Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS45671.roa
File: AS45671.roa (raw, json)
Hash identifier: G9TiOw0xXxjWArVWAx8YWA28BeAKKg6iEt5dE05nJxU=
Subject key identifier: 89:8D:5C:22:2C:CC:2F:39:32:82:E9:DF:E9:C6:12:2A:AE:FE:E8:E5
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5733B135E3011A7FF60CBAAB4E7EA680EF30A881
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS45671.roa
Signing time: Wed 01 Jan 2025 08:53:50 +0000
ROA not before: Wed 01 Jan 2025 08:48:50 +0000
ROA not after: Wed 31 Dec 2025 08:53:50 +0000
asID: 45671
IP address blocks: 179.61.228.0/24 maxlen: 24
179.61.240.0/24 maxlen: 24
181.214.17.0/24 maxlen: 24
181.214.43.0/24 maxlen: 24
181.214.112.0/24 maxlen: 24
181.214.162.0/24 maxlen: 24
181.214.163.0/24 maxlen: 24
181.214.174.0/24 maxlen: 24
181.215.168.0/24 maxlen: 24
191.101.37.0/24 maxlen: 24
191.101.141.0/24 maxlen: 24
191.101.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:33:b1:35:e3:01:1a:7f:f6:0c:ba:ab:4e:7e:a6:80:ef:30:a8:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 1 08:48:50 2025 GMT
Not After : Dec 31 08:53:50 2025 GMT
Subject: CN=898D5C222CCC2F393282E9DFE9C6122AAEFEE8E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:77:40:fc:cc:bc:85:b4:51:22:10:8f:de:12:
dd:e1:3a:75:aa:e1:08:65:e3:19:da:46:d6:c6:9b:
24:e1:17:75:38:ce:c3:20:e2:b6:0d:74:f9:21:b2:
07:28:08:84:b9:94:d5:99:31:ee:73:2d:00:16:8d:
a6:91:fc:8b:c1:92:80:1c:d2:b5:30:e1:c7:28:5f:
00:43:e0:51:bb:4d:df:6f:9e:60:21:16:7c:27:8e:
17:17:a6:8b:4e:fa:34:13:1c:b5:d3:bc:c0:29:cb:
18:b0:d7:2c:36:4c:40:6d:a9:dc:5a:8c:62:1e:01:
84:a0:d3:f7:7a:f4:62:48:32:6f:fe:7c:1e:94:67:
2e:0d:9f:2f:67:29:7f:4d:82:69:fa:6b:b0:43:ec:
23:0a:22:ac:13:15:6c:e6:9c:41:cb:11:b5:ff:ef:
e4:8a:25:9a:0e:4c:51:d3:6f:2a:65:ca:d5:22:5f:
26:2a:a4:90:da:c0:4e:b8:91:b2:fe:77:71:72:72:
70:8c:02:04:83:5b:a3:9c:e3:50:59:6f:b1:5a:8b:
1a:d2:cb:44:a5:37:06:1e:3c:e6:1d:08:7a:a4:6b:
fe:12:e5:35:c8:0a:81:d8:6c:81:12:58:15:6b:b0:
a4:d4:ef:39:ca:8a:4a:1f:09:32:bc:0c:29:28:70:
0d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:8D:5C:22:2C:CC:2F:39:32:82:E9:DF:E9:C6:12:2A:AE:FE:E8:E5
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS45671.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.228.0/24
179.61.240.0/24
181.214.17.0/24
181.214.43.0/24
181.214.112.0/24
181.214.162.0/23
181.214.174.0/24
181.215.168.0/24
191.101.37.0/24
191.101.141.0/24
191.101.161.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:e9:f3:4f:5d:82:4f:17:ca:68:2b:11:69:08:4e:f9:4c:94:
5c:f8:69:d7:c2:b3:d9:3a:41:c1:cb:4f:fd:64:a4:d4:59:29:
e8:b6:f4:b0:fc:d8:5a:8b:c2:d1:49:27:9a:73:97:52:4a:69:
94:bc:7e:e1:7f:96:a0:e1:d0:43:16:6d:17:10:53:d0:a5:2a:
22:f7:7a:e0:f3:eb:db:c5:7e:b5:45:17:cd:94:8b:c0:e1:3d:
1d:a7:e3:0a:3b:0a:f2:57:2a:55:8a:f2:7b:96:60:26:7d:94:
66:bb:57:fe:d5:f0:9e:c8:46:d8:1a:e5:9f:b0:99:e7:8f:de:
97:5c:c3:54:7f:1f:04:19:c9:cb:33:25:30:5e:19:0c:c4:51:
f7:60:db:97:17:49:d0:53:d6:22:7c:40:8c:4e:74:4b:d0:67:
ff:11:0c:0b:31:53:79:c7:4d:13:f6:b6:7e:16:89:3a:db:f1:
c5:5a:70:e0:51:84:11:44:4e:8b:c9:3c:49:3d:af:cb:d4:2d:
87:99:33:87:e1:a8:7a:c4:e0:5b:ef:24:ea:ed:c0:c3:34:b3:
ee:68:a5:50:a2:4b:df:0d:0a:30:e1:5a:90:66:65:9b:d5:31:
0a:38:59:6f:e1:d2:85:5b:f4:36:d6:e1:ef:f8:31:65:d5:cd:
3f:57:06:ae
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIUVzOxNeMBGn/2DLqrTn6mgO8wqIEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAxMDEwODQ4NTBaFw0yNTEyMzEwODUzNTBaMDMxMTAvBgNV
BAMTKDg5OEQ1QzIyMkNDQzJGMzkzMjgyRTlERkU5QzYxMjJBQUVGRUU4RTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbd0D8zLyFtFEiEI/eEt3hOnWq
4Qhl4xnaRtbGmyThF3U4zsMg4rYNdPkhsgcoCIS5lNWZMe5zLQAWjaaR/IvBkoAc
0rUw4ccoXwBD4FG7Td9vnmAhFnwnjhcXpotO+jQTHLXTvMApyxiw1yw2TEBtqdxa
jGIeAYSg0/d69GJIMm/+fB6UZy4Nny9nKX9Ngmn6a7BD7CMKIqwTFWzmnEHLEbX/
7+SKJZoOTFHTbyplytUiXyYqpJDawE64kbL+d3FycnCMAgSDW6Oc41BZb7FaixrS
y0SlNwYePOYdCHqka/4S5TXICoHYbIESWBVrsKTU7znKikofCTK8DCkocA1jAgMB
AAGjggJFMIICQTAdBgNVHQ4EFgQUiY1cIizMLzkygunf6cYSKq7+6OUwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDU2NzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwWwYIKwYBBQUHAQcBAf8ETDBKMEgEAgABMEIDBACzPeQD
BACzPfADBAC11hEDBAC11isDBAC11nADBAG11qIDBAC11q4DBAC116gDBAC/ZSUD
BAC/ZY0DBAC/ZaEwDQYJKoZIhvcNAQELBQADggEBADvp809dgk8XymgrEWkITvlM
lFz4adfCs9k6QcHLT/1kpNRZKei29LD82FqLwtFJJ5pzl1JKaZS8fuF/lqDh0EMW
bRcQU9ClKiL3euDz69vFfrVFF82Ui8DhPR2n4wo7CvJXKlWK8nuWYCZ9lGa7V/7V
8J7IRtga5Z+wmeeP3pdcw1R/HwQZycszJTBeGQzEUfdg25cXSdBT1iJ8QIxOdEvQ
Z/8RDAsxU3nHTRP2tn4WiTrb8cVacOBRhBFETovJPEk9r8vULYeZM4fhqHrE4Fvv
JOrtwMM0s+5opVCiS98NCjDhWpBmZZvVMQo4WW/h0oVb9DbW4e/4MWXVzT9XBq4=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:30:22 2025 by rpki-client