Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400040.roa
File: AS400040.roa (raw, json)
Hash identifier: UatdZIakfBI+3VeiLOAIeZknQJ4c3mACI/o55eDTG9w=
Subject key identifier: 2E:2A:6B:5D:EE:3E:7B:E0:2F:9E:EF:F5:7E:64:58:FF:C0:AF:EA:A2
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 4016FCE29957C9CDCDE9501E7E964236394728C1
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400040.roa
Signing time: Wed 01 Mar 2023 07:08:18 +0000
ROA not before: Wed 01 Mar 2023 07:03:18 +0000
ROA not after: Wed 28 Feb 2024 07:08:18 +0000
asID: 400040
IP address blocks: 149.62.40.0/24 maxlen: 24
181.214.84.0/24 maxlen: 24
181.215.198.0/24 maxlen: 24
191.96.61.0/24 maxlen: 24
191.96.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Jul 2023 14:08:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:16:fc:e2:99:57:c9:cd:cd:e9:50:1e:7e:96:42:36:39:47:28:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 1 07:03:18 2023 GMT
Not After : Feb 28 07:08:18 2024 GMT
Subject: CN=2E2A6B5DEE3E7BE02F9EEFF57E6458FFC0AFEAA2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d1:d2:c0:48:63:b6:07:c5:4f:f8:df:69:a3:
ba:f5:50:82:f7:74:a1:94:d3:e3:06:94:72:27:ae:
26:7c:8a:92:19:03:26:75:f4:0a:5c:bd:3a:03:bb:
25:7b:dd:ab:f0:60:9a:cb:25:7a:3c:de:c0:27:2b:
97:26:b1:84:f4:63:c3:66:4d:77:1d:2f:a0:62:3e:
ee:2b:e8:b1:fd:dd:d6:51:be:a9:a4:15:f6:87:01:
7b:7b:8d:46:02:e4:06:7e:e3:9d:a7:ba:f2:ba:41:
89:e8:43:96:03:7a:6a:0b:23:a6:d3:d1:02:23:45:
17:04:cb:40:6a:ad:3f:f3:24:5b:d2:1c:03:90:8c:
65:85:bf:35:6c:f9:d1:66:24:4e:aa:52:c1:6c:c3:
49:48:e8:a1:ff:11:94:7a:ea:1c:25:a6:57:43:83:
06:19:d1:2a:ef:89:c4:05:51:a2:81:58:f2:b8:a8:
e8:82:fc:3a:f3:55:92:8e:1c:00:96:f0:b0:76:0d:
a8:39:69:ce:22:18:29:66:98:ef:aa:c4:ce:0e:98:
32:f5:92:42:b5:94:4a:72:1f:56:03:99:6a:5d:db:
6c:a2:7a:f3:18:fa:b9:f5:0f:5f:75:13:af:4b:59:
64:d3:57:17:b3:36:e7:3b:2d:8d:bb:c4:2f:a5:9c:
b6:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:2A:6B:5D:EE:3E:7B:E0:2F:9E:EF:F5:7E:64:58:FF:C0:AF:EA:A2
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400040.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.62.40.0/24
181.214.84.0/24
181.215.198.0/24
191.96.61.0/24
191.96.223.0/24
Signature Algorithm: sha256WithRSAEncryption
36:ec:50:dc:da:49:58:6e:4a:e5:4c:6e:54:6c:10:4e:00:97:
e4:39:c1:ff:17:5b:df:cb:71:4c:65:45:79:11:5b:8a:93:38:
03:be:42:6f:08:e4:b4:58:12:cb:26:4d:c7:05:60:71:76:fe:
dd:17:cf:60:81:08:f1:ee:f1:fd:79:7f:82:a4:bd:0f:97:86:
76:6a:63:65:be:23:5d:f6:f0:bc:73:6b:52:90:8e:da:25:8e:
12:44:9c:8f:c1:3c:d9:c8:da:55:af:89:dc:84:68:48:cd:fa:
b4:e8:85:25:f2:d0:f6:93:a0:83:63:36:22:8f:d2:bf:9f:ca:
d1:b0:0f:69:ce:6b:8f:1c:88:4d:fc:27:27:9d:5d:60:fe:97:
a6:0a:70:ef:06:bd:ca:44:ed:cb:7c:ea:0c:38:91:51:28:52:
23:00:92:dc:92:fb:07:03:3b:30:4f:af:cc:c9:55:5f:38:03:
35:38:18:91:bf:a2:d8:ab:48:e4:91:35:1a:c3:17:68:6d:27:
50:6b:26:cb:99:cd:0b:07:0f:6c:02:23:be:6a:7d:a3:7c:ea:
b7:a9:94:37:28:f5:70:09:ea:19:46:66:c2:0e:e0:fd:5b:68:
0b:c3:14:e6:29:ca:54:ba:ea:72:8d:85:59:0a:bc:8a:78:b8:
91:22:76:25
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUQBb84plXyc3N6VAefpZCNjlHKMEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzAzMDEwNzAzMThaFw0yNDAyMjgwNzA4MThaMDMxMTAvBgNV
BAMTKDJFMkE2QjVERUUzRTdCRTAyRjlFRUZGNTdFNjQ1OEZGQzBBRkVBQTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq0dLASGO2B8VP+N9po7r1UIL3
dKGU0+MGlHInriZ8ipIZAyZ19ApcvToDuyV73avwYJrLJXo83sAnK5cmsYT0Y8Nm
TXcdL6BiPu4r6LH93dZRvqmkFfaHAXt7jUYC5AZ+452nuvK6QYnoQ5YDemoLI6bT
0QIjRRcEy0BqrT/zJFvSHAOQjGWFvzVs+dFmJE6qUsFsw0lI6KH/EZR66hwlpldD
gwYZ0SrvicQFUaKBWPK4qOiC/DrzVZKOHACW8LB2Dag5ac4iGClmmO+qxM4OmDL1
kkK1lEpyH1YDmWpd22yievMY+rn1D191E69LWWTTVxezNuc7LY27xC+lnLYtAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQULiprXe4+e+Avnu/1fmRY/8Cv6qIwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDAwMDQwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAlT4o
AwQAtdZUAwQAtdfGAwQAv2A9AwQAv2DfMA0GCSqGSIb3DQEBCwUAA4IBAQA27FDc
2klYbkrlTG5UbBBOAJfkOcH/F1vfy3FMZUV5EVuKkzgDvkJvCOS0WBLLJk3HBWBx
dv7dF89ggQjx7vH9eX+CpL0Pl4Z2amNlviNd9vC8c2tSkI7aJY4SRJyPwTzZyNpV
r4nchGhIzfq06IUl8tD2k6CDYzYij9K/n8rRsA9pzmuPHIhN/CcnnV1g/pemCnDv
Br3KRO3LfOoMOJFRKFIjAJLckvsHAzswT6/MyVVfOAM1OBiRv6LYq0jkkTUawxdo
bSdQaybLmc0LBw9sAiO+an2jfOq3qZQ3KPVwCeoZRmbCDuD9W2gLwxTmKcpUuupy
jYVZCryKeLiRInYl
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:21 2023 by rpki-client on console-fra.rpki-client.org