Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400039.roa
File: AS400039.roa (raw, json)
Hash identifier: g0gQTl/wSh4JDXyYpadYwRSF2hjx6tpdtkea3kRgM/4=
Subject key identifier: 72:9B:7C:B6:28:41:C0:0F:33:64:DF:F8:1D:83:33:DF:40:AD:E0:1C
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 0E3819B4EAC645878FDFC38E96BCFF78E52F5C1B
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400039.roa
Signing time: Wed 01 Jan 2025 08:53:49 +0000
ROA not before: Wed 01 Jan 2025 08:48:49 +0000
ROA not after: Wed 31 Dec 2025 08:53:49 +0000
asID: 400039
IP address blocks: 5.181.129.0/24 maxlen: 24
181.215.245.0/24 maxlen: 24
191.96.197.0/24 maxlen: 24
191.101.57.0/24 maxlen: 24
193.31.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:38:19:b4:ea:c6:45:87:8f:df:c3:8e:96:bc:ff:78:e5:2f:5c:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 1 08:48:49 2025 GMT
Not After : Dec 31 08:53:49 2025 GMT
Subject: CN=729B7CB62841C00F3364DFF81D8333DF40ADE01C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:fe:2b:a6:63:c1:03:ce:73:18:fd:07:da:39:
ad:d8:5e:d0:0e:eb:0e:9b:22:b1:aa:0c:d1:dc:03:
a9:b2:73:36:2b:82:b5:d4:c7:ae:b2:9f:c0:be:96:
96:a4:2b:47:9d:09:70:d8:d8:b0:f7:68:d3:64:9c:
c9:9e:b8:33:62:3e:51:e5:48:b6:9c:d1:0b:f3:cb:
ac:73:fd:c8:58:45:c0:ed:a0:60:b6:64:a7:bb:89:
8f:6c:fb:e7:7c:6e:ed:22:d7:d4:a5:37:53:06:3e:
c5:3b:79:74:17:e5:87:61:fc:79:80:52:a6:0d:1b:
7a:d5:6b:99:15:24:9b:77:02:9f:0a:18:6e:c2:da:
33:2b:74:b1:09:d6:d4:88:69:98:b5:65:48:1d:41:
ab:58:14:5d:c2:54:a2:b2:91:80:78:92:fd:a6:40:
5a:7b:e1:16:0c:74:02:0f:93:bf:5f:13:e5:f9:ef:
fe:bb:53:3c:bd:94:30:b4:76:bc:99:bc:b6:07:e7:
c0:2e:40:40:90:bd:bd:75:40:bd:4c:d2:a2:29:18:
29:65:52:56:65:d0:24:e6:74:b6:9c:f6:fd:9a:d3:
27:f6:04:71:11:c0:dc:0c:28:c6:4b:93:51:70:97:
34:1d:b6:24:27:4d:fc:07:07:e8:7a:c5:35:ba:f1:
aa:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:9B:7C:B6:28:41:C0:0F:33:64:DF:F8:1D:83:33:DF:40:AD:E0:1C
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.129.0/24
181.215.245.0/24
191.96.197.0/24
191.101.57.0/24
193.31.42.0/24
Signature Algorithm: sha256WithRSAEncryption
82:05:31:f0:07:ce:b0:25:17:a2:65:15:97:77:eb:54:be:1f:
b0:d4:b4:95:ad:82:cc:fe:8a:c8:67:1d:5b:5b:3d:4a:3d:0a:
18:b4:19:0c:4e:e5:f9:55:79:a1:c4:91:dd:2d:51:70:2c:ff:
8f:f0:15:81:fc:47:e1:31:ca:b7:c9:c2:5e:04:56:be:3b:55:
94:9a:8b:76:35:39:63:1c:8e:c8:46:2a:93:6a:60:bd:b7:a7:
49:46:27:45:f6:d6:01:12:40:d8:bf:f8:e0:50:55:40:be:94:
48:ee:e0:96:11:fd:a2:27:a1:1f:6a:d5:cc:41:33:c3:b5:42:
f0:1a:34:f1:d4:f2:5a:a3:e3:f6:dd:8c:f4:81:db:cf:05:c5:
8b:ac:41:6f:a6:a0:08:c6:f0:6c:a3:06:2a:97:a8:0c:43:d3:
7d:3b:77:32:cd:06:d9:0d:00:52:a1:8f:c7:5c:b9:84:3a:41:
51:70:2c:1b:61:d5:04:93:4c:1e:16:f3:c1:9c:ca:0d:b1:1e:
68:ca:c4:bf:b2:b7:e6:7c:51:fb:63:68:46:be:51:40:c8:56:
bc:61:f3:30:53:6e:3b:5e:02:fc:c1:df:e4:7c:c5:56:59:e5:
af:90:52:1a:91:c6:c2:58:85:4f:e8:dd:e3:60:45:c6:73:e7:
90:bb:12:59
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUDjgZtOrGRYeP38OOlrz/eOUvXBswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAxMDEwODQ4NDlaFw0yNTEyMzEwODUzNDlaMDMxMTAvBgNV
BAMTKDcyOUI3Q0I2Mjg0MUMwMEYzMzY0REZGODFEODMzM0RGNDBBREUwMUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg/iumY8EDznMY/QfaOa3YXtAO
6w6bIrGqDNHcA6myczYrgrXUx66yn8C+lpakK0edCXDY2LD3aNNknMmeuDNiPlHl
SLac0Qvzy6xz/chYRcDtoGC2ZKe7iY9s++d8bu0i19SlN1MGPsU7eXQX5Ydh/HmA
UqYNG3rVa5kVJJt3Ap8KGG7C2jMrdLEJ1tSIaZi1ZUgdQatYFF3CVKKykYB4kv2m
QFp74RYMdAIPk79fE+X57/67Uzy9lDC0dryZvLYH58AuQECQvb11QL1M0qIpGCll
UlZl0CTmdLac9v2a0yf2BHERwNwMKMZLk1FwlzQdtiQnTfwHB+h6xTW68aojAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUcpt8tihBwA8zZN/4HYMz30Ct4BwwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDAwMDM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABbWB
AwQAtdf1AwQAv2DFAwQAv2U5AwQAwR8qMA0GCSqGSIb3DQEBCwUAA4IBAQCCBTHw
B86wJReiZRWXd+tUvh+w1LSVrYLM/orIZx1bWz1KPQoYtBkMTuX5VXmhxJHdLVFw
LP+P8BWB/EfhMcq3ycJeBFa+O1WUmot2NTljHI7IRiqTamC9t6dJRidF9tYBEkDY
v/jgUFVAvpRI7uCWEf2iJ6EfatXMQTPDtULwGjTx1PJao+P23Yz0gdvPBcWLrEFv
pqAIxvBsowYql6gMQ9N9O3cyzQbZDQBSoY/HXLmEOkFRcCwbYdUEk0weFvPBnMoN
sR5oysS/srfmfFH7Y2hGvlFAyFa8YfMwU247XgL8wd/kfMVWWeWvkFIakcbCWIVP
6N3jYEXGc+eQuxJZ
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:18:59 2025 by rpki-client