Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS399448.roa
File: AS399448.roa (raw, json)
Hash identifier: vTnViaCF7EA9da7WlNhjLIeTzsTstqa/SOkdPNc2p94=
Subject key identifier: 0A:27:CF:56:85:2C:23:24:5F:EB:38:56:C3:A7:F1:3F:51:05:B6:E6
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 2D4711B968E2CE874251549D908416C14FF96020
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS399448.roa
Signing time: Wed 26 Jul 2023 19:06:33 +0000
ROA not before: Wed 26 Jul 2023 19:01:33 +0000
ROA not after: Wed 24 Jul 2024 19:06:33 +0000
asID: 399448
IP address blocks: 181.214.0.0/24 maxlen: 24
181.214.14.0/24 maxlen: 24
181.215.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:47:11:b9:68:e2:ce:87:42:51:54:9d:90:84:16:c1:4f:f9:60:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jul 26 19:01:33 2023 GMT
Not After : Jul 24 19:06:33 2024 GMT
Subject: CN=0A27CF56852C23245FEB3856C3A7F13F5105B6E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:1c:7c:ea:1d:32:8a:e0:71:99:7a:3d:3d:64:
d0:46:78:35:01:60:00:00:0e:5a:44:1c:ad:9d:14:
69:14:36:38:bd:44:20:17:ce:0c:1f:25:93:af:48:
3f:01:f8:65:30:ba:53:f8:ef:90:7c:77:af:52:57:
6d:1d:16:35:e0:19:5e:b0:80:52:a5:73:46:23:1d:
07:10:85:8b:d7:ac:7a:57:c4:24:ab:88:f3:00:f6:
ca:31:fb:16:c0:7b:1c:2d:83:a2:19:f7:86:87:09:
4d:e8:ed:19:92:d2:4a:0c:e6:8b:1e:a2:3b:45:4b:
d8:36:1a:50:7a:17:5b:47:2d:cf:f8:4a:e8:4b:e0:
5e:2a:e1:eb:89:ab:95:04:cc:0c:39:65:dd:01:7c:
18:72:fd:51:7e:6c:25:45:80:15:9d:e4:38:f8:9b:
83:b6:60:c1:42:3d:c3:1f:7d:46:6a:bb:fa:6f:7f:
da:14:0f:bb:5a:6a:68:1a:bd:72:e5:21:8d:6d:ee:
12:dc:d4:61:e5:3b:12:df:0f:92:46:ee:1e:a1:10:
ee:b1:46:79:b1:cd:92:b3:76:25:f5:99:73:d9:d8:
08:a9:07:6d:84:ff:f8:23:57:5e:f9:38:58:81:74:
fb:23:18:5f:a0:d6:18:25:c6:d8:de:f0:6c:01:4b:
90:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:27:CF:56:85:2C:23:24:5F:EB:38:56:C3:A7:F1:3F:51:05:B6:E6
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS399448.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.0.0/24
181.214.14.0/24
181.215.3.0/24
Signature Algorithm: sha256WithRSAEncryption
17:ba:66:90:70:b4:90:09:5c:67:5a:b8:b8:5c:a8:57:c2:0b:
dd:d3:39:e8:61:8f:ff:d0:3f:21:9d:be:42:7f:fe:93:98:61:
27:49:5d:0b:20:02:64:7f:5f:72:a4:c3:47:95:c9:82:b2:69:
68:aa:51:c5:a6:ea:65:0f:b3:cc:99:6d:88:82:83:cc:f6:3b:
6d:a1:cd:19:3d:f4:bd:b7:91:2b:bc:fe:10:17:db:0c:78:03:
95:d4:71:65:02:25:b1:e9:f9:0f:95:1c:32:45:56:67:3b:64:
f3:06:16:d4:46:85:12:71:b0:76:b3:89:b5:93:5f:f5:21:8f:
85:d6:dd:6a:72:54:44:a0:2e:c7:c2:0c:1c:0c:25:10:1f:8b:
a9:ee:a2:d7:a2:f5:88:71:a3:70:40:c9:21:50:96:f6:b8:0b:
48:35:eb:b2:67:39:4a:6f:b7:83:b8:03:c5:79:22:62:ce:30:
86:a2:c0:87:90:f6:14:df:78:94:e5:64:38:eb:87:b6:d0:d3:
19:d1:be:ba:d1:d4:25:11:1c:74:ae:d3:6f:c8:1c:15:a4:7c:
2e:49:61:7d:08:cb:6a:fb:5f:12:cf:2a:1c:ee:95:7c:73:be:
12:df:90:d1:b3:51:97:18:82:09:55:f7:2e:8a:1b:fd:e4:7e:
09:f1:9e:59
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIULUcRuWjizodCUVSdkIQWwU/5YCAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzA3MjYxOTAxMzNaFw0yNDA3MjQxOTA2MzNaMDMxMTAvBgNV
BAMTKDBBMjdDRjU2ODUyQzIzMjQ1RkVCMzg1NkMzQTdGMTNGNTEwNUI2RTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCIHHzqHTKK4HGZej09ZNBGeDUB
YAAADlpEHK2dFGkUNji9RCAXzgwfJZOvSD8B+GUwulP475B8d69SV20dFjXgGV6w
gFKlc0YjHQcQhYvXrHpXxCSriPMA9sox+xbAexwtg6IZ94aHCU3o7RmS0koM5ose
ojtFS9g2GlB6F1tHLc/4SuhL4F4q4euJq5UEzAw5Zd0BfBhy/VF+bCVFgBWd5Dj4
m4O2YMFCPcMffUZqu/pvf9oUD7taamgavXLlIY1t7hLc1GHlOxLfD5JG7h6hEO6x
RnmxzZKzdiX1mXPZ2AipB22E//gjV175OFiBdPsjGF+g1hglxtje8GwBS5BFAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUCifPVoUsIyRf6zhWw6fxP1EFtuYwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk5NDQ4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAtdYA
AwQAtdYOAwQAtdcDMA0GCSqGSIb3DQEBCwUAA4IBAQAXumaQcLSQCVxnWri4XKhX
wgvd0znoYY//0D8hnb5Cf/6TmGEnSV0LIAJkf19ypMNHlcmCsmloqlHFpuplD7PM
mW2IgoPM9jttoc0ZPfS9t5ErvP4QF9sMeAOV1HFlAiWx6fkPlRwyRVZnO2TzBhbU
RoUScbB2s4m1k1/1IY+F1t1qclREoC7HwgwcDCUQH4up7qLXovWIcaNwQMkhUJb2
uAtINeuyZzlKb7eDuAPFeSJizjCGosCHkPYU33iU5WQ464e20NMZ0b660dQlERx0
rtNvyBwVpHwuSWF9CMtq+18Szyoc7pV8c74S35DRs1GXGIIJVfcuihv95H4J8Z5Z
-----END CERTIFICATE-----
Generated at Thu May 2 16:58:34 2024 by rpki-client on console-fra.rpki-client.org