Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397373.roa
File: AS397373.roa (raw, json)
Hash identifier: wxlIJCXKy/B+8uj8u4cLExQJkyS9gW2o9+RzGEKMmRs=
Subject key identifier: B3:5A:12:59:20:92:77:B8:72:19:69:06:40:DB:CB:B8:5F:7F:4C:98
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 69C618AF16D7D16F6DEB3561EAE67FB9310D8D0E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397373.roa
Signing time: Wed 14 Aug 2024 14:17:38 +0000
ROA not before: Wed 14 Aug 2024 14:12:38 +0000
ROA not after: Wed 13 Aug 2025 14:17:38 +0000
asID: 397373
IP address blocks: 179.61.223.0/24 maxlen: 24
179.61.252.0/24 maxlen: 24
181.41.215.0/24 maxlen: 24
181.214.217.0/24 maxlen: 24
181.215.5.0/24 maxlen: 24
181.215.242.0/24 maxlen: 24
181.215.243.0/24 maxlen: 24
181.215.248.0/24 maxlen: 24
185.172.64.0/24 maxlen: 24
185.172.67.0/24 maxlen: 24
191.96.25.0/24 maxlen: 24
191.96.32.0/24 maxlen: 24
191.96.131.0/24 maxlen: 24
191.96.177.0/24 maxlen: 24
191.96.194.0/24 maxlen: 24
191.96.221.0/24 maxlen: 24
191.96.246.0/24 maxlen: 24
191.101.16.0/24 maxlen: 24
191.101.44.0/22 maxlen: 24
191.101.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:c6:18:af:16:d7:d1:6f:6d:eb:35:61:ea:e6:7f:b9:31:0d:8d:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Aug 14 14:12:38 2024 GMT
Not After : Aug 13 14:17:38 2025 GMT
Subject: CN=B35A1259209277B87219690640DBCBB85F7F4C98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:17:18:9f:37:54:e4:a0:bd:b1:4b:9a:2a:3e:
cf:ec:f6:f6:75:86:d7:6c:77:03:23:8c:f9:31:de:
37:76:f1:ec:b6:7d:96:56:20:c4:e5:5e:7e:d5:e4:
92:6d:86:e9:45:6b:21:6a:3d:06:8e:ab:7a:28:7e:
b2:cd:e3:c7:1d:bd:1c:81:74:d0:39:ee:dd:a7:98:
16:4d:6e:86:fb:ed:1d:cb:c3:19:10:1f:a7:42:d3:
d0:3d:29:77:90:51:5c:b0:b3:bd:f9:06:46:70:76:
f3:d4:33:1d:9c:97:94:d7:1a:86:aa:85:02:0e:f1:
19:2d:cd:21:f4:d1:80:3e:61:5c:41:d6:12:70:3b:
70:5b:0b:9d:71:37:e5:bc:9e:42:4f:3d:12:47:e9:
f1:e6:f6:03:3f:47:af:b0:c4:e2:0c:0e:fd:88:eb:
6b:37:84:21:99:f6:b7:57:af:6c:03:46:fd:2b:f5:
a5:7a:63:d7:db:d5:4d:3b:6e:e5:99:b7:4b:d1:ae:
45:37:e2:7b:24:b5:c9:49:54:9a:14:6f:16:5f:fd:
2f:03:74:f8:a4:0f:1e:20:34:3f:fc:64:48:57:d4:
d0:4f:38:3f:84:ba:68:f1:98:b4:e8:47:2f:fb:64:
14:c2:20:5c:71:72:72:78:81:21:b7:dc:c8:4e:91:
c0:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:5A:12:59:20:92:77:B8:72:19:69:06:40:DB:CB:B8:5F:7F:4C:98
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397373.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.223.0/24
179.61.252.0/24
181.41.215.0/24
181.214.217.0/24
181.215.5.0/24
181.215.242.0/23
181.215.248.0/24
185.172.64.0/24
185.172.67.0/24
191.96.25.0/24
191.96.32.0/24
191.96.131.0/24
191.96.177.0/24
191.96.194.0/24
191.96.221.0/24
191.96.246.0/24
191.101.16.0/24
191.101.44.0/22
191.101.191.0/24
Signature Algorithm: sha256WithRSAEncryption
97:d5:ed:7c:74:18:41:8a:3e:9f:81:b7:e0:93:8a:eb:28:f8:
c5:91:3a:e2:fc:9b:b9:8f:64:69:93:66:82:c1:74:c3:00:a3:
23:11:37:47:77:72:de:9f:06:98:12:26:88:e0:03:5b:a3:aa:
06:3d:3f:99:45:14:d7:77:41:79:56:d5:05:8d:89:d6:5a:e3:
df:fc:0a:ef:d2:28:db:3b:87:b1:0b:f3:9b:92:1e:96:7d:cc:
0a:52:b1:aa:29:c9:fb:2f:55:e2:72:41:63:94:80:d1:30:93:
61:fd:2c:d5:40:1b:4d:d1:40:26:bd:bc:8f:60:2e:0c:65:0e:
fa:ea:68:24:a2:b1:2f:3d:a3:84:35:8f:bf:87:2d:18:81:27:
a1:84:65:2c:0d:c1:cc:97:d2:4c:b5:03:de:45:ec:bb:bc:23:
20:a4:e4:1d:3d:b0:2b:62:98:80:fa:4d:e1:3d:25:73:d0:e4:
50:4e:ad:54:a9:f0:08:47:38:46:de:3c:a0:da:b4:6f:21:55:
ca:8a:b8:fe:c6:17:b1:f0:db:21:50:ae:66:09:11:9c:fd:3a:
d3:7c:98:50:a8:32:c3:c3:19:b2:81:6f:48:4b:ce:6b:ba:07:
af:ea:22:26:47:e2:1f:f9:bf:3e:fa:84:be:b2:a1:e7:09:b6:
0c:d6:df:36
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIUacYYrxbX0W9t6zVh6uZ/uTENjQ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA4MTQxNDEyMzhaFw0yNTA4MTMxNDE3MzhaMDMxMTAvBgNV
BAMTKEIzNUExMjU5MjA5Mjc3Qjg3MjE5NjkwNjQwREJDQkI4NUY3RjRDOTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxFxifN1TkoL2xS5oqPs/s9vZ1
htdsdwMjjPkx3jd28ey2fZZWIMTlXn7V5JJthulFayFqPQaOq3oofrLN48cdvRyB
dNA57t2nmBZNbob77R3LwxkQH6dC09A9KXeQUVyws735BkZwdvPUMx2cl5TXGoaq
hQIO8RktzSH00YA+YVxB1hJwO3BbC51xN+W8nkJPPRJH6fHm9gM/R6+wxOIMDv2I
62s3hCGZ9rdXr2wDRv0r9aV6Y9fb1U07buWZt0vRrkU34nsktclJVJoUbxZf/S8D
dPikDx4gND/8ZEhX1NBPOD+EumjxmLToRy/7ZBTCIFxxcnJ4gSG33MhOkcCJAgMB
AAGjggJ3MIICczAdBgNVHQ4EFgQUs1oSWSCSd7hyGWkGQNvLuF9/TJgwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk3MzczLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEALM9
3wMEALM9/AMEALUp1wMEALXW2QMEALXXBQMEAbXX8gMEALXX+AMEALmsQAMEALms
QwMEAL9gGQMEAL9gIAMEAL9ggwMEAL9gsQMEAL9gwgMEAL9g3QMEAL9g9gMEAL9l
EAMEAr9lLAMEAL9lvzANBgkqhkiG9w0BAQsFAAOCAQEAl9XtfHQYQYo+n4G34JOK
6yj4xZE64vybuY9kaZNmgsF0wwCjIxE3R3dy3p8GmBImiOADW6OqBj0/mUUU13dB
eVbVBY2J1lrj3/wK79Io2zuHsQvzm5Ieln3MClKxqinJ+y9V4nJBY5SA0TCTYf0s
1UAbTdFAJr28j2AuDGUO+upoJKKxLz2jhDWPv4ctGIEnoYRlLA3BzJfSTLUD3kXs
u7wjIKTkHT2wK2KYgPpN4T0lc9DkUE6tVKnwCEc4Rt48oNq0byFVyoq4/sYXsfDb
IVCuZgkRnP0603yYUKgyw8MZsoFvSEvOa7oHr+oiJkfiH/m/PvqEvrKh5wm2DNbf
Ng==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:39:59 2024 by rpki-client on console-ams.rpki-client.org