Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS396356.roa
File: AS396356.roa (raw, json)
Hash identifier: PIDIqLsgPYNQTBK0cW25+VLliI7OIO+VRWNPCFY/i7k=
Subject key identifier: 6D:4E:FA:44:D9:D9:33:91:C7:6F:81:54:32:13:A9:89:20:B4:E0:D6
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 46D8933C49482176A4515C7EE12EB7090684B1D0
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS396356.roa
Signing time: Mon 01 Apr 2024 00:00:07 +0000
ROA not before: Sun 31 Mar 2024 23:55:07 +0000
ROA not after: Mon 31 Mar 2025 00:00:07 +0000
asID: 396356
IP address blocks: 179.61.245.0/24 maxlen: 24
181.214.70.0/24 maxlen: 24
181.214.196.0/24 maxlen: 24
181.214.226.0/24 maxlen: 24
181.215.169.0/24 maxlen: 24
181.215.172.0/24 maxlen: 24
181.215.195.0/24 maxlen: 24
191.101.160.0/24 maxlen: 24
2a0a:a700::/30 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:d8:93:3c:49:48:21:76:a4:51:5c:7e:e1:2e:b7:09:06:84:b1:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 31 23:55:07 2024 GMT
Not After : Mar 31 00:00:07 2025 GMT
Subject: CN=6D4EFA44D9D93391C76F81543213A98920B4E0D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a5:7d:05:b7:2b:12:7b:63:68:25:46:d2:d4:
0b:31:3f:ff:0d:be:d3:74:1b:5e:dd:1d:d3:6d:88:
6f:63:71:06:25:b7:bc:b8:8f:e6:79:67:86:cf:a7:
1d:99:80:4d:64:f1:c4:da:54:c9:f6:cd:32:14:88:
3b:ad:9a:2d:c9:b1:0d:71:02:3d:49:b5:4d:8a:44:
4c:de:e1:e9:c8:c4:e3:8b:68:05:86:fa:59:ad:37:
57:de:dd:08:39:37:e7:a3:53:96:88:29:db:5b:1e:
0e:ab:81:9c:09:8a:c4:c7:b0:1f:b3:cd:63:e2:80:
c1:07:c3:13:a6:60:e1:9e:66:60:b1:eb:4d:d9:8a:
22:85:e4:2d:85:65:a6:fa:51:3e:2a:6b:21:e6:81:
57:0f:a8:4f:56:ff:f5:9f:46:4b:f3:4a:4f:60:4b:
4b:58:8a:44:87:9e:4a:fd:57:ac:95:8d:34:64:e0:
80:0d:c5:62:33:3b:a3:cb:f8:d2:f8:c2:f4:ef:2d:
0c:1a:f3:3e:f8:98:82:2d:89:c3:3b:bd:33:fc:09:
fa:42:56:9f:f5:2e:80:e8:e1:b6:f6:30:20:d5:26:
e9:e6:75:f1:f3:25:b1:92:ad:88:ba:05:7e:bb:bb:
29:35:ef:be:60:b7:01:9e:d5:6d:a2:67:54:b7:d4:
0e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:4E:FA:44:D9:D9:33:91:C7:6F:81:54:32:13:A9:89:20:B4:E0:D6
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS396356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.245.0/24
181.214.70.0/24
181.214.196.0/24
181.214.226.0/24
181.215.169.0/24
181.215.172.0/24
181.215.195.0/24
191.101.160.0/24
IPv6:
2a0a:a700::/30
Signature Algorithm: sha256WithRSAEncryption
b4:4e:3b:e2:d0:26:f3:e9:5c:ee:55:fc:56:31:92:dd:32:44:
92:f4:ec:b5:ed:36:d3:c9:35:09:5b:f2:3b:a1:31:97:67:2c:
69:a5:27:37:40:34:ac:f2:99:59:c5:ba:24:76:27:4e:fd:16:
97:df:d5:12:ec:d9:07:61:1b:0b:59:be:f6:6d:4e:69:6e:dd:
92:62:87:7a:55:47:22:92:e1:e5:7a:34:e0:54:ce:85:54:f1:
08:67:85:eb:90:2a:6b:26:69:f9:1c:1d:2e:91:34:46:2d:68:
7c:07:be:c8:5d:99:6a:f0:9e:57:c5:c2:0c:43:d0:c1:49:6e:
08:e9:d1:30:1e:6f:ea:e5:9d:a2:6c:a5:bf:f3:fd:11:1a:8a:
c3:3a:e0:e3:75:64:82:d5:e2:04:7e:8d:cd:4e:f2:9f:37:24:
2b:18:c5:59:33:7d:92:fd:93:b1:fd:e5:d3:10:d8:c7:fc:e0:
94:9d:9f:98:6f:32:0b:2b:83:e0:04:e3:45:a5:23:26:f1:be:
35:8a:dc:4a:5e:dc:b3:39:5b:0f:c3:a8:70:14:b3:b5:18:60:
ef:4b:72:1f:e0:db:a3:20:8d:03:3f:99:c7:1b:00:c1:44:0b:
ab:1f:2d:72:db:f8:41:71:49:5d:64:af:89:f3:ab:15:45:42:
82:8a:5d:7e
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIURtiTPElIIXakUVx+4S63CQaEsdAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAzMzEyMzU1MDdaFw0yNTAzMzEwMDAwMDdaMDMxMTAvBgNV
BAMTKDZENEVGQTQ0RDlEOTMzOTFDNzZGODE1NDMyMTNBOTg5MjBCNEUwRDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwpX0FtysSe2NoJUbS1AsxP/8N
vtN0G17dHdNtiG9jcQYlt7y4j+Z5Z4bPpx2ZgE1k8cTaVMn2zTIUiDutmi3JsQ1x
Aj1JtU2KREze4enIxOOLaAWG+lmtN1fe3Qg5N+ejU5aIKdtbHg6rgZwJisTHsB+z
zWPigMEHwxOmYOGeZmCx603ZiiKF5C2FZab6UT4qayHmgVcPqE9W//WfRkvzSk9g
S0tYikSHnkr9V6yVjTRk4IANxWIzO6PL+NL4wvTvLQwa8z74mIIticM7vTP8CfpC
Vp/1LoDo4bb2MCDVJunmdfHzJbGSrYi6BX67uyk1775gtwGe1W2iZ1S31A65AgMB
AAGjggJDMIICPzAdBgNVHQ4EFgQUbU76RNnZM5HHb4FUMhOpiSC04NYwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk2MzU2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQAsz31
AwQAtdZGAwQAtdbEAwQAtdbiAwQAtdepAwQAtdesAwQAtdfDAwQAv2WgMA0EAgAC
MAcDBQIqCqcAMA0GCSqGSIb3DQEBCwUAA4IBAQC0Tjvi0Cbz6VzuVfxWMZLdMkSS
9Oy17TbTyTUJW/I7oTGXZyxppSc3QDSs8plZxbokdidO/RaX39US7NkHYRsLWb72
bU5pbt2SYod6VUcikuHlejTgVM6FVPEIZ4XrkCprJmn5HB0ukTRGLWh8B77IXZlq
8J5XxcIMQ9DBSW4I6dEwHm/q5Z2ibKW/8/0RGorDOuDjdWSC1eIEfo3NTvKfNyQr
GMVZM32S/ZOx/eXTENjH/OCUnZ+YbzILK4PgBONFpSMm8b41itxKXtyzOVsPw6hw
FLO1GGDvS3If4NujII0DP5nHGwDBRAurHy1y2/hBcUldZK+J86sVRUKCil1+
-----END CERTIFICATE-----
Generated at Fri May 10 02:01:23 2024 by rpki-client on console-ams.rpki-client.org