Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397423.roa
File: AS397423.roa (raw, json)
Hash identifier: 5fb9rsMrqYBSxxaxFwqaiRE8FLTO0vHvOqDRp5SoyJY=
Subject key identifier: F5:47:AB:02:64:A5:23:CF:71:29:07:0B:92:8A:52:A4:6F:30:E2:79
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 0EAD8FDA3765CC5A577B944FF67903523AA45240
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397423.roa
Signing time: Mon 11 Mar 2024 13:22:56 +0000
ROA not before: Mon 11 Mar 2024 13:17:56 +0000
ROA not after: Mon 10 Mar 2025 13:22:56 +0000
asID: 397423
IP address blocks: 179.61.194.0/24 maxlen: 24
181.214.133.0/24 maxlen: 24
181.214.152.0/24 maxlen: 24
181.215.22.0/24 maxlen: 24
181.215.47.0/24 maxlen: 24
181.215.49.0/24 maxlen: 24
181.215.242.0/24 maxlen: 24
181.215.243.0/24 maxlen: 24
181.215.244.0/24 maxlen: 24
191.96.101.0/24 maxlen: 24
191.96.155.0/24 maxlen: 24
191.96.166.0/24 maxlen: 24
191.96.186.0/24 maxlen: 24
191.96.233.0/24 maxlen: 24
191.101.30.0/24 maxlen: 24
191.101.166.0/24 maxlen: 24
191.101.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:ad:8f:da:37:65:cc:5a:57:7b:94:4f:f6:79:03:52:3a:a4:52:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 11 13:17:56 2024 GMT
Not After : Mar 10 13:22:56 2025 GMT
Subject: CN=F547AB0264A523CF7129070B928A52A46F30E279
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:87:ab:d5:e6:af:38:55:1c:83:a9:4b:a1:31:
02:be:9f:8e:76:37:a1:7e:bc:69:88:fe:bd:ba:d4:
f6:ae:0c:72:33:05:84:fd:da:26:fb:d6:9d:32:07:
9c:56:5d:fe:49:91:9c:b3:44:91:64:c4:d5:2f:16:
63:39:c7:1c:8c:67:fd:62:c2:e3:17:3c:be:61:8a:
83:6c:ef:b4:00:db:ba:12:29:ea:d8:0c:8e:86:d6:
2a:13:3b:2f:16:83:b6:05:a7:1e:6e:00:97:ef:52:
df:1d:47:9c:b8:76:13:21:a0:ed:b6:3d:b2:1b:64:
94:d1:9d:26:e8:d1:35:3b:b3:6c:2a:28:80:18:b6:
59:72:47:3d:0f:b0:d6:86:b6:f7:78:0d:6a:ed:3f:
41:05:27:ed:2e:7c:2b:f1:4a:6f:b3:0c:ca:0e:ad:
e8:de:c3:ac:95:80:29:89:05:49:0a:56:60:1c:1d:
65:23:87:b2:75:86:ea:76:ae:ec:4f:36:0a:77:ee:
b6:eb:48:5c:b8:d0:6a:01:24:c6:b9:cc:ad:05:5b:
56:ca:aa:8c:af:93:ab:7d:06:13:4e:f0:6a:79:fb:
8f:a5:ce:f7:7c:1c:9e:a9:af:ea:95:6d:8c:06:56:
32:69:3b:ac:db:4b:25:fb:7e:5d:51:9a:ff:54:a0:
b2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:47:AB:02:64:A5:23:CF:71:29:07:0B:92:8A:52:A4:6F:30:E2:79
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397423.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.194.0/24
181.214.133.0/24
181.214.152.0/24
181.215.22.0/24
181.215.47.0/24
181.215.49.0/24
181.215.242.0-181.215.244.255
191.96.101.0/24
191.96.155.0/24
191.96.166.0/24
191.96.186.0/24
191.96.233.0/24
191.101.30.0/24
191.101.166.0/24
191.101.172.0/24
Signature Algorithm: sha256WithRSAEncryption
43:70:dc:24:34:72:52:09:95:a3:a4:05:42:17:50:b1:c5:e8:
9a:bc:d8:86:d4:eb:a8:b7:ba:0b:ec:dd:09:b7:60:4b:24:63:
9d:19:ec:e5:26:b6:93:42:4d:45:11:f3:37:a2:28:d8:2e:79:
a6:2e:c8:37:d3:82:48:f8:61:de:11:c8:2b:16:c0:07:32:51:
00:cd:91:3e:c6:68:c8:61:36:99:a6:dd:df:12:d6:91:4e:18:
0a:1a:f9:29:50:5b:19:37:c2:ca:e4:a3:f5:e6:b2:99:43:59:
22:80:14:31:d8:7b:b2:3a:fe:fb:52:af:0f:3e:31:8a:c5:ee:
d5:b6:77:1f:01:26:b8:ab:fb:81:96:7e:ec:4d:3a:b8:9a:cf:
39:12:43:6f:35:77:94:6c:44:b0:ce:3f:0f:df:72:13:70:2e:
b1:fe:bc:dd:b6:fb:62:32:bb:fc:2b:26:da:d1:19:22:b5:46:
82:21:ac:4c:39:1c:dc:17:75:a8:1a:7e:78:11:54:79:38:26:
1f:8b:ce:8d:4f:69:5d:e7:09:fa:84:02:68:6b:72:5c:7f:48:
7c:e4:ca:10:95:d3:2f:e0:23:5b:39:7d:1c:b0:52:03:33:7b:
be:f5:f8:80:e7:67:e3:bf:40:cc:14:df:ba:02:34:c9:a4:d6:
73:22:de:c6
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgIUDq2P2jdlzFpXe5RP9nkDUjqkUkAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAzMTExMzE3NTZaFw0yNTAzMTAxMzIyNTZaMDMxMTAvBgNV
BAMTKEY1NDdBQjAyNjRBNTIzQ0Y3MTI5MDcwQjkyOEE1MkE0NkYzMEUyNzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfh6vV5q84VRyDqUuhMQK+n452
N6F+vGmI/r261PauDHIzBYT92ib71p0yB5xWXf5JkZyzRJFkxNUvFmM5xxyMZ/1i
wuMXPL5hioNs77QA27oSKerYDI6G1ioTOy8Wg7YFpx5uAJfvUt8dR5y4dhMhoO22
PbIbZJTRnSbo0TU7s2wqKIAYtllyRz0PsNaGtvd4DWrtP0EFJ+0ufCvxSm+zDMoO
rejew6yVgCmJBUkKVmAcHWUjh7J1hup2ruxPNgp37rbrSFy40GoBJMa5zK0FW1bK
qoyvk6t9BhNO8Gp5+4+lzvd8HJ6pr+qVbYwGVjJpO6zbSyX7fl1Rmv9UoLIHAgMB
AAGjggJmMIICYjAdBgNVHQ4EFgQU9UerAmSlI89xKQcLkopSpG8w4nkwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk3NDIzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAsz3C
AwQAtdaFAwQAtdaYAwQAtdcWAwQAtdcvAwQAtdcxMAwDBAG11/IDBAC11/QDBAC/
YGUDBAC/YJsDBAC/YKYDBAC/YLoDBAC/YOkDBAC/ZR4DBAC/ZaYDBAC/ZawwDQYJ
KoZIhvcNAQELBQADggEBAENw3CQ0clIJlaOkBUIXULHF6Jq82IbU66i3ugvs3Qm3
YEskY50Z7OUmtpNCTUUR8zeiKNgueaYuyDfTgkj4Yd4RyCsWwAcyUQDNkT7GaMhh
Npmm3d8S1pFOGAoa+SlQWxk3wsrko/XmsplDWSKAFDHYe7I6/vtSrw8+MYrF7tW2
dx8BJrir+4GWfuxNOriazzkSQ281d5RsRLDOPw/fchNwLrH+vN22+2Iyu/wrJtrR
GSK1RoIhrEw5HNwXdagafngRVHk4Jh+Lzo1PaV3nCfqEAmhrclx/SHzkyhCV0y/g
I1s5fRywUgMze771+IDnZ+O/QMwU37oCNMmk1nMi3sY=
-----END CERTIFICATE-----
Generated at Sat May 4 12:14:07 2024 by rpki-client on console-ams.rpki-client.org