Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400039.roa
File: AS400039.roa (raw, json)
Hash identifier: Ve9NdPx5HlJGS96sI0W5oHoVooixERnBgUf2ELyTk4o=
Subject key identifier: 25:BF:8A:31:FE:87:F3:06:1D:DC:8C:93:7B:2B:43:B8:F6:65:39:BD
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 4FDB7F4965548E5E15B693576816BB75D731786B
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400039.roa
Signing time: Wed 31 Jan 2024 08:05:10 +0000
ROA not before: Wed 31 Jan 2024 08:00:10 +0000
ROA not after: Wed 29 Jan 2025 08:05:10 +0000
asID: 400039
IP address blocks: 5.181.129.0/24 maxlen: 24
181.215.245.0/24 maxlen: 24
191.96.197.0/24 maxlen: 24
191.101.57.0/24 maxlen: 24
193.31.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:db:7f:49:65:54:8e:5e:15:b6:93:57:68:16:bb:75:d7:31:78:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 31 08:00:10 2024 GMT
Not After : Jan 29 08:05:10 2025 GMT
Subject: CN=25BF8A31FE87F3061DDC8C937B2B43B8F66539BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f3:50:16:8a:71:43:91:b1:58:e2:79:d9:a9:
2c:ea:3f:2e:24:b6:e9:b6:f0:b4:3a:2b:8b:41:0c:
1d:31:5b:d8:5a:22:33:71:8f:2d:c7:dc:45:8d:f7:
64:dc:9a:79:17:4f:bf:4e:20:5f:e8:8a:40:01:ea:
74:fa:67:50:fe:7d:49:26:a3:7d:2d:8b:1b:c8:d7:
70:60:70:bb:db:cb:b2:68:c5:3a:99:61:81:21:67:
b0:e3:28:c1:f2:50:8f:3a:7e:e2:90:c4:86:51:05:
51:ca:4f:7e:40:00:c8:07:ba:ec:dc:21:6a:2b:93:
2e:43:84:18:a8:2d:d4:b0:33:0d:d2:db:c5:aa:0a:
8f:39:37:7d:56:82:99:f2:71:bd:b0:10:b4:7f:37:
d8:4e:fe:01:c3:05:c6:9f:25:7c:f6:59:1d:bb:7e:
e7:36:b0:43:84:5c:cf:4e:d6:19:89:05:36:c3:9c:
a6:bc:62:5d:8d:35:fd:74:a8:23:74:9d:b8:e6:17:
d3:35:94:69:70:0a:92:85:44:57:27:e3:cc:38:f7:
ec:2e:aa:a9:fa:4d:65:53:62:3e:a6:60:81:fe:d5:
ea:1c:a7:90:83:c5:c7:7f:10:31:98:49:29:27:18:
f9:2a:b7:a3:da:66:4a:c0:6e:19:e3:eb:67:9a:2e:
f7:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:BF:8A:31:FE:87:F3:06:1D:DC:8C:93:7B:2B:43:B8:F6:65:39:BD
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.129.0/24
181.215.245.0/24
191.96.197.0/24
191.101.57.0/24
193.31.42.0/24
Signature Algorithm: sha256WithRSAEncryption
87:76:89:ce:38:b4:73:4e:ca:b2:23:bd:5e:0d:c3:ea:e2:03:
98:0e:cc:78:bd:ef:11:d7:bb:44:2c:f6:73:a4:95:ac:65:e0:
5c:f3:c2:fa:84:26:fe:9f:26:80:ca:75:99:8a:27:44:48:9b:
77:1a:b8:b8:34:70:33:e7:0f:1f:c8:04:b5:b9:17:16:13:bb:
42:2e:21:bd:4c:78:5b:7d:8b:7c:bb:5b:cb:d1:2d:70:11:1e:
d6:19:28:82:f5:c3:df:48:54:c6:7a:06:38:b7:bd:bc:cd:8e:
c5:d0:fd:dc:f6:1e:60:7b:48:e0:a5:8e:6a:1a:92:04:54:ff:
75:83:ad:5d:7f:c3:66:b6:0a:dd:3b:97:97:ca:22:4d:2f:ca:
75:d8:2f:e7:af:00:2c:da:63:cd:e8:13:c0:2b:40:c4:da:75:
bc:39:d1:2c:73:c3:72:9b:25:20:9e:e7:83:bd:81:85:dc:59:
a3:2a:38:60:aa:f1:c3:b8:d9:7b:2c:6e:70:cb:32:a7:41:d4:
dc:6e:9b:39:eb:03:21:a4:4b:c8:61:63:e0:c2:80:43:17:fd:
3e:e2:81:5c:b0:89:24:cf:16:41:5c:cc:cc:a1:6e:44:b2:e4:
5e:4e:97:e3:11:45:41:ee:63:71:f6:a1:e8:ef:8a:bb:6b:af:
1e:18:0d:e1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUT9t/SWVUjl4VtpNXaBa7ddcxeGswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAxMzEwODAwMTBaFw0yNTAxMjkwODA1MTBaMDMxMTAvBgNV
BAMTKDI1QkY4QTMxRkU4N0YzMDYxRERDOEM5MzdCMkI0M0I4RjY2NTM5QkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl81AWinFDkbFY4nnZqSzqPy4k
tum28LQ6K4tBDB0xW9haIjNxjy3H3EWN92TcmnkXT79OIF/oikAB6nT6Z1D+fUkm
o30tixvI13BgcLvby7JoxTqZYYEhZ7DjKMHyUI86fuKQxIZRBVHKT35AAMgHuuzc
IWorky5DhBioLdSwMw3S28WqCo85N31Wgpnycb2wELR/N9hO/gHDBcafJXz2WR27
fuc2sEOEXM9O1hmJBTbDnKa8Yl2NNf10qCN0nbjmF9M1lGlwCpKFRFcn48w49+wu
qqn6TWVTYj6mYIH+1eocp5CDxcd/EDGYSSknGPkqt6PaZkrAbhnj62eaLvdNAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUJb+KMf6H8wYd3IyTeytDuPZlOb0wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDAwMDM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABbWB
AwQAtdf1AwQAv2DFAwQAv2U5AwQAwR8qMA0GCSqGSIb3DQEBCwUAA4IBAQCHdonO
OLRzTsqyI71eDcPq4gOYDsx4ve8R17tELPZzpJWsZeBc88L6hCb+nyaAynWZiidE
SJt3Gri4NHAz5w8fyAS1uRcWE7tCLiG9THhbfYt8u1vL0S1wER7WGSiC9cPfSFTG
egY4t728zY7F0P3c9h5ge0jgpY5qGpIEVP91g61df8NmtgrdO5eXyiJNL8p12C/n
rwAs2mPN6BPAK0DE2nW8OdEsc8NymyUgnueDvYGF3FmjKjhgqvHDuNl7LG5wyzKn
QdTcbps56wMhpEvIYWPgwoBDF/0+4oFcsIkkzxZBXMzMoW5EsuReTpfjEUVB7mNx
9qHo74q7a68eGA3h
-----END CERTIFICATE-----
Generated at Sun May 5 01:34:11 2024 by rpki-client on console-ams.rpki-client.org