Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS396356.roa
File: AS396356.roa (raw, json)
Hash identifier: YvYknH8Z294UyYJaGRC0Ob3r+61MB5O4bFlCbp+s7Ps=
Subject key identifier: 09:74:91:EE:20:3B:47:61:0F:85:1E:0F:B5:C6:93:26:3C:48:30:BA
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 60FE33268065E470E7F45ACC1CDD4DE83DFFC063
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS396356.roa
Signing time: Mon 21 Oct 2024 07:08:15 +0000
ROA not before: Mon 21 Oct 2024 07:03:15 +0000
ROA not after: Mon 20 Oct 2025 07:08:15 +0000
asID: 396356
IP address blocks: 2.58.30.0/24 maxlen: 24
2.58.31.0/24 maxlen: 24
2.58.174.0/24 maxlen: 24
5.252.76.0/24 maxlen: 24
5.253.200.0/24 maxlen: 24
5.253.201.0/24 maxlen: 24
5.253.203.0/24 maxlen: 24
45.89.252.0/24 maxlen: 24
45.137.156.0/24 maxlen: 24
181.41.218.0/24 maxlen: 24
181.214.56.0/24 maxlen: 24
181.214.59.0/24 maxlen: 24
181.214.70.0/24 maxlen: 24
181.214.102.0/24 maxlen: 24
181.214.196.0/24 maxlen: 24
181.214.226.0/24 maxlen: 24
181.215.92.0/24 maxlen: 24
181.215.120.0/24 maxlen: 24
181.215.125.0/24 maxlen: 24
181.215.146.0/24 maxlen: 24
181.215.153.0/24 maxlen: 24
181.215.156.0/24 maxlen: 24
181.215.169.0/24 maxlen: 24
181.215.172.0/24 maxlen: 24
181.215.195.0/24 maxlen: 24
191.96.44.0/24 maxlen: 24
191.96.45.0/24 maxlen: 24
191.96.47.0/24 maxlen: 24
191.96.107.0/24 maxlen: 24
191.96.122.0/24 maxlen: 24
191.96.174.0/24 maxlen: 24
191.101.154.0/24 maxlen: 24
191.101.160.0/24 maxlen: 24
191.101.216.0/24 maxlen: 24
2a0a:a700::/30 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:fe:33:26:80:65:e4:70:e7:f4:5a:cc:1c:dd:4d:e8:3d:ff:c0:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 21 07:03:15 2024 GMT
Not After : Oct 20 07:08:15 2025 GMT
Subject: CN=097491EE203B47610F851E0FB5C693263C4830BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:09:35:a6:e2:fa:f9:70:78:20:d8:02:cb:6a:
21:1a:ad:f9:f8:bc:2f:35:3e:7e:74:6a:b4:1e:bc:
d4:65:8d:09:34:b8:f3:a6:da:a7:0c:fd:0a:fe:a9:
4e:0b:d6:2d:ba:b7:e6:59:e8:9c:d5:4f:57:36:8b:
7d:cd:aa:dd:2b:9b:ea:d2:b5:ba:8a:d8:8e:e9:bb:
97:c5:56:1b:2f:89:78:08:83:10:00:b1:5f:d8:91:
38:c7:22:a5:39:e9:f9:1c:9e:0f:81:5e:8e:f9:96:
c8:d4:c2:ec:7d:e5:05:1e:95:16:52:85:67:98:bf:
05:fb:29:23:39:36:db:e1:6b:89:8b:8b:b8:b2:2a:
15:e8:95:99:7f:5e:de:1f:25:1c:1e:60:0e:86:38:
50:7b:b3:24:56:cc:42:d7:e3:70:2f:0b:cc:a5:fe:
23:6c:cd:14:44:d4:ae:ce:8f:70:27:6a:c0:c4:ad:
a6:13:b4:21:e4:86:9f:7f:1d:7a:6a:18:ea:21:89:
14:24:d4:32:d2:0e:95:91:f0:74:30:cd:84:90:5d:
e6:9c:f9:93:49:9e:41:9f:bc:4f:70:7d:43:d2:6a:
1e:ef:50:8b:b1:2d:db:49:2d:57:e9:35:2a:89:5a:
73:17:bd:2a:92:a1:be:2f:d1:9c:af:53:3f:03:38:
a7:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:74:91:EE:20:3B:47:61:0F:85:1E:0F:B5:C6:93:26:3C:48:30:BA
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS396356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.30.0/23
2.58.174.0/24
5.252.76.0/24
5.253.200.0/23
5.253.203.0/24
45.89.252.0/24
45.137.156.0/24
181.41.218.0/24
181.214.56.0/24
181.214.59.0/24
181.214.70.0/24
181.214.102.0/24
181.214.196.0/24
181.214.226.0/24
181.215.92.0/24
181.215.120.0/24
181.215.125.0/24
181.215.146.0/24
181.215.153.0/24
181.215.156.0/24
181.215.169.0/24
181.215.172.0/24
181.215.195.0/24
191.96.44.0/23
191.96.47.0/24
191.96.107.0/24
191.96.122.0/24
191.96.174.0/24
191.101.154.0/24
191.101.160.0/24
191.101.216.0/24
IPv6:
2a0a:a700::/30
Signature Algorithm: sha256WithRSAEncryption
31:83:af:30:48:ec:8c:7a:b8:3c:7a:9d:5a:6e:18:33:f9:41:
f9:40:1f:3a:d6:71:01:f1:69:92:d7:e8:37:ab:d1:06:40:9b:
48:3c:92:8f:f8:aa:c4:22:55:fd:50:1d:71:f9:6f:74:ba:bf:
95:7f:05:a8:7c:37:a0:1b:59:0c:26:f6:14:cf:ca:82:46:0a:
ae:2b:7e:96:2c:e3:79:3a:fc:4e:b6:49:38:5e:6d:d4:95:83:
5c:b1:54:59:a6:34:ca:45:f0:ff:34:39:12:5c:7a:a2:7c:32:
1a:21:36:ad:41:36:de:9b:a3:b6:fc:e8:8f:39:0e:53:b3:2a:
a3:46:a0:bd:26:30:33:5b:58:4a:7f:44:70:a9:12:4a:92:d9:
f0:93:cb:dd:b8:90:71:e2:2b:48:7d:eb:fb:67:3a:70:65:ba:
32:b2:ca:d8:40:14:cf:38:6c:3d:42:ae:02:b0:97:25:e4:5c:
d3:e9:bf:d7:56:f9:62:96:d3:76:fc:bd:05:7f:c9:7a:f4:93:
10:d2:a2:c4:f1:cb:dc:b4:0a:96:94:15:1c:61:07:50:6c:85:
57:a5:c8:15:21:f2:3e:b8:9a:e0:11:a3:fe:2e:ef:80:c6:89:
ff:88:e1:92:be:79:99:80:dd:38:61:3c:48:9e:92:fb:f0:51:
8c:c7:9e:2e
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgIUYP4zJoBl5HDn9FrMHN1N6D3/wGMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDEwMjEwNzAzMTVaFw0yNTEwMjAwNzA4MTVaMDMxMTAvBgNV
BAMTKDA5NzQ5MUVFMjAzQjQ3NjEwRjg1MUUwRkI1QzY5MzI2M0M0ODMwQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsCTWm4vr5cHgg2ALLaiEarfn4
vC81Pn50arQevNRljQk0uPOm2qcM/Qr+qU4L1i26t+ZZ6JzVT1c2i33Nqt0rm+rS
tbqK2I7pu5fFVhsviXgIgxAAsV/YkTjHIqU56fkcng+BXo75lsjUwux95QUelRZS
hWeYvwX7KSM5Ntvha4mLi7iyKhXolZl/Xt4fJRweYA6GOFB7syRWzELX43AvC8yl
/iNszRRE1K7Oj3AnasDEraYTtCHkhp9/HXpqGOohiRQk1DLSDpWR8HQwzYSQXeac
+ZNJnkGfvE9wfUPSah7vUIuxLdtJLVfpNSqJWnMXvSqSob4v0ZyvUz8DOKcZAgMB
AAGjggLSMIICzjAdBgNVHQ4EFgQUCXSR7iA7R2EPhR4PtcaTJjxIMLowHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk2MzU2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIHmBggrBgEFBQcBBwEB/wSB1jCB0zCBwQQCAAEwgboD
BAECOh4DBAACOq4DBAAF/EwDBAEF/cgDBAAF/csDBAAtWfwDBAAtiZwDBAC1KdoD
BAC11jgDBAC11jsDBAC11kYDBAC11mYDBAC11sQDBAC11uIDBAC111wDBAC113gD
BAC1130DBAC115IDBAC115kDBAC115wDBAC116kDBAC116wDBAC118MDBAG/YCwD
BAC/YC8DBAC/YGsDBAC/YHoDBAC/YK4DBAC/ZZoDBAC/ZaADBAC/ZdgwDQQCAAIw
BwMFAioKpwAwDQYJKoZIhvcNAQELBQADggEBADGDrzBI7Ix6uDx6nVpuGDP5QflA
HzrWcQHxaZLX6Der0QZAm0g8ko/4qsQiVf1QHXH5b3S6v5V/Bah8N6AbWQwm9hTP
yoJGCq4rfpYs43k6/E62SThebdSVg1yxVFmmNMpF8P80ORJceqJ8MhohNq1BNt6b
o7b86I85DlOzKqNGoL0mMDNbWEp/RHCpEkqS2fCTy924kHHiK0h96/tnOnBlujKy
ythAFM84bD1CrgKwlyXkXNPpv9dW+WKW03b8vQV/yXr0kxDSosTxy9y0CpaUFRxh
B1BshVelyBUh8j64muARo/4u74DGif+I4ZK+eZmA3ThhPEiekvvwUYzHni4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:44:48 2024 by rpki-client on console-fra.rpki-client.org