Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397373.roa
File: AS397373.roa (raw, json)
Hash identifier: PXMGa/VZULE8oWB+MiPDjiAqUJKY7JRK9mA209Ssmnc=
Subject key identifier: 93:F6:F4:6E:75:69:B8:10:E8:F9:10:72:F7:56:BF:35:F3:7B:C4:B4
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 69D8AAE0E023911EE8D01FFCDFEDE142D605914F
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397373.roa
Signing time: Thu 18 Apr 2024 15:44:54 +0000
ROA not before: Thu 18 Apr 2024 15:39:54 +0000
ROA not after: Thu 17 Apr 2025 15:44:54 +0000
asID: 397373
IP address blocks: 179.61.166.0/24 maxlen: 24
179.61.176.0/24 maxlen: 24
179.61.223.0/24 maxlen: 24
179.61.252.0/24 maxlen: 24
181.41.215.0/24 maxlen: 24
181.214.217.0/24 maxlen: 24
181.215.5.0/24 maxlen: 24
181.215.248.0/24 maxlen: 24
185.172.64.0/24 maxlen: 24
185.172.67.0/24 maxlen: 24
191.96.25.0/24 maxlen: 24
191.96.32.0/24 maxlen: 24
191.96.131.0/24 maxlen: 24
191.96.177.0/24 maxlen: 24
191.96.194.0/24 maxlen: 24
191.96.221.0/24 maxlen: 24
191.96.246.0/24 maxlen: 24
191.101.16.0/24 maxlen: 24
191.101.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:d8:aa:e0:e0:23:91:1e:e8:d0:1f:fc:df:ed:e1:42:d6:05:91:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 18 15:39:54 2024 GMT
Not After : Apr 17 15:44:54 2025 GMT
Subject: CN=93F6F46E7569B810E8F91072F756BF35F37BC4B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e2:68:13:fc:ae:16:84:b3:ef:1b:23:9c:6c:
37:9b:1a:3f:c9:0c:31:6f:38:19:12:12:cb:96:b5:
66:89:fa:21:a7:d6:91:ab:df:79:3b:2a:ed:66:14:
57:e3:9d:97:54:04:93:d8:e6:e4:f9:bf:18:89:bc:
1f:7b:3a:68:a4:05:a6:94:c5:bd:dd:d2:7d:9f:24:
9f:6e:07:8e:53:5c:f4:6d:b3:b6:09:e8:96:b6:70:
6d:9c:f1:37:dd:e8:ea:26:97:ec:c6:0f:a3:04:60:
39:4d:f7:10:35:c9:09:7a:b4:eb:4a:9e:68:92:5d:
5b:7b:46:86:85:9c:19:c0:fa:c5:b2:29:9f:96:c2:
37:cd:8b:38:9a:29:59:12:0b:2d:1c:d1:c6:01:3a:
df:6c:e5:bc:b7:db:ff:da:5e:cf:84:47:62:ae:73:
10:0e:09:7e:fa:45:1f:8b:d1:7a:72:55:02:0d:21:
03:ef:ce:ab:ec:b2:d0:b7:79:42:82:bd:23:4c:ea:
30:60:4b:b0:22:7a:4f:6a:9b:2e:40:e1:bb:42:d3:
2c:a1:5b:6f:cd:dc:61:20:8f:b1:e3:b1:42:f8:bf:
03:cf:90:0a:a3:ac:02:79:ce:9a:37:55:66:a5:75:
e4:24:04:da:b0:e3:ff:36:8e:43:dc:7a:16:28:47:
03:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:F6:F4:6E:75:69:B8:10:E8:F9:10:72:F7:56:BF:35:F3:7B:C4:B4
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397373.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.166.0/24
179.61.176.0/24
179.61.223.0/24
179.61.252.0/24
181.41.215.0/24
181.214.217.0/24
181.215.5.0/24
181.215.248.0/24
185.172.64.0/24
185.172.67.0/24
191.96.25.0/24
191.96.32.0/24
191.96.131.0/24
191.96.177.0/24
191.96.194.0/24
191.96.221.0/24
191.96.246.0/24
191.101.16.0/24
191.101.191.0/24
Signature Algorithm: sha256WithRSAEncryption
96:4b:75:1c:60:9b:7c:1a:ed:e5:fe:1f:c3:70:93:96:69:69:
7e:e6:37:36:f6:de:4c:c9:1c:2f:5f:d5:1f:3a:96:56:79:ab:
78:e4:5f:01:22:6f:93:36:8e:20:a8:99:22:78:ea:83:ca:dc:
e1:3e:9e:49:f9:52:04:c5:5f:7d:9f:bd:f1:04:76:4d:6d:93:
ac:d3:15:91:c7:0a:df:57:be:9d:e2:d6:a6:44:4c:3e:8a:69:
af:e7:e8:3d:9b:5d:dc:09:4e:6d:99:ac:f8:35:f9:6e:96:a0:
e0:30:ae:2f:7f:a0:79:d3:79:84:4f:90:2d:9f:34:f7:da:92:
19:4d:62:2a:51:c3:16:c1:32:e7:1e:2c:93:11:17:d4:b3:a6:
7b:68:f7:9e:26:8f:4a:a7:48:9e:f6:a6:10:02:b5:ea:9a:8a:
04:6f:16:b5:b6:25:16:2d:16:76:20:52:33:1e:18:b0:fb:31:
d9:97:7f:9b:02:24:59:65:e0:66:eb:53:b1:eb:6b:f0:8b:5a:
93:58:f2:76:0d:94:7a:5f:62:43:85:30:d7:37:ae:72:10:0b:
98:14:1b:8c:87:fc:14:60:49:5a:13:54:3a:a2:66:b0:25:1b:
1e:d4:4f:9e:7e:29:42:13:a5:4f:c5:e3:0e:19:ce:7e:00:74:
73:56:5b:08
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIUadiq4OAjkR7o0B/83+3hQtYFkU8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA0MTgxNTM5NTRaFw0yNTA0MTcxNTQ0NTRaMDMxMTAvBgNV
BAMTKDkzRjZGNDZFNzU2OUI4MTBFOEY5MTA3MkY3NTZCRjM1RjM3QkM0QjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR4mgT/K4WhLPvGyOcbDebGj/J
DDFvOBkSEsuWtWaJ+iGn1pGr33k7Ku1mFFfjnZdUBJPY5uT5vxiJvB97OmikBaaU
xb3d0n2fJJ9uB45TXPRts7YJ6Ja2cG2c8Tfd6Ooml+zGD6MEYDlN9xA1yQl6tOtK
nmiSXVt7RoaFnBnA+sWyKZ+WwjfNiziaKVkSCy0c0cYBOt9s5by32//aXs+ER2Ku
cxAOCX76RR+L0XpyVQINIQPvzqvsstC3eUKCvSNM6jBgS7Aiek9qmy5A4btC0yyh
W2/N3GEgj7HjsUL4vwPPkAqjrAJ5zpo3VWaldeQkBNqw4/82jkPcehYoRwObAgMB
AAGjggJ3MIICczAdBgNVHQ4EFgQUk/b0bnVpuBDo+RBy91a/NfN7xLQwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk3MzczLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEALM9
pgMEALM9sAMEALM93wMEALM9/AMEALUp1wMEALXW2QMEALXXBQMEALXX+AMEALms
QAMEALmsQwMEAL9gGQMEAL9gIAMEAL9ggwMEAL9gsQMEAL9gwgMEAL9g3QMEAL9g
9gMEAL9lEAMEAL9lvzANBgkqhkiG9w0BAQsFAAOCAQEAlkt1HGCbfBrt5f4fw3CT
lmlpfuY3NvbeTMkcL1/VHzqWVnmreORfASJvkzaOIKiZInjqg8rc4T6eSflSBMVf
fZ+98QR2TW2TrNMVkccK31e+neLWpkRMPoppr+foPZtd3AlObZms+DX5bpag4DCu
L3+gedN5hE+QLZ8099qSGU1iKlHDFsEy5x4skxEX1LOme2j3niaPSqdInvamEAK1
6pqKBG8WtbYlFi0WdiBSMx4YsPsx2Zd/mwIkWWXgZutTsetr8Itak1jydg2Uel9i
Q4Uw1zeuchALmBQbjIf8FGBJWhNUOqJmsCUbHtRPnn4pQhOlT8XjDhnOfgB0c1Zb
CA==
-----END CERTIFICATE-----
Generated at Fri Apr 19 21:32:06 2024 by rpki-client on console-ams.rpki-client.org