Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS7018.roa
File: AS7018.roa (raw, json)
Hash identifier: 0AaN2HJjZKzxTqlCrdxqjKPb44WWpJdG3ECR0Es3dks=
Subject key identifier: CA:32:84:47:EC:F1:99:17:42:11:70:A4:93:72:F0:F5:E5:6E:F4:E2
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 58B7C386328CDD802BB1C013374B3AA5BA43C69A
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS7018.roa
Signing time: Mon 29 Jul 2024 16:31:41 +0000
ROA not before: Mon 29 Jul 2024 16:26:41 +0000
ROA not after: Mon 28 Jul 2025 16:31:41 +0000
asID: 7018
IP address blocks: 179.61.243.0/24 maxlen: 24
181.214.73.0/24 maxlen: 24
181.214.119.0/24 maxlen: 24
181.214.134.0/24 maxlen: 24
181.215.189.0/24 maxlen: 24
181.215.216.0/24 maxlen: 24
181.215.225.0/24 maxlen: 24
181.215.250.0/24 maxlen: 24
191.101.49.0/24 maxlen: 24
191.101.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:b7:c3:86:32:8c:dd:80:2b:b1:c0:13:37:4b:3a:a5:ba:43:c6:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jul 29 16:26:41 2024 GMT
Not After : Jul 28 16:31:41 2025 GMT
Subject: CN=CA328447ECF19917421170A49372F0F5E56EF4E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c2:bf:8b:a5:cf:19:d2:42:38:d3:25:b9:2d:
a1:1d:d6:13:5b:32:6b:43:0b:18:3a:ac:d6:d8:47:
6c:9b:cc:d9:c4:dd:0d:d6:24:e9:48:cd:dc:3d:21:
62:7e:de:96:dd:75:5a:a2:3b:0c:25:66:3c:d4:46:
09:1e:2f:96:d5:0c:be:02:7e:ba:50:d7:a4:c3:a6:
d5:c4:fa:22:57:fd:1c:62:f2:f4:0c:a2:56:f0:20:
fc:e3:bb:6d:75:95:96:a8:0d:89:dd:c0:56:7e:d1:
80:12:05:e1:32:2a:27:81:e1:c7:37:bb:4e:4c:22:
53:60:46:d2:c2:4b:c4:0e:6b:0e:b5:61:19:21:fb:
e5:b6:0b:09:ef:bf:8d:d2:1f:82:09:37:97:43:4a:
9d:48:f5:40:cd:db:52:3f:02:8c:67:4e:ae:76:53:
bf:d1:03:5e:7d:0d:2c:69:d2:25:c7:10:23:70:f1:
71:fd:a5:9b:f9:64:36:3e:48:87:9c:95:28:0d:30:
5f:f6:56:61:ab:18:ef:34:27:23:e3:cd:41:a3:a0:
f1:75:2d:09:9f:2d:12:43:cb:48:7c:98:aa:e9:67:
f5:47:07:c8:4c:2a:1f:46:91:1a:06:61:09:ec:47:
64:87:48:ac:2e:18:45:24:a5:34:72:45:3f:1f:8c:
fb:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:32:84:47:EC:F1:99:17:42:11:70:A4:93:72:F0:F5:E5:6E:F4:E2
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS7018.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.243.0/24
181.214.73.0/24
181.214.119.0/24
181.214.134.0/24
181.215.189.0/24
181.215.216.0/24
181.215.225.0/24
181.215.250.0/24
191.101.49.0/24
191.101.218.0/24
Signature Algorithm: sha256WithRSAEncryption
22:37:52:e1:5a:0a:f9:9f:55:2c:3f:f7:59:4e:0b:27:51:d8:
d3:64:a9:d1:fe:f2:43:fd:fe:27:9f:36:9c:5f:2d:7a:e3:a2:
38:d4:69:59:0e:c5:9c:45:53:1d:c6:e6:fb:4b:6e:10:0f:be:
15:c7:3f:71:ec:07:52:5c:24:c5:e3:b2:52:16:bd:c0:21:ac:
7d:a8:e1:28:db:e2:59:93:d7:8a:05:39:34:e4:a2:be:e3:55:
ba:98:7c:5d:e9:9c:0a:38:3f:13:2e:d4:11:ef:9c:a3:44:ee:
02:63:e0:03:ea:16:60:e3:77:7b:4e:7c:28:b9:0a:59:3e:74:
8c:db:0e:73:10:a2:b4:aa:da:ba:53:7a:d6:5d:df:14:06:73:
0a:69:f0:09:70:8f:45:8c:d3:ae:2a:82:86:b0:26:68:33:5e:
17:ea:05:74:2e:49:85:de:6b:3c:ca:f2:31:93:57:4e:c8:89:
2a:c3:30:1d:d9:b7:28:97:d7:ac:d0:8d:d2:a1:bc:12:f7:f2:
35:af:3a:dc:12:a3:05:d0:d1:b3:55:39:ba:80:dc:c2:24:85:
f9:76:44:88:a5:0a:24:93:7a:aa:77:5f:14:fa:29:a6:dc:c1:
0c:98:41:cb:fc:30:fe:cb:6b:0b:d9:11:c7:28:d3:0f:94:bd:
86:14:86:a9
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUWLfDhjKM3YArscATN0s6pbpDxpowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA3MjkxNjI2NDFaFw0yNTA3MjgxNjMxNDFaMDMxMTAvBgNV
BAMTKENBMzI4NDQ3RUNGMTk5MTc0MjExNzBBNDkzNzJGMEY1RTU2RUY0RTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCswr+Lpc8Z0kI40yW5LaEd1hNb
MmtDCxg6rNbYR2ybzNnE3Q3WJOlIzdw9IWJ+3pbddVqiOwwlZjzURgkeL5bVDL4C
frpQ16TDptXE+iJX/Rxi8vQMolbwIPzju211lZaoDYndwFZ+0YASBeEyKieB4cc3
u05MIlNgRtLCS8QOaw61YRkh++W2Cwnvv43SH4IJN5dDSp1I9UDN21I/AoxnTq52
U7/RA159DSxp0iXHECNw8XH9pZv5ZDY+SIeclSgNMF/2VmGrGO80JyPjzUGjoPF1
LQmfLRJDy0h8mKrpZ/VHB8hMKh9GkRoGYQnsR2SHSKwuGEUkpTRyRT8fjPuTAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUyjKER+zxmRdCEXCkk3Lw9eVu9OIwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNzAxOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBVBggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEALM98wME
ALXWSQMEALXWdwMEALXWhgMEALXXvQMEALXX2AMEALXX4QMEALXX+gMEAL9lMQME
AL9l2jANBgkqhkiG9w0BAQsFAAOCAQEAIjdS4VoK+Z9VLD/3WU4LJ1HY02Sp0f7y
Q/3+J582nF8teuOiONRpWQ7FnEVTHcbm+0tuEA++Fcc/cewHUlwkxeOyUha9wCGs
fajhKNviWZPXigU5NOSivuNVuph8XemcCjg/Ey7UEe+co0TuAmPgA+oWYON3e058
KLkKWT50jNsOcxCitKraulN61l3fFAZzCmnwCXCPRYzTriqChrAmaDNeF+oFdC5J
hd5rPMryMZNXTsiJKsMwHdm3KJfXrNCN0qG8EvfyNa863BKjBdDRs1U5uoDcwiSF
+XZEiKUKJJN6qndfFPopptzBDJhBy/ww/strC9kRxyjTD5S9hhSGqQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:12 2024 by rpki-client on console-fra.rpki-client.org