Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS33696.roa
File: AS33696.roa (raw, json)
Hash identifier: pYxiurbl+Yb/OmNp4+BgyXQheGubaFIRSxKhEBVP9Ks=
Subject key identifier: 9A:CB:3D:66:FF:27:1C:84:09:FB:A1:98:97:D7:D3:13:DB:9C:E3:E1
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 0B343857F2303D5D1B6FF192E3511C59508A1E97
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS33696.roa
Signing time: Wed 01 Mar 2023 07:08:14 +0000
ROA not before: Wed 01 Mar 2023 07:03:14 +0000
ROA not after: Wed 28 Feb 2024 07:08:14 +0000
asID: 33696
IP address blocks: 85.209.179.0/24 maxlen: 24
179.61.150.0/24 maxlen: 24
179.61.154.0/24 maxlen: 24
181.214.39.0/24 maxlen: 24
181.214.41.0/24 maxlen: 24
185.170.42.0/24 maxlen: 24
185.172.57.0/24 maxlen: 24
191.96.197.0/24 maxlen: 24
191.96.204.0/24 maxlen: 24
191.101.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Jul 2023 14:08:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:34:38:57:f2:30:3d:5d:1b:6f:f1:92:e3:51:1c:59:50:8a:1e:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 1 07:03:14 2023 GMT
Not After : Feb 28 07:08:14 2024 GMT
Subject: CN=9ACB3D66FF271C8409FBA19897D7D313DB9CE3E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:fe:e5:20:0d:38:bc:e5:d3:3f:56:ba:42:0e:
a2:00:c0:1b:69:5b:d5:ac:70:b0:25:6f:c3:dc:13:
ff:23:f7:3f:8b:df:e4:a4:a7:b5:82:7b:bb:e4:70:
bc:98:b7:21:12:8d:92:d4:e1:3d:fa:77:35:b3:47:
00:e9:87:3f:aa:5c:aa:fe:6d:62:b4:1c:dc:9c:ca:
d3:cd:9c:d9:55:5b:cb:c3:97:ca:dc:8c:bd:ca:f1:
0e:2c:40:69:f7:a4:78:90:c6:a5:4d:33:ac:90:f5:
4d:de:a8:7d:df:ad:5c:53:a8:c3:1c:86:e2:8c:35:
82:82:e9:09:da:5a:f4:86:1e:08:75:1c:28:1e:87:
13:6d:57:bd:d7:1b:59:04:41:50:d3:2a:bc:78:91:
a2:86:26:64:94:cd:50:74:0d:2b:6a:0f:c6:7c:31:
e5:bb:eb:2e:bb:78:39:09:dd:e4:b1:6a:99:43:7e:
ba:f8:cc:15:59:96:44:4c:f8:f3:4e:7f:49:0d:bc:
85:8a:fa:77:98:61:17:d7:af:ed:c8:39:15:66:73:
77:57:5b:90:45:ce:da:72:47:d3:86:e6:cc:8c:78:
eb:9d:82:33:23:40:0f:54:6d:f5:b8:f3:4b:ef:a3:
bf:4a:d5:50:7d:1d:85:56:db:9b:e8:40:36:23:6c:
78:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:CB:3D:66:FF:27:1C:84:09:FB:A1:98:97:D7:D3:13:DB:9C:E3:E1
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS33696.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.179.0/24
179.61.150.0/24
179.61.154.0/24
181.214.39.0/24
181.214.41.0/24
185.170.42.0/24
185.172.57.0/24
191.96.197.0/24
191.96.204.0/24
191.101.207.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:04:1f:08:b4:22:9a:97:36:a4:d6:72:c1:8b:5b:e8:9c:51:
55:b9:ab:a3:12:cb:47:f0:92:48:c1:c1:22:34:5d:82:8b:83:
b5:8a:e6:dc:4b:e3:5f:82:79:2f:ea:71:56:45:97:45:1b:92:
d7:17:dc:dd:0b:a6:2e:82:0f:92:c4:58:41:57:35:fb:a4:a9:
f1:91:be:76:fc:fd:43:68:a0:a3:8f:f6:17:1f:a7:af:8d:f9:
f5:fd:eb:c4:20:47:d1:fc:23:8a:0d:46:93:cb:6a:a6:15:af:
c4:d5:04:2b:02:47:e5:7d:fa:6d:2a:6a:ba:70:e3:91:47:4d:
2d:e3:3d:75:e5:d2:a6:d2:28:b4:51:6e:13:92:43:57:25:ab:
66:f2:63:44:d6:af:f7:bc:ef:29:6d:23:85:cb:6c:b3:7b:74:
f8:bf:c5:60:90:01:8c:78:da:cd:07:07:48:6b:ec:6c:55:18:
b4:20:a7:50:d0:ba:71:a7:3f:ec:24:65:82:5a:de:df:74:f3:
ef:e7:27:7c:a9:1b:9c:93:01:4b:90:3e:29:d3:68:34:7a:d7:
22:3c:d5:c7:e1:6b:b2:28:cf:3d:1b:03:2f:43:2f:1d:08:91:
82:fd:18:28:44:72:88:54:c8:e4:84:8f:21:35:0b:38:70:71:
1a:c6:3c:b1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCzQ4V/IwPV0bb/GS41EcWVCKHpcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzAzMDEwNzAzMTRaFw0yNDAyMjgwNzA4MTRaMDMxMTAvBgNV
BAMTKDlBQ0IzRDY2RkYyNzFDODQwOUZCQTE5ODk3RDdEMzEzREI5Q0UzRTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH/uUgDTi85dM/VrpCDqIAwBtp
W9WscLAlb8PcE/8j9z+L3+Skp7WCe7vkcLyYtyESjZLU4T36dzWzRwDphz+qXKr+
bWK0HNycytPNnNlVW8vDl8rcjL3K8Q4sQGn3pHiQxqVNM6yQ9U3eqH3frVxTqMMc
huKMNYKC6QnaWvSGHgh1HCgehxNtV73XG1kEQVDTKrx4kaKGJmSUzVB0DStqD8Z8
MeW76y67eDkJ3eSxaplDfrr4zBVZlkRM+PNOf0kNvIWK+neYYRfXr+3IORVmc3dX
W5BFztpyR9OG5syMeOudgjMjQA9UbfW480vvo79K1VB9HYVW25voQDYjbHjjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUmss9Zv8nHIQJ+6GYl9fTE9uc4+EwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzM2OTYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVQYIKwYBBQUHAQcBAf8ERjBEMEIEAgABMDwDBABV0bMD
BACzPZYDBACzPZoDBAC11icDBAC11ikDBAC5qioDBAC5rDkDBAC/YMUDBAC/YMwD
BAC/Zc8wDQYJKoZIhvcNAQELBQADggEBADwEHwi0IpqXNqTWcsGLW+icUVW5q6MS
y0fwkkjBwSI0XYKLg7WK5txL41+CeS/qcVZFl0UbktcX3N0Lpi6CD5LEWEFXNfuk
qfGRvnb8/UNooKOP9hcfp6+N+fX968QgR9H8I4oNRpPLaqYVr8TVBCsCR+V9+m0q
arpw45FHTS3jPXXl0qbSKLRRbhOSQ1clq2byY0TWr/e87yltI4XLbLN7dPi/xWCQ
AYx42s0HB0hr7GxVGLQgp1DQunGnP+wkZYJa3t908+/nJ3ypG5yTAUuQPinTaDR6
1yI81cfha7Iozz0bAy9DLx0IkYL9GChEcohUyOSEjyE1CzhwcRrGPLE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:34 2023 by rpki-client on console-ams.rpki-client.org