Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397423.roa
File: AS397423.roa (raw, json)
Hash identifier: TOTUZRj+3yTvnjvavJJIeWqRXIBTuPFVbYJm88RaDeI=
Subject key identifier: 71:FE:C6:95:AD:0F:73:70:27:A6:79:40:AF:4E:7A:4C:54:99:98:3B
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 78ADEA41456B0B3D93001B99E7E58D4DAABE804E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397423.roa
Signing time: Wed 14 Aug 2024 11:15:03 +0000
ROA not before: Wed 14 Aug 2024 11:10:03 +0000
ROA not after: Wed 13 Aug 2025 11:15:03 +0000
asID: 397423
IP address blocks: 179.61.194.0/24 maxlen: 24
181.214.133.0/24 maxlen: 24
181.214.152.0/24 maxlen: 24
181.215.22.0/24 maxlen: 24
181.215.47.0/24 maxlen: 24
181.215.49.0/24 maxlen: 24
181.215.242.0/24 maxlen: 24
181.215.243.0/24 maxlen: 24
181.215.244.0/24 maxlen: 24
191.96.101.0/24 maxlen: 24
191.96.155.0/24 maxlen: 24
191.96.166.0/24 maxlen: 24
191.96.186.0/24 maxlen: 24
191.96.233.0/24 maxlen: 24
191.101.30.0/24 maxlen: 24
191.101.166.0/24 maxlen: 24
191.101.172.0/24 maxlen: 24
191.101.207.0/24 maxlen: 24
191.101.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:ad:ea:41:45:6b:0b:3d:93:00:1b:99:e7:e5:8d:4d:aa:be:80:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Aug 14 11:10:03 2024 GMT
Not After : Aug 13 11:15:03 2025 GMT
Subject: CN=71FEC695AD0F737027A67940AF4E7A4C5499983B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:50:c8:77:52:1e:09:86:81:8f:02:29:92:bf:
34:07:34:c8:c1:02:74:df:4f:c6:f5:ef:c0:07:ca:
6f:a0:28:81:19:f3:e0:d6:52:68:00:84:2a:8f:f2:
48:0f:c4:15:c9:e0:5a:b1:da:61:bd:41:0d:cf:96:
f9:80:69:2e:8d:1b:74:a4:22:b6:dd:d1:4c:e8:eb:
80:4c:d8:36:1d:3a:96:74:9c:d8:29:93:4d:b6:28:
a4:a7:53:6f:58:f4:75:25:b2:71:17:58:ba:a2:a6:
8c:85:41:02:c7:db:18:ba:68:0a:fa:44:c4:6f:c3:
d8:47:4b:ea:83:f5:84:c8:39:79:1b:5a:db:db:ae:
62:38:be:9a:42:e9:5e:f7:dd:f6:44:3f:f0:f5:c3:
4f:e3:6f:3f:23:54:b8:ba:95:e2:c4:d4:5d:91:77:
54:6f:fe:a2:f2:09:95:e9:bd:07:df:7b:e9:be:46:
09:1f:49:6c:98:b1:e9:40:78:ed:6b:ef:23:7e:4d:
74:69:c4:28:00:6d:28:9a:f2:91:11:0a:8a:d9:96:
4f:23:8d:ef:ff:37:56:5f:2f:35:3e:7d:14:7a:b3:
e6:ac:7e:15:07:66:d9:e6:2d:75:60:1e:b1:17:90:
50:90:72:bc:87:51:c8:ee:77:dd:4e:aa:79:ab:fd:
ad:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:FE:C6:95:AD:0F:73:70:27:A6:79:40:AF:4E:7A:4C:54:99:98:3B
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397423.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.194.0/24
181.214.133.0/24
181.214.152.0/24
181.215.22.0/24
181.215.47.0/24
181.215.49.0/24
181.215.242.0-181.215.244.255
191.96.101.0/24
191.96.155.0/24
191.96.166.0/24
191.96.186.0/24
191.96.233.0/24
191.101.30.0/24
191.101.166.0/24
191.101.172.0/24
191.101.207.0/24
191.101.227.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:7a:77:41:ad:d4:e0:b4:04:bf:ff:1d:0b:1d:4d:6f:ae:b8:
0c:97:31:cd:2f:7e:76:87:ac:85:c8:33:10:af:e0:c6:88:75:
62:e1:f6:de:fa:41:94:9b:b8:54:98:15:7c:5d:fb:9f:bc:57:
26:74:74:89:03:06:10:64:b0:15:93:9b:4e:e1:92:c6:10:62:
f8:e0:5a:63:8b:69:4b:7c:02:13:29:c3:bc:d2:61:9d:ea:7f:
77:04:cf:4b:99:b0:76:6d:ec:b4:9b:db:cc:56:ba:5f:12:5c:
a7:60:6f:6b:dc:a6:8e:a0:82:69:00:98:81:35:75:a5:ba:ba:
c2:44:34:93:48:c4:c9:f5:80:3b:2d:e4:0b:95:df:06:45:93:
f2:12:09:5a:1f:0e:72:04:3c:b0:9c:e1:33:4b:05:74:df:e2:
35:3b:1a:a7:b1:94:54:c6:0d:89:1c:a6:5b:a9:0e:74:42:80:
ec:42:d0:0e:2f:c9:db:0f:17:89:7d:05:a5:62:d4:f3:59:fd:
5b:f9:dd:40:80:ca:e3:34:90:15:2e:e1:2a:78:7b:ab:04:a7:
fd:2f:bf:80:d1:ac:50:76:2b:16:f8:b3:aa:7d:7c:52:74:d8:
83:71:60:ce:4d:9b:2e:09:37:e7:a2:74:83:33:e7:8e:1a:bd:
4f:74:bf:e7
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgIUeK3qQUVrCz2TABuZ5+WNTaq+gE4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA4MTQxMTEwMDNaFw0yNTA4MTMxMTE1MDNaMDMxMTAvBgNV
BAMTKDcxRkVDNjk1QUQwRjczNzAyN0E2Nzk0MEFGNEU3QTRDNTQ5OTk4M0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoUMh3Uh4JhoGPAimSvzQHNMjB
AnTfT8b178AHym+gKIEZ8+DWUmgAhCqP8kgPxBXJ4Fqx2mG9QQ3PlvmAaS6NG3Sk
Irbd0Uzo64BM2DYdOpZ0nNgpk022KKSnU29Y9HUlsnEXWLqipoyFQQLH2xi6aAr6
RMRvw9hHS+qD9YTIOXkbWtvbrmI4vppC6V733fZEP/D1w0/jbz8jVLi6leLE1F2R
d1Rv/qLyCZXpvQffe+m+RgkfSWyYselAeO1r7yN+TXRpxCgAbSia8pERCorZlk8j
je//N1ZfLzU+fRR6s+asfhUHZtnmLXVgHrEXkFCQcryHUcjud91Oqnmr/a2zAgMB
AAGjggJzMIICbzAdBgNVHQ4EFgQUcf7Gla0Pc3AnpnlAr056TFSZmDswHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk3NDIzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEALM9
wgMEALXWhQMEALXWmAMEALXXFgMEALXXLwMEALXXMTAMAwQBtdfyAwQAtdf0AwQA
v2BlAwQAv2CbAwQAv2CmAwQAv2C6AwQAv2DpAwQAv2UeAwQAv2WmAwQAv2WsAwQA
v2XPAwQAv2XjMA0GCSqGSIb3DQEBCwUAA4IBAQAaendBrdTgtAS//x0LHU1vrrgM
lzHNL352h6yFyDMQr+DGiHVi4fbe+kGUm7hUmBV8XfufvFcmdHSJAwYQZLAVk5tO
4ZLGEGL44Fpji2lLfAITKcO80mGd6n93BM9LmbB2bey0m9vMVrpfElynYG9r3KaO
oIJpAJiBNXWlurrCRDSTSMTJ9YA7LeQLld8GRZPyEglaHw5yBDywnOEzSwV03+I1
OxqnsZRUxg2JHKZbqQ50QoDsQtAOL8nbDxeJfQWlYtTzWf1b+d1AgMrjNJAVLuEq
eHurBKf9L7+A0axQdisW+LOqfXxSdNiDcWDOTZsuCTfnonSDM+eOGr1PdL/n
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:44:48 2024 by rpki-client on console-fra.rpki-client.org