Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS43289.roa
File: AS43289.roa (raw, json)
Hash identifier: IjKZXjxz22T9kcywzYJ04ysesGei/ipqiV/7L/+GiaM=
Subject key identifier: 5E:F9:AD:44:9D:C0:49:4C:0F:7D:38:A9:6C:F4:78:95:E4:91:69:97
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 19956E5BEB4B3ACBAA2F89D698D5469124ED41FB
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS43289.roa
Signing time: Wed 24 Apr 2024 05:46:03 +0000
ROA not before: Wed 24 Apr 2024 05:41:03 +0000
ROA not after: Wed 23 Apr 2025 05:46:03 +0000
asID: 43289
IP address blocks: 181.214.71.0/24 maxlen: 24
181.214.95.0/24 maxlen: 24
181.214.127.0/24 maxlen: 24
181.214.131.0/24 maxlen: 24
181.214.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:95:6e:5b:eb:4b:3a:cb:aa:2f:89:d6:98:d5:46:91:24:ed:41:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 24 05:41:03 2024 GMT
Not After : Apr 23 05:46:03 2025 GMT
Subject: CN=5EF9AD449DC0494C0F7D38A96CF47895E4916997
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e4:03:03:08:50:b0:67:bf:8e:92:3c:9f:60:
91:b2:9d:76:b0:d2:6c:26:11:4d:34:ff:f6:f2:84:
1b:31:04:98:95:09:fc:a2:81:ff:9b:a7:de:a4:a9:
84:d1:22:25:3c:45:c6:3a:68:eb:2e:2d:94:43:14:
37:bb:a3:c4:d0:bf:cc:8a:a5:a2:45:cc:c3:1a:47:
70:f9:3a:01:7b:2a:b5:06:5f:58:8e:45:d9:f4:2b:
18:c0:20:f2:e8:e4:c0:cd:75:46:71:b5:c0:e5:dd:
84:0f:35:65:57:11:78:3e:06:b8:94:10:a1:d2:0d:
a6:ef:ae:aa:d4:f0:66:37:27:9f:eb:66:8f:1f:ba:
64:65:c0:c4:df:e2:49:5e:05:0b:99:b7:0a:1b:19:
42:a7:52:5b:a2:04:53:1f:a9:56:00:f9:0b:58:96:
42:19:13:7c:01:d4:f4:34:5f:5e:04:ba:4c:88:62:
c8:7c:51:01:e5:29:2f:0a:6a:3f:7e:f5:06:34:46:
7b:5a:81:17:e3:25:39:a6:f8:d2:66:91:2f:27:5e:
9d:b7:68:fc:0d:a7:9d:92:74:b9:b9:25:c1:c8:49:
4c:4b:bd:ba:bb:24:7f:75:2d:17:03:1e:2a:2d:d6:
73:e9:47:de:89:24:34:22:83:95:ce:62:88:9d:4a:
84:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F9:AD:44:9D:C0:49:4C:0F:7D:38:A9:6C:F4:78:95:E4:91:69:97
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS43289.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.71.0/24
181.214.95.0/24
181.214.127.0/24
181.214.131.0/24
181.214.204.0/24
Signature Algorithm: sha256WithRSAEncryption
94:41:8f:1a:b9:99:d9:ee:aa:6b:7d:73:4e:67:0d:f9:0d:72:
f3:35:51:12:04:84:0c:5b:7c:60:91:1f:06:05:85:2a:44:76:
7c:78:37:bc:ea:e0:cf:d6:aa:0a:2d:7a:3c:0f:29:0e:aa:7d:
95:84:9f:c2:77:d6:ae:28:d4:bf:90:c8:17:be:ae:c5:53:64:
48:58:e8:e0:c9:14:de:7f:93:cc:ab:c6:05:49:ea:b6:9d:03:
01:39:1f:6d:d9:9e:dc:e3:9d:86:5b:b5:02:d4:e5:96:8b:5e:
84:7a:a6:98:ea:68:00:40:47:21:42:7f:f0:8a:c9:5e:c1:8b:
84:c6:6f:15:86:c8:77:00:ea:44:2e:3b:12:3d:d4:2f:86:63:
ef:df:f6:e9:de:3d:f3:c5:3d:62:24:f8:60:ce:16:2a:a5:2c:
99:26:d7:7f:e5:55:4a:b4:39:0f:4a:e1:b0:94:4a:8b:d4:55:
75:ec:1a:d2:6f:a6:f2:16:9d:72:5a:ea:8c:7b:17:6c:12:d4:
dd:63:bf:62:75:74:0f:31:89:b4:e2:f8:98:93:ca:ea:d0:85:
74:d4:5e:08:49:91:f2:5a:52:8a:c4:57:d4:f9:aa:05:f9:46:
d0:15:93:95:c0:81:0f:e0:e7:37:4a:43:3c:ba:c2:23:ae:d8:
cb:1a:1f:68
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUGZVuW+tLOsuqL4nWmNVGkSTtQfswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA0MjQwNTQxMDNaFw0yNTA0MjMwNTQ2MDNaMDMxMTAvBgNV
BAMTKDVFRjlBRDQ0OURDMDQ5NEMwRjdEMzhBOTZDRjQ3ODk1RTQ5MTY5OTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY5AMDCFCwZ7+OkjyfYJGynXaw
0mwmEU00//byhBsxBJiVCfyigf+bp96kqYTRIiU8RcY6aOsuLZRDFDe7o8TQv8yK
paJFzMMaR3D5OgF7KrUGX1iORdn0KxjAIPLo5MDNdUZxtcDl3YQPNWVXEXg+BriU
EKHSDabvrqrU8GY3J5/rZo8fumRlwMTf4kleBQuZtwobGUKnUluiBFMfqVYA+QtY
lkIZE3wB1PQ0X14EukyIYsh8UQHlKS8Kaj9+9QY0RntagRfjJTmm+NJmkS8nXp23
aPwNp52SdLm5JcHISUxLvbq7JH91LRcDHiot1nPpR96JJDQig5XOYoidSoQDAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUXvmtRJ3ASUwPfTipbPR4leSRaZcwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDMyODkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBAC11kcD
BAC11l8DBAC11n8DBAC11oMDBAC11swwDQYJKoZIhvcNAQELBQADggEBAJRBjxq5
mdnuqmt9c05nDfkNcvM1URIEhAxbfGCRHwYFhSpEdnx4N7zq4M/WqgotejwPKQ6q
fZWEn8J31q4o1L+QyBe+rsVTZEhY6ODJFN5/k8yrxgVJ6radAwE5H23ZntzjnYZb
tQLU5ZaLXoR6ppjqaABARyFCf/CKyV7Bi4TGbxWGyHcA6kQuOxI91C+GY+/f9une
PfPFPWIk+GDOFiqlLJkm13/lVUq0OQ9K4bCUSovUVXXsGtJvpvIWnXJa6ox7F2wS
1N1jv2J1dA8xibTi+JiTyurQhXTUXghJkfJaUorEV9T5qgX5RtAVk5XAgQ/g5zdK
Qzy6wiOu2MsaH2g=
-----END CERTIFICATE-----
Generated at Thu May 9 19:13:40 2024 by rpki-client on console-ams.rpki-client.org