Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3356.roa
File: AS3356.roa (raw, json)
Hash identifier: 8TWSnTocsv0TGOAscgIQd+AiMc6kyA43haR14TidfEE=
Subject key identifier: D4:D2:DE:06:16:9E:79:F6:F1:6F:AD:05:E5:5C:6C:29:40:32:8B:E1
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 54D97E8FABC16DF466E20C296F27F145FCA5943E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3356.roa
Signing time: Thu 24 Aug 2023 17:08:53 +0000
ROA not before: Thu 24 Aug 2023 17:03:53 +0000
ROA not after: Thu 22 Aug 2024 17:08:53 +0000
asID: 3356
IP address blocks: 5.252.72.0/24 maxlen: 24
45.89.248.0/24 maxlen: 24
45.89.255.0/24 maxlen: 24
45.133.169.0/24 maxlen: 24
45.133.171.0/24 maxlen: 24
89.19.47.0/24 maxlen: 24
92.118.161.0/24 maxlen: 24
130.185.126.0/24 maxlen: 24
141.98.91.0/24 maxlen: 24
179.61.128.0/24 maxlen: 24
179.61.135.0/24 maxlen: 24
179.61.139.0/24 maxlen: 24
179.61.160.0/24 maxlen: 24
179.61.162.0/24 maxlen: 24
179.61.172.0/24 maxlen: 24
181.214.12.0/24 maxlen: 24
181.214.16.0/24 maxlen: 24
181.215.38.0/24 maxlen: 24
181.215.133.0/24 maxlen: 24
181.215.171.0/24 maxlen: 24
185.158.150.0/24 maxlen: 24
191.96.41.0/24 maxlen: 24
191.101.60.0/24 maxlen: 24
191.101.208.0/24 maxlen: 24
213.109.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:d9:7e:8f:ab:c1:6d:f4:66:e2:0c:29:6f:27:f1:45:fc:a5:94:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Aug 24 17:03:53 2023 GMT
Not After : Aug 22 17:08:53 2024 GMT
Subject: CN=D4D2DE06169E79F6F16FAD05E55C6C2940328BE1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:cd:b9:d0:b0:1b:4f:19:24:2f:db:09:b5:97:
1f:bb:6d:ad:44:92:eb:05:ae:de:71:0b:19:6e:e2:
94:20:3e:c3:a1:c8:21:91:bb:e3:82:7e:ef:5e:a7:
54:4e:e4:47:10:6b:94:07:c4:d5:26:1b:11:3f:c3:
5a:e6:f9:22:90:66:e9:70:0b:26:b7:fc:55:08:66:
f2:26:ae:4a:0c:57:0f:23:d0:8e:71:c8:1e:c2:3d:
a3:7f:41:bf:41:20:02:01:51:26:0a:5a:83:dc:7c:
9b:07:7b:8e:b6:5d:db:0e:c7:f1:7f:35:f9:51:75:
da:6d:b9:9b:5e:98:4a:4a:2d:b9:73:00:ae:3d:2b:
bd:11:0d:bc:ba:67:d5:9a:54:35:c2:aa:70:86:52:
38:61:b2:4d:8a:eb:b3:df:d6:c2:c4:6e:1d:08:4f:
bf:15:a8:e2:05:24:b5:c6:fb:2b:56:f9:af:30:56:
1b:bb:d2:2f:35:ac:01:8c:e4:72:6e:e8:9e:71:62:
82:7a:d9:86:c5:41:be:ea:14:ac:81:05:4c:7f:5b:
9d:7f:d2:41:13:9c:8c:25:ac:6a:2d:cd:ad:78:28:
77:59:9b:7d:af:b5:f2:79:86:f5:bb:e2:df:e4:92:
0c:51:ec:47:9f:31:71:b9:d6:1c:54:f7:04:cb:71:
24:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D2:DE:06:16:9E:79:F6:F1:6F:AD:05:E5:5C:6C:29:40:32:8B:E1
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.72.0/24
45.89.248.0/24
45.89.255.0/24
45.133.169.0/24
45.133.171.0/24
89.19.47.0/24
92.118.161.0/24
130.185.126.0/24
141.98.91.0/24
179.61.128.0/24
179.61.135.0/24
179.61.139.0/24
179.61.160.0/24
179.61.162.0/24
179.61.172.0/24
181.214.12.0/24
181.214.16.0/24
181.215.38.0/24
181.215.133.0/24
181.215.171.0/24
185.158.150.0/24
191.96.41.0/24
191.101.60.0/24
191.101.208.0/24
213.109.170.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:56:52:b8:99:c5:3d:7d:b2:86:95:0e:b0:f4:a1:c8:cd:b6:
06:4b:ef:e8:da:fb:e5:be:80:dc:e1:e3:e4:b6:7e:d0:b4:29:
4f:93:dc:ca:e5:fd:61:ab:01:a3:86:72:69:47:6a:6f:03:aa:
63:52:62:c3:0e:e9:3f:e3:f0:12:b4:2c:79:85:97:94:04:40:
9a:25:3e:9d:aa:b3:ae:64:d4:52:2f:4d:b7:49:4a:98:26:d9:
70:3b:5f:06:59:41:a8:5a:e0:0b:3d:7a:d5:a9:1e:cb:84:f0:
1f:53:a1:7c:fd:92:a7:a6:6e:80:36:77:87:2c:33:d9:d9:d6:
71:16:1b:90:7e:78:fe:e3:d4:2f:f6:1c:7f:4e:ea:2f:15:22:
6f:73:25:01:8f:0c:3e:53:a7:d1:a4:6a:ee:c7:c5:ed:b9:93:
93:18:62:6c:cb:c4:4f:62:cb:cc:47:5a:ae:d8:23:03:ca:bb:
2f:6b:43:e3:c7:2c:0a:c8:d2:25:2d:c0:e5:f5:e6:76:b9:45:
ff:26:7b:29:f8:e7:b3:0e:7b:40:cf:d3:b1:4d:fc:90:14:b0:
2a:4b:f9:19:bc:e2:61:fc:db:af:bd:dd:cf:4a:68:72:50:50:
88:64:44:b2:b2:ad:56:4d:51:c2:b2:9e:32:ce:c7:10:9d:44:
ca:c5:18:a6
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIUVNl+j6vBbfRm4gwpbyfxRfyllD4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzA4MjQxNzAzNTNaFw0yNDA4MjIxNzA4NTNaMDMxMTAvBgNV
BAMTKEQ0RDJERTA2MTY5RTc5RjZGMTZGQUQwNUU1NUM2QzI5NDAzMjhCRTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4zbnQsBtPGSQv2wm1lx+7ba1E
kusFrt5xCxlu4pQgPsOhyCGRu+OCfu9ep1RO5EcQa5QHxNUmGxE/w1rm+SKQZulw
Cya3/FUIZvImrkoMVw8j0I5xyB7CPaN/Qb9BIAIBUSYKWoPcfJsHe462XdsOx/F/
NflRddptuZtemEpKLblzAK49K70RDby6Z9WaVDXCqnCGUjhhsk2K67Pf1sLEbh0I
T78VqOIFJLXG+ytW+a8wVhu70i81rAGM5HJu6J5xYoJ62YbFQb7qFKyBBUx/W51/
0kETnIwlrGotza14KHdZm32vtfJ5hvW74t/kkgxR7EefMXG51hxU9wTLcSQBAgMB
AAGjggKdMIICmTAdBgNVHQ4EFgQU1NLeBhaeefbxb60F5VxsKUAyi+EwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzM1Ni5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBswYIKwYBBQUHAQcBAf8EgaMwgaAwgZ0EAgABMIGWAwQA
BfxIAwQALVn4AwQALVn/AwQALYWpAwQALYWrAwQAWRMvAwQAXHahAwQAgrl+AwQA
jWJbAwQAsz2AAwQAsz2HAwQAsz2LAwQAsz2gAwQAsz2iAwQAsz2sAwQAtdYMAwQA
tdYQAwQAtdcmAwQAtdeFAwQAtderAwQAuZ6WAwQAv2ApAwQAv2U8AwQAv2XQAwQA
1W2qMA0GCSqGSIb3DQEBCwUAA4IBAQCoVlK4mcU9fbKGlQ6w9KHIzbYGS+/o2vvl
voDc4ePktn7QtClPk9zK5f1hqwGjhnJpR2pvA6pjUmLDDuk/4/AStCx5hZeUBECa
JT6dqrOuZNRSL023SUqYJtlwO18GWUGoWuALPXrVqR7LhPAfU6F8/ZKnpm6ANneH
LDPZ2dZxFhuQfnj+49Qv9hx/TuovFSJvcyUBjww+U6fRpGrux8XtuZOTGGJsy8RP
YsvMR1qu2CMDyrsva0PjxywKyNIlLcDl9eZ2uUX/Jnsp+OezDntAz9OxTfyQFLAq
S/kZvOJh/Nuvvd3PSmhyUFCIZESysq1WTVHCsp4yzscQnUTKxRim
-----END CERTIFICATE-----
Generated at Thu May 2 11:40:04 2024 by rpki-client on console-ams.rpki-client.org