Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS398779.roa
File: AS398779.roa (raw, json)
Hash identifier: Lt4+ayWLA7LWs30Y4vuX/CZaXkAfTHdOeYqXwBwXhtI=
Subject key identifier: 65:0B:F3:4C:DD:1C:18:9E:E8:4A:16:5E:C1:FD:D8:A9:26:C6:DE:FE
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 7EC4654BEF32F54FB32CC9B444BCC06EAF4FDC4B
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS398779.roa
Signing time: Tue 24 Sep 2024 07:29:14 +0000
ROA not before: Tue 24 Sep 2024 07:24:14 +0000
ROA not after: Tue 23 Sep 2025 07:29:14 +0000
asID: 398779
IP address blocks: 191.96.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:c4:65:4b:ef:32:f5:4f:b3:2c:c9:b4:44:bc:c0:6e:af:4f:dc:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Sep 24 07:24:14 2024 GMT
Not After : Sep 23 07:29:14 2025 GMT
Subject: CN=650BF34CDD1C189EE84A165EC1FDD8A926C6DEFE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:60:88:18:d5:a0:ad:86:35:e8:f0:dd:6f:2e:
a0:22:83:f3:6c:40:59:16:45:a1:46:6d:8b:b9:96:
8e:60:ce:2e:cc:aa:e0:26:88:2c:75:08:08:25:2c:
33:95:62:26:ee:93:50:e5:da:21:81:36:92:9a:b1:
b7:1c:a2:23:1d:45:4c:5d:6d:69:90:03:22:61:20:
f0:1b:9f:84:16:b1:a9:24:bb:33:04:d7:41:87:3b:
f2:a6:a1:b0:34:fd:18:df:e6:62:7f:e3:58:ee:e0:
b2:07:33:c2:22:89:6c:7c:f4:7f:7e:a4:ea:fb:c8:
24:76:d3:10:41:c0:d6:e4:7e:48:e9:ba:78:0e:d7:
27:0a:fb:17:fe:da:1a:fc:c3:6c:c1:f0:96:25:24:
66:67:3f:48:25:b5:0b:83:81:4e:b8:40:6d:74:8f:
c4:9d:5b:bf:ce:64:36:a6:a3:35:c5:66:0d:48:75:
fc:35:af:f2:dc:83:6e:75:3e:2b:86:cf:5b:53:83:
f4:b4:6c:a6:49:8c:ed:a3:f1:fc:65:90:c8:f5:d8:
63:79:8a:17:4b:20:7a:a9:dc:b8:57:30:ae:41:63:
63:1e:94:1f:31:37:0d:6a:54:f9:4d:70:2b:00:23:
03:f0:ab:8a:7c:97:0a:97:6d:65:1f:6d:8c:d5:d8:
91:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:0B:F3:4C:DD:1C:18:9E:E8:4A:16:5E:C1:FD:D8:A9:26:C6:DE:FE
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS398779.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.49.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:c9:a6:42:4c:50:4e:f7:f0:dd:9e:0f:8b:80:b9:0f:76:cb:
77:bf:50:0c:c1:09:0f:36:b9:86:03:83:89:55:2b:d0:34:23:
7a:d2:26:67:4f:ec:0f:9c:e6:9b:33:a2:c9:08:00:a1:a4:5f:
53:c9:6d:42:34:97:d4:47:e6:b7:93:dc:67:a5:38:e8:7e:9b:
92:9d:19:c1:bb:34:da:a5:5a:34:f9:4d:5f:d6:09:be:d3:81:
ac:c0:63:18:1f:4f:46:35:09:ae:44:ac:a7:5f:1c:82:5d:a5:
4c:a7:17:29:24:a4:95:7d:b5:66:c3:c8:5c:5d:4e:39:9e:69:
bf:91:12:9b:5a:a0:a6:aa:f7:cc:67:29:ae:d4:6b:56:14:01:
5b:55:1e:f3:3a:ed:f3:e9:54:1c:cc:db:4f:d8:03:31:30:27:
b0:fc:c7:a0:fd:7d:1e:07:d2:26:58:57:c1:16:32:e2:8f:b5:
24:17:88:8e:3b:dc:13:07:a6:c2:7f:87:1a:ca:60:1a:1f:3d:
74:22:14:43:ab:b4:bd:64:3d:9c:fc:f0:fb:27:2c:e7:db:8a:
58:3d:4c:1e:87:77:73:cf:30:e2:cc:e7:8a:88:14:b2:bb:9c:
19:25:b2:fd:f7:c9:92:8b:07:ac:e5:c8:5a:11:8d:da:07:32:
56:22:ae:8a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUfsRlS+8y9U+zLMm0RLzAbq9P3EswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA5MjQwNzI0MTRaFw0yNTA5MjMwNzI5MTRaMDMxMTAvBgNV
BAMTKDY1MEJGMzRDREQxQzE4OUVFODRBMTY1RUMxRkREOEE5MjZDNkRFRkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtYIgY1aCthjXo8N1vLqAig/Ns
QFkWRaFGbYu5lo5gzi7MquAmiCx1CAglLDOVYibuk1Dl2iGBNpKasbccoiMdRUxd
bWmQAyJhIPAbn4QWsakkuzME10GHO/KmobA0/Rjf5mJ/41ju4LIHM8IiiWx89H9+
pOr7yCR20xBBwNbkfkjpungO1ycK+xf+2hr8w2zB8JYlJGZnP0gltQuDgU64QG10
j8SdW7/OZDamozXFZg1Idfw1r/Lcg251PiuGz1tTg/S0bKZJjO2j8fxlkMj12GN5
ihdLIHqp3LhXMK5BY2MelB8xNw1qVPlNcCsAIwPwq4p8lwqXbWUfbYzV2JFHAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUZQvzTN0cGJ7oShZewf3YqSbG3v4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk4Nzc5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2Ax
MA0GCSqGSIb3DQEBCwUAA4IBAQCcyaZCTFBO9/Ddng+LgLkPdst3v1AMwQkPNrmG
A4OJVSvQNCN60iZnT+wPnOabM6LJCAChpF9TyW1CNJfUR+a3k9xnpTjofpuSnRnB
uzTapVo0+U1f1gm+04GswGMYH09GNQmuRKynXxyCXaVMpxcpJKSVfbVmw8hcXU45
nmm/kRKbWqCmqvfMZymu1GtWFAFbVR7zOu3z6VQczNtP2AMxMCew/Meg/X0eB9Im
WFfBFjLij7UkF4iOO9wTB6bCf4caymAaHz10IhRDq7S9ZD2c/PD7Jyzn24pYPUwe
h3dzzzDizOeKiBSyu5wZJbL998mSiwes5chaEY3aBzJWIq6K
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:44:48 2024 by rpki-client on console-fra.rpki-client.org