Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400040.roa
File: AS400040.roa (raw, json)
Hash identifier: US4jftG3is18hZVUEWNGqVJYlsQdXB+aLarn7IiQY98=
Subject key identifier: 95:DC:5C:60:53:86:0C:3F:17:54:75:98:6C:35:B6:79:1C:01:8E:44
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5A49F761833258820E48A69B9F11532499C351AD
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400040.roa
Signing time: Wed 31 Jan 2024 08:05:09 +0000
ROA not before: Wed 31 Jan 2024 08:00:09 +0000
ROA not after: Wed 29 Jan 2025 08:05:09 +0000
asID: 400040
IP address blocks: 149.62.40.0/24 maxlen: 24
181.214.84.0/24 maxlen: 24
181.215.198.0/24 maxlen: 24
191.96.61.0/24 maxlen: 24
191.96.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 02:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:49:f7:61:83:32:58:82:0e:48:a6:9b:9f:11:53:24:99:c3:51:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 31 08:00:09 2024 GMT
Not After : Jan 29 08:05:09 2025 GMT
Subject: CN=95DC5C6053860C3F175475986C35B6791C018E44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:ab:c8:77:a5:2f:54:67:a2:6e:2a:2c:16:b5:
14:bf:5a:4b:4d:95:fa:59:49:91:b2:68:32:f7:f0:
b5:d5:e6:ea:6c:ac:3e:97:12:cd:a6:aa:37:39:70:
a4:c6:b4:67:72:ca:7b:9d:db:a6:e5:df:3e:82:ed:
22:b2:98:34:84:ef:b2:88:2f:fc:b8:b8:2e:45:bb:
af:7d:7b:f7:ba:98:7e:1d:f4:46:78:bd:e1:13:82:
cc:09:f7:95:f7:fe:d3:4f:7f:08:a9:1f:00:9f:c0:
58:93:44:6c:8c:9c:63:5f:3b:74:64:ae:73:73:30:
ad:24:2c:d5:dd:c4:72:d5:ed:c2:a8:b1:19:8f:f5:
91:00:e3:36:dd:f9:74:7f:ce:93:a7:a7:22:b7:d3:
6a:99:f6:57:45:b2:07:0a:8d:15:99:7e:69:ab:e5:
2e:ab:12:bf:b0:a6:ac:1a:63:4f:e8:25:d0:c0:03:
41:72:87:42:8f:27:b9:66:36:ae:14:a3:c6:5f:a1:
07:ed:ac:b3:f5:df:bd:3b:25:d0:35:7c:9d:d0:38:
94:75:75:c8:e8:fd:36:f4:81:41:e7:72:92:9b:00:
f8:fb:fe:b4:c1:bc:5e:c6:ab:51:fc:f5:ec:93:33:
24:12:0b:a5:9a:65:62:ea:1b:fc:0d:30:84:5f:0b:
ec:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:DC:5C:60:53:86:0C:3F:17:54:75:98:6C:35:B6:79:1C:01:8E:44
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400040.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.62.40.0/24
181.214.84.0/24
181.215.198.0/24
191.96.61.0/24
191.96.223.0/24
Signature Algorithm: sha256WithRSAEncryption
95:29:a1:db:21:80:e8:a0:0f:e6:f3:af:91:25:db:6e:00:30:
09:11:b6:a1:c3:e1:de:f0:8b:11:e8:f3:f9:42:08:db:3e:8c:
44:d2:b8:c5:ee:12:f0:ab:d2:3d:be:83:f2:c1:5d:31:ab:c8:
d4:81:8c:d8:9d:cc:01:44:05:ac:7f:c9:35:a1:5b:c4:1c:2c:
8a:3e:a4:2e:2a:0a:75:c9:c3:0e:93:37:03:c8:39:f0:a6:dd:
c6:72:9c:de:08:8d:a1:61:34:cc:15:75:bf:97:be:38:6a:34:
40:e3:db:8c:bf:67:a3:2c:34:d9:8a:c5:3f:3a:95:c6:b6:9f:
4c:19:a4:d6:00:57:e2:10:83:7a:53:d8:a9:8c:af:32:cc:09:
45:66:ae:7e:27:d2:ce:4c:69:e2:f5:31:c2:f2:1e:5b:27:f6:
32:dd:a6:a4:cc:e3:53:fe:74:32:d5:c1:62:ab:f5:2e:40:b0:
14:40:e5:e1:0a:7e:e6:b6:23:40:75:36:b6:88:4a:2d:d7:07:
03:6e:ae:e6:2c:0b:42:e6:0e:ac:38:55:3a:17:5b:9c:a1:51:
ab:d9:14:eb:c6:41:56:e6:fe:bf:e9:50:a0:00:3d:1e:a8:79:
b0:cd:1e:01:56:32:cc:da:9e:f3:fe:d8:8c:94:c4:63:2b:61:
33:3b:b2:90
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUWkn3YYMyWIIOSKabnxFTJJnDUa0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAxMzEwODAwMDlaFw0yNTAxMjkwODA1MDlaMDMxMTAvBgNV
BAMTKDk1REM1QzYwNTM4NjBDM0YxNzU0NzU5ODZDMzVCNjc5MUMwMThFNDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtq8h3pS9UZ6JuKiwWtRS/WktN
lfpZSZGyaDL38LXV5upsrD6XEs2mqjc5cKTGtGdyynud26bl3z6C7SKymDSE77KI
L/y4uC5Fu699e/e6mH4d9EZ4veETgswJ95X3/tNPfwipHwCfwFiTRGyMnGNfO3Rk
rnNzMK0kLNXdxHLV7cKosRmP9ZEA4zbd+XR/zpOnpyK302qZ9ldFsgcKjRWZfmmr
5S6rEr+wpqwaY0/oJdDAA0Fyh0KPJ7lmNq4Uo8ZfoQftrLP13707JdA1fJ3QOJR1
dcjo/Tb0gUHncpKbAPj7/rTBvF7Gq1H89eyTMyQSC6WaZWLqG/wNMIRfC+wHAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUldxcYFOGDD8XVHWYbDW2eRwBjkQwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDAwMDQwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAlT4o
AwQAtdZUAwQAtdfGAwQAv2A9AwQAv2DfMA0GCSqGSIb3DQEBCwUAA4IBAQCVKaHb
IYDooA/m86+RJdtuADAJEbahw+He8IsR6PP5QgjbPoxE0rjF7hLwq9I9voPywV0x
q8jUgYzYncwBRAWsf8k1oVvEHCyKPqQuKgp1ycMOkzcDyDnwpt3GcpzeCI2hYTTM
FXW/l744ajRA49uMv2ejLDTZisU/OpXGtp9MGaTWAFfiEIN6U9ipjK8yzAlFZq5+
J9LOTGni9THC8h5bJ/Yy3aakzONT/nQy1cFiq/UuQLAUQOXhCn7mtiNAdTa2iEot
1wcDbq7mLAtC5g6sOFU6F1ucoVGr2RTrxkFW5v6/6VCgAD0eqHmwzR4BVjLM2p7z
/tiMlMRjK2EzO7KQ
-----END CERTIFICATE-----
Generated at Wed Apr 24 07:49:51 2024 by rpki-client on console-ams.rpki-client.org