Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: 8gSZMI90PRq0Wmeo7Tm5q7RsAY3GCfdpbcT1sPJ6zR0=
Subject key identifier: 05:D7:76:CC:1A:8C:53:D0:B7:DC:E8:E0:77:C3:37:1C:C8:D7:F2:E8
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 1F60A12A5C8D97C57EF3A7A7D9994B7774875C87
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS40676.roa
Signing time: Fri 15 Nov 2024 00:00:17 +0000
ROA not before: Thu 14 Nov 2024 23:55:17 +0000
ROA not after: Fri 14 Nov 2025 00:00:17 +0000
asID: 40676
IP address blocks: 179.61.238.0/24 maxlen: 24
181.215.74.0/24 maxlen: 24
181.215.75.0/24 maxlen: 24
181.215.76.0/24 maxlen: 24
181.215.77.0/24 maxlen: 24
181.215.121.0/24 maxlen: 24
181.215.122.0/24 maxlen: 24
181.215.123.0/24 maxlen: 24
191.101.7.0/24 maxlen: 24
191.101.44.0/22 maxlen: 24
191.101.64.0/24 maxlen: 24
191.101.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:60:a1:2a:5c:8d:97:c5:7e:f3:a7:a7:d9:99:4b:77:74:87:5c:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Nov 14 23:55:17 2024 GMT
Not After : Nov 14 00:00:17 2025 GMT
Subject: CN=05D776CC1A8C53D0B7DCE8E077C3371CC8D7F2E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:27:13:41:70:d1:c2:88:99:8d:3a:9a:10:73:
11:1c:0f:db:3e:51:1f:6a:c7:e8:40:ff:df:cd:1a:
3b:0b:4a:91:db:96:94:cb:3c:0d:a2:48:e7:50:69:
f6:16:90:5d:b4:82:97:03:64:1f:04:ea:6c:0c:fc:
9b:e1:ff:c6:25:94:90:92:3a:67:c4:68:93:1d:3e:
2a:01:ea:47:7d:df:9f:f5:40:ce:b7:a5:0e:0f:ee:
7b:ec:e6:3c:9e:35:da:76:bb:19:22:32:e1:62:ba:
33:a4:f0:d0:db:1a:97:a2:d0:62:bd:74:14:aa:28:
0b:78:ff:f1:b5:07:f3:59:41:6f:20:42:a1:c3:2f:
ac:63:c0:33:e8:a2:2f:51:39:56:9f:07:c0:0f:fe:
45:5c:5c:31:21:04:cf:2a:69:46:fa:a9:a3:06:33:
40:54:9a:1d:e2:15:47:68:a9:bf:1c:a7:b6:5d:00:
ae:c5:bc:96:90:8c:7b:52:3a:2f:df:0d:46:66:a6:
d7:9f:11:3c:64:f2:f6:a2:f5:38:d5:af:98:f2:7a:
33:48:bf:50:db:d1:74:75:29:1d:cc:16:4f:be:fe:
89:d7:e1:ea:68:8e:81:32:41:22:95:48:59:40:75:
9f:c4:ae:d1:8e:79:84:ca:4c:16:59:39:b8:22:2a:
4c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:D7:76:CC:1A:8C:53:D0:B7:DC:E8:E0:77:C3:37:1C:C8:D7:F2:E8
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.238.0/24
181.215.74.0-181.215.77.255
181.215.121.0-181.215.123.255
191.101.7.0/24
191.101.44.0/22
191.101.64.0/24
191.101.68.0/24
Signature Algorithm: sha256WithRSAEncryption
71:ed:bc:69:fd:2d:fe:2c:16:7a:59:04:74:32:31:53:0e:2c:
32:6a:f8:bb:b0:b1:28:76:68:da:0a:76:5f:12:a3:87:0a:90:
ff:62:1e:43:01:c3:69:56:88:19:12:4e:f1:2b:ad:fb:b4:2b:
06:46:29:13:49:88:24:a1:1b:b1:a1:40:93:f6:b4:40:cf:c6:
ce:ec:cf:a2:b3:af:f7:43:05:41:41:ca:3b:5a:1c:a9:ce:31:
01:cf:33:9e:5b:98:a4:de:8d:4c:61:a2:f3:61:36:5b:28:dd:
f2:6d:ad:4f:9e:e1:e5:50:cf:a5:0d:fc:3d:a6:20:3e:d1:b5:
0f:2a:59:79:f8:da:83:c6:6b:6d:c4:0d:a1:96:b8:a6:08:db:
73:1c:64:c2:2c:3c:2a:19:a9:26:e3:4c:c2:de:89:cd:11:7f:
d6:ed:de:5e:8e:7f:66:3d:15:73:f8:e3:9c:b9:e6:66:ad:bf:
eb:6d:51:b4:4a:3c:fb:43:f4:2c:3d:18:e8:3e:66:c2:9c:c3:
8c:5f:0a:4f:c5:26:08:19:cf:08:b9:3a:ea:f9:3b:7e:bd:32:
c1:3f:d6:64:2d:6a:53:b7:e1:76:7f:8e:d6:83:03:82:80:52:
6b:18:b5:54:6b:63:7a:0b:ca:fc:bb:6a:ce:d1:aa:1f:d5:32:
45:72:1f:06
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUH2ChKlyNl8V+86en2ZlLd3SHXIcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDExMTQyMzU1MTdaFw0yNTExMTQwMDAwMTdaMDMxMTAvBgNV
BAMTKDA1RDc3NkNDMUE4QzUzRDBCN0RDRThFMDc3QzMzNzFDQzhEN0YyRTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSJxNBcNHCiJmNOpoQcxEcD9s+
UR9qx+hA/9/NGjsLSpHblpTLPA2iSOdQafYWkF20gpcDZB8E6mwM/Jvh/8YllJCS
OmfEaJMdPioB6kd935/1QM63pQ4P7nvs5jyeNdp2uxkiMuFiujOk8NDbGpei0GK9
dBSqKAt4//G1B/NZQW8gQqHDL6xjwDPooi9ROVafB8AP/kVcXDEhBM8qaUb6qaMG
M0BUmh3iFUdoqb8cp7ZdAK7FvJaQjHtSOi/fDUZmptefETxk8vai9TjVr5jyejNI
v1Db0XR1KR3MFk++/onX4epojoEyQSKVSFlAdZ/ErtGOeYTKTBZZObgiKkxbAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUBdd2zBqMU9C33Ojgd8M3HMjX8ugwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwUwYIKwYBBQUHAQcBAf8ERDBCMEAEAgABMDoDBACzPe4w
DAMEAbXXSgMEAbXXTDAMAwQAtdd5AwQCtdd4AwQAv2UHAwQCv2UsAwQAv2VAAwQA
v2VEMA0GCSqGSIb3DQEBCwUAA4IBAQBx7bxp/S3+LBZ6WQR0MjFTDiwyavi7sLEo
dmjaCnZfEqOHCpD/Yh5DAcNpVogZEk7xK637tCsGRikTSYgkoRuxoUCT9rRAz8bO
7M+is6/3QwVBQco7WhypzjEBzzOeW5ik3o1MYaLzYTZbKN3yba1PnuHlUM+lDfw9
piA+0bUPKll5+NqDxmttxA2hlrimCNtzHGTCLDwqGakm40zC3onNEX/W7d5ejn9m
PRVz+OOcueZmrb/rbVG0Sjz7Q/QsPRjoPmbCnMOMXwpPxSYIGc8IuTrq+Tt+vTLB
P9ZkLWpTt+F2f47WgwOCgFJrGLVUa2N6C8r8u2rO0aof1TJFch8G
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:12 2024 by rpki-client on console-fra.rpki-client.org