Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS49901.roa
File: AS49901.roa (raw, json)
Hash identifier: CU+J+FxLhkDLa1zzHjWkpLFOTgKvShDDMhz1ai7TXWg=
Subject key identifier: FA:8E:EA:D4:F8:74:FC:08:EE:95:0E:0D:85:1C:47:C8:2A:2E:37:D9
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 4AB660B87101AEDA8453F7C3C8491A829EB75196
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS49901.roa
Signing time: Fri 03 Nov 2023 13:33:01 +0000
ROA not before: Fri 03 Nov 2023 13:28:01 +0000
ROA not after: Fri 01 Nov 2024 13:33:01 +0000
asID: 49901
IP address blocks: 191.96.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:b6:60:b8:71:01:ae:da:84:53:f7:c3:c8:49:1a:82:9e:b7:51:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Nov 3 13:28:01 2023 GMT
Not After : Nov 1 13:33:01 2024 GMT
Subject: CN=FA8EEAD4F874FC08EE950E0D851C47C82A2E37D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:91:9b:f4:9f:3d:bf:89:74:77:f6:8c:d3:2b:
2d:94:3e:b2:51:4d:49:c6:68:eb:9f:1f:b0:93:e3:
1a:ef:18:f9:bc:ac:46:41:b8:4c:ec:e9:a8:11:91:
98:59:56:8d:6a:eb:9b:45:46:7b:33:f5:0b:c5:14:
69:7d:cf:62:d0:ea:41:bc:1d:35:ce:22:a4:17:dc:
fb:3c:67:74:5a:f7:33:58:cb:1b:0c:ab:67:20:0f:
06:79:63:6e:f5:7e:c4:7a:2d:8a:95:96:6c:be:98:
19:08:ad:ad:ca:aa:ab:07:47:fb:36:da:a7:7a:78:
0b:18:61:9a:92:68:ef:01:67:be:c8:0e:d5:0a:0c:
52:df:5c:96:23:90:ec:f2:15:9a:04:be:c7:cf:95:
ad:6a:bb:86:15:18:69:d1:5e:22:8e:9e:97:5a:6e:
2e:55:1c:82:a9:20:36:2d:d9:eb:0b:ad:84:db:b9:
6f:93:22:d5:1b:f8:44:eb:29:66:1b:42:44:5d:6c:
9b:93:e3:29:8e:fd:2f:21:ca:31:ef:bb:39:a2:1a:
58:26:5e:bc:73:45:70:cf:7c:c6:08:35:57:e8:a1:
73:f8:cd:95:4d:bf:a9:8e:d8:da:0e:4c:66:4f:96:
57:9d:d2:57:9a:fe:9c:0c:4c:44:56:26:48:33:4d:
e5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:8E:EA:D4:F8:74:FC:08:EE:95:0E:0D:85:1C:47:C8:2A:2E:37:D9
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS49901.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.29.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:77:5e:21:ef:c6:4f:32:1e:eb:c1:0f:48:9d:3e:bf:73:58:
ff:b9:e1:51:c9:65:7a:3c:2d:8c:dd:58:8f:bf:b5:09:22:27:
89:fd:34:d5:b8:b3:41:ea:59:7c:c2:7c:7e:de:80:77:6a:85:
56:ba:04:22:e1:01:5a:8c:d4:0f:7c:11:b3:0d:cd:46:eb:59:
0f:dc:ef:22:3b:f2:28:25:cf:1d:19:b5:f7:ee:1a:91:12:9f:
49:fd:c2:cb:16:d3:a7:45:4c:3d:f8:f1:ae:d7:69:3e:06:97:
41:a3:3b:b6:14:8e:9c:7b:7f:c3:25:e8:37:cb:d2:4c:20:77:
2a:2d:76:32:35:fa:24:ae:46:ed:78:6f:68:94:69:6f:59:b7:
2b:3c:5e:1c:ab:a2:8e:cc:2f:23:9d:c1:d8:d3:97:db:49:5a:
a6:e7:63:cc:c4:b7:6d:83:fd:61:6a:86:24:7c:59:da:85:4d:
1f:26:62:9a:f8:f3:1e:ae:5c:ab:1a:01:0b:44:b4:9d:e2:8c:
a7:bd:78:39:78:c4:0d:69:7e:ec:37:59:c0:36:ce:55:55:99:
22:9b:5e:f1:b1:c6:4a:7e:93:53:a8:6d:e9:53:54:5c:c1:ca:
af:42:37:db:15:95:0d:a8:7e:b9:5c:5e:ea:84:2a:fb:5a:de:
06:a5:f8:f7
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUSrZguHEBrtqEU/fDyEkagp63UZYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzExMDMxMzI4MDFaFw0yNDExMDExMzMzMDFaMDMxMTAvBgNV
BAMTKEZBOEVFQUQ0Rjg3NEZDMDhFRTk1MEUwRDg1MUM0N0M4MkEyRTM3RDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUkZv0nz2/iXR39ozTKy2UPrJR
TUnGaOufH7CT4xrvGPm8rEZBuEzs6agRkZhZVo1q65tFRnsz9QvFFGl9z2LQ6kG8
HTXOIqQX3Ps8Z3Ra9zNYyxsMq2cgDwZ5Y271fsR6LYqVlmy+mBkIra3KqqsHR/s2
2qd6eAsYYZqSaO8BZ77IDtUKDFLfXJYjkOzyFZoEvsfPla1qu4YVGGnRXiKOnpda
bi5VHIKpIDYt2esLrYTbuW+TItUb+ETrKWYbQkRdbJuT4ymO/S8hyjHvuzmiGlgm
XrxzRXDPfMYINVfooXP4zZVNv6mO2NoOTGZPlled0lea/pwMTERWJkgzTeWzAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU+o7q1Ph0/AjulQ4NhRxHyCouN9kwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDk5MDEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC/YB0w
DQYJKoZIhvcNAQELBQADggEBAJt3XiHvxk8yHuvBD0idPr9zWP+54VHJZXo8LYzd
WI+/tQkiJ4n9NNW4s0HqWXzCfH7egHdqhVa6BCLhAVqM1A98EbMNzUbrWQ/c7yI7
8iglzx0ZtffuGpESn0n9wssW06dFTD348a7XaT4Gl0GjO7YUjpx7f8Ml6DfL0kwg
dyotdjI1+iSuRu14b2iUaW9Ztys8Xhyroo7MLyOdwdjTl9tJWqbnY8zEt22D/WFq
hiR8WdqFTR8mYpr48x6uXKsaAQtEtJ3ijKe9eDl4xA1pfuw3WcA2zlVVmSKbXvGx
xkp+k1OobelTVFzByq9CN9sVlQ2ofrlcXuqEKvta3gal+Pc=
-----END CERTIFICATE-----
Generated at Fri May 10 02:01:24 2024 by rpki-client on console-ams.rpki-client.org