjPdNYJ
yit2qi3FpuZ/y/T0/WgjxHe46C+5Oez2xDMkoAf0hT666f5MBbapAIW03clxTu0H
5Km7uNVIh11M+IttArdzZDkhgq/82xsPQz+cCaN7blrseanPeFAKPIhmI3zwR+cA
1M/wbRrRvLyTFPCaf/+3pDLOATXw2oQx5satOraXkzczBLpEosbfo+HABI/VeQqn
stfHTP1A/GQhdP/m0EeqEJX3HoxglEw74wtNVmC4ZIzAxSVwL4kfyT/zkOpaEq9c
Du2HSIhqSVrq0PHFydyAA7P0l2hcC3UsihhayHLU1w8houcu70o1
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:40:21 2025 by rpki-client