Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS45671.roa
File: AS45671.roa (raw, json)
Hash identifier: NveR+4EMQLg37vO2oNqiuLkBQ8eQloPwFp8armVdPyQ=
Subject key identifier: 1B:5F:D5:7A:66:F2:24:C9:E5:72:54:65:22:85:F2:08:13:07:CE:1B
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 48292723BC3932AFBD0F250A42CC824029DF7D4A
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS45671.roa
Signing time: Wed 31 Jan 2024 08:05:10 +0000
ROA not before: Wed 31 Jan 2024 08:00:10 +0000
ROA not after: Wed 29 Jan 2025 08:05:10 +0000
asID: 45671
IP address blocks: 179.61.228.0/24 maxlen: 24
179.61.240.0/24 maxlen: 24
181.214.17.0/24 maxlen: 24
181.214.43.0/24 maxlen: 24
181.214.112.0/24 maxlen: 24
181.214.162.0/24 maxlen: 24
181.214.163.0/24 maxlen: 24
181.214.174.0/24 maxlen: 24
181.215.168.0/24 maxlen: 24
191.101.37.0/24 maxlen: 24
191.101.141.0/24 maxlen: 24
191.101.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 08:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:29:27:23:bc:39:32:af:bd:0f:25:0a:42:cc:82:40:29:df:7d:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 31 08:00:10 2024 GMT
Not After : Jan 29 08:05:10 2025 GMT
Subject: CN=1B5FD57A66F224C9E57254652285F2081307CE1B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:32:52:d4:d7:f3:fb:27:03:eb:78:df:cc:09:
3f:da:df:e9:0b:1b:db:c0:0f:0b:c4:d1:f2:d0:b3:
09:d7:4a:67:42:8a:e0:0a:bb:05:98:ab:43:97:c7:
8c:6f:07:c3:2e:0c:43:ee:f9:d8:d6:1b:e8:bb:34:
a8:57:5c:53:da:8a:e1:1f:60:84:5d:1f:17:5c:b9:
d9:6e:18:44:4d:3e:fe:f2:b8:e1:bb:f0:0c:f5:27:
ea:80:5d:03:7d:ad:0b:f9:a1:48:0b:21:19:bb:e1:
11:e6:62:c7:62:35:29:0e:45:ba:0d:7a:76:43:4b:
ba:18:b1:c5:3b:59:9e:8c:42:39:aa:cd:a6:19:43:
53:cf:24:65:09:43:e8:91:19:a3:f6:d0:1f:da:2d:
30:34:99:68:8b:65:1b:b9:b7:a0:ea:21:b6:7b:fa:
3b:eb:bb:87:17:86:88:08:22:3d:41:fa:52:f2:fa:
46:86:be:03:5c:ed:1f:21:b6:07:dc:be:44:d7:8a:
c7:df:47:af:da:79:af:f9:62:bb:7f:ef:85:d5:ab:
d6:65:ee:67:94:cf:4e:f0:9c:39:6d:d1:cf:75:75:
c9:50:18:23:d7:a5:9b:bf:0c:9c:6c:08:ed:9c:ea:
a1:85:f9:cb:50:61:60:cf:60:fb:97:dc:35:15:18:
61:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:5F:D5:7A:66:F2:24:C9:E5:72:54:65:22:85:F2:08:13:07:CE:1B
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS45671.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.228.0/24
179.61.240.0/24
181.214.17.0/24
181.214.43.0/24
181.214.112.0/24
181.214.162.0/23
181.214.174.0/24
181.215.168.0/24
191.101.37.0/24
191.101.141.0/24
191.101.161.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:04:25:72:a8:30:c1:d3:c8:a6:fb:26:53:2f:b2:42:ef:1c:
89:d0:40:e3:f6:c3:56:c4:a5:1c:11:f1:e9:f6:6c:59:21:27:
ea:eb:11:de:62:44:b7:99:2f:54:08:8d:4e:e6:1e:59:83:d1:
bd:17:ea:a0:93:15:ae:26:89:93:09:6b:e3:76:0a:22:1c:80:
cc:2c:73:f9:20:0d:34:3b:58:38:d8:4d:29:49:63:49:87:b8:
7c:6a:09:63:4c:a1:5b:b4:b0:f5:58:db:2e:59:72:c4:43:bf:
a8:47:73:0f:78:3a:8e:6a:25:5f:cc:f1:91:7c:69:79:a9:e5:
17:15:fe:19:19:75:97:bf:9d:48:85:7a:21:cb:11:d2:a9:b6:
aa:df:6b:d7:6e:5b:b5:94:a5:d9:f2:8c:0e:01:50:82:cb:cb:
d1:fa:76:9a:d3:2c:a8:c9:0c:8b:72:b2:d4:92:30:47:ac:87:
37:7e:29:cd:74:bb:c1:17:ad:c8:da:14:b0:8f:42:a0:7c:b3:
11:c6:6d:91:dc:bb:da:bb:27:38:61:37:46:b4:e8:ff:98:3c:
61:f4:d3:b4:9e:4e:7a:4c:a2:9d:9c:bb:c3:6d:c8:70:ee:b4:
54:41:67:6d:8a:34:d0:9a:9f:91:43:3c:e2:44:86:6e:24:c9:
fd:1e:75:46
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIUSCknI7w5Mq+9DyUKQsyCQCnffUowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAxMzEwODAwMTBaFw0yNTAxMjkwODA1MTBaMDMxMTAvBgNV
BAMTKDFCNUZENTdBNjZGMjI0QzlFNTcyNTQ2NTIyODVGMjA4MTMwN0NFMUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrMlLU1/P7JwPreN/MCT/a3+kL
G9vADwvE0fLQswnXSmdCiuAKuwWYq0OXx4xvB8MuDEPu+djWG+i7NKhXXFPaiuEf
YIRdHxdcudluGERNPv7yuOG78Az1J+qAXQN9rQv5oUgLIRm74RHmYsdiNSkORboN
enZDS7oYscU7WZ6MQjmqzaYZQ1PPJGUJQ+iRGaP20B/aLTA0mWiLZRu5t6DqIbZ7
+jvru4cXhogIIj1B+lLy+kaGvgNc7R8htgfcvkTXisffR6/aea/5Yrt/74XVq9Zl
7meUz07wnDlt0c91dclQGCPXpZu/DJxsCO2c6qGF+ctQYWDPYPuX3DUVGGGJAgMB
AAGjggJFMIICQTAdBgNVHQ4EFgQUG1/VembyJMnlclRlIoXyCBMHzhswHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDU2NzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwWwYIKwYBBQUHAQcBAf8ETDBKMEgEAgABMEIDBACzPeQD
BACzPfADBAC11hEDBAC11isDBAC11nADBAG11qIDBAC11q4DBAC116gDBAC/ZSUD
BAC/ZY0DBAC/ZaEwDQYJKoZIhvcNAQELBQADggEBABsEJXKoMMHTyKb7JlMvskLv
HInQQOP2w1bEpRwR8en2bFkhJ+rrEd5iRLeZL1QIjU7mHlmD0b0X6qCTFa4miZMJ
a+N2CiIcgMwsc/kgDTQ7WDjYTSlJY0mHuHxqCWNMoVu0sPVY2y5ZcsRDv6hHcw94
Oo5qJV/M8ZF8aXmp5RcV/hkZdZe/nUiFeiHLEdKptqrfa9duW7WUpdnyjA4BUILL
y9H6dprTLKjJDItystSSMEeshzd+Kc10u8EXrcjaFLCPQqB8sxHGbZHcu9q7Jzhh
N0a06P+YPGH007SeTnpMop2cu8NtyHDutFRBZ22KNNCan5FDPOJEhm4kyf0edUY=
-----END CERTIFICATE-----
Generated at Fri Apr 26 12:40:27 2024 by rpki-client on console-ams.rpki-client.org