Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: 0n/or4ENkGktY44wrSiVQCSuMrdilhQKcbVA1CbeI04=
Subject key identifier: C4:04:CA:FC:4B:AD:58:06:D8:D1:66:68:E0:FB:A2:10:8D:BE:0F:F6
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5342B71D37496421AF38E0A25C2036D59C513A2A
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
Signing time: Wed 01 May 2024 00:03:55 +0000
ROA not before: Tue 30 Apr 2024 23:58:55 +0000
ROA not after: Wed 30 Apr 2025 00:03:55 +0000
asID: 834
IP address blocks: 45.87.185.0/24 maxlen: 24
45.95.38.0/24 maxlen: 24
149.62.40.0/24 maxlen: 24
181.215.73.0/24 maxlen: 24
181.215.189.0/24 maxlen: 24
181.215.204.0/24 maxlen: 24
181.215.206.0/23 maxlen: 24
181.215.216.0/24 maxlen: 24
181.215.225.0/24 maxlen: 24
191.101.181.0/24 maxlen: 24
191.101.192.0/24 maxlen: 24
191.101.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:46:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:42:b7:1d:37:49:64:21:af:38:e0:a2:5c:20:36:d5:9c:51:3a:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 30 23:58:55 2024 GMT
Not After : Apr 30 00:03:55 2025 GMT
Subject: CN=C404CAFC4BAD5806D8D16668E0FBA2108DBE0FF6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6a:49:40:4a:ed:9b:f6:e3:ce:dd:39:3b:0e:
ba:e6:57:66:9c:3c:71:ae:ca:35:fb:19:74:73:04:
58:ab:f8:af:3d:d4:ad:c2:9c:a0:9b:0e:35:11:ec:
e4:79:0a:63:c3:8e:ed:01:2e:76:4b:25:77:51:09:
dd:29:5e:12:28:b9:9a:ea:4c:a9:6b:b4:dd:c2:26:
2e:88:45:d8:d6:6d:d5:7c:10:57:c6:0e:7c:dc:da:
7f:33:b9:b9:7a:e6:a5:f4:3c:b1:83:c8:80:2f:17:
a9:78:fe:fa:96:d9:be:5f:27:a2:7d:a3:5f:0a:ca:
fd:4d:38:70:ff:8c:3e:43:9e:4d:3b:e7:62:bc:45:
8b:90:33:5d:51:7b:fe:86:fc:69:fd:c3:df:ce:5b:
63:e1:b7:a8:63:83:1a:a4:62:d0:f4:a1:89:31:d7:
41:ab:7e:91:28:05:29:1d:9d:29:fd:20:0d:3f:f5:
9c:8c:05:e5:f4:61:98:3d:d9:13:62:5a:04:65:2e:
1b:cf:ec:86:68:e6:c5:b0:f6:48:65:77:1f:10:5f:
8a:e3:a1:c5:2e:7f:36:81:46:34:f0:0d:b9:3a:25:
19:72:31:0b:96:73:f7:0b:b2:7a:8f:a6:c4:33:db:
af:20:ca:cd:55:3a:fa:03:6a:24:73:18:1e:03:f0:
93:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:04:CA:FC:4B:AD:58:06:D8:D1:66:68:E0:FB:A2:10:8D:BE:0F:F6
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.185.0/24
45.95.38.0/24
149.62.40.0/24
181.215.73.0/24
181.215.189.0/24
181.215.204.0/24
181.215.206.0/23
181.215.216.0/24
181.215.225.0/24
191.101.181.0/24
191.101.192.0/24
191.101.207.0/24
Signature Algorithm: sha256WithRSAEncryption
14:b7:71:6e:49:7a:2b:2e:74:64:e1:ff:ff:d2:94:e2:8b:0a:
f3:76:d1:18:ae:51:07:a7:45:c5:99:73:af:c4:c1:c4:f5:4d:
25:85:a4:18:e4:70:0b:22:29:2e:32:6b:ef:a3:37:6f:02:c0:
be:3f:00:a8:fa:15:c3:4d:cc:dc:d2:2e:67:df:32:57:0e:a4:
f8:a7:b2:1a:eb:97:59:1b:54:81:6c:96:fc:07:6a:b5:e0:24:
36:65:8c:4a:4a:00:e6:28:fa:f0:73:a3:32:47:e9:4f:e6:90:
34:93:89:a7:bf:f3:0d:86:20:c6:d5:fb:36:ea:62:b1:d0:b3:
2b:dc:b1:5d:b8:dc:99:b9:a0:be:e1:9a:e7:ef:df:68:e0:80:
46:5e:99:16:49:fe:f3:ea:1d:c0:36:47:b1:93:40:51:bc:d7:
05:3d:5b:49:6c:4c:98:3d:e8:5b:78:ef:27:4a:5f:19:87:4e:
28:5c:e7:bf:4a:d2:f4:66:99:2e:9b:8c:fe:4a:2b:f7:f0:a4:
a9:8e:51:b2:c2:ce:3f:cf:42:1d:55:ca:49:72:81:db:47:d9:
4f:e4:6c:60:f3:19:28:3f:57:ef:bf:9c:bc:12:6a:f9:4f:26:
53:4d:ad:f1:7d:37:c4:ac:ba:ab:ce:12:6d:44:85:1a:50:af:
f0:e8:0d:18
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUU0K3HTdJZCGvOOCiXCA21ZxROiowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA0MzAyMzU4NTVaFw0yNTA0MzAwMDAzNTVaMDMxMTAvBgNV
BAMTKEM0MDRDQUZDNEJBRDU4MDZEOEQxNjY2OEUwRkJBMjEwOERCRTBGRjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgaklASu2b9uPO3Tk7DrrmV2ac
PHGuyjX7GXRzBFir+K891K3CnKCbDjUR7OR5CmPDju0BLnZLJXdRCd0pXhIouZrq
TKlrtN3CJi6IRdjWbdV8EFfGDnzc2n8zubl65qX0PLGDyIAvF6l4/vqW2b5fJ6J9
o18Kyv1NOHD/jD5Dnk0752K8RYuQM11Re/6G/Gn9w9/OW2Pht6hjgxqkYtD0oYkx
10GrfpEoBSkdnSn9IA0/9ZyMBeX0YZg92RNiWgRlLhvP7IZo5sWw9khldx8QX4rj
ocUufzaBRjTwDbk6JRlyMQuWc/cLsnqPpsQz268gys1VOvoDaiRzGB4D8JPrAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUxATK/EutWAbY0WZo4PuiEI2+D/YwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALVe5AwQA
LV8mAwQAlT4oAwQAtddJAwQAtde9AwQAtdfMAwQBtdfOAwQAtdfYAwQAtdfhAwQA
v2W1AwQAv2XAAwQAv2XPMA0GCSqGSIb3DQEBCwUAA4IBAQAUt3FuSXorLnRk4f//
0pTiiwrzdtEYrlEHp0XFmXOvxMHE9U0lhaQY5HALIikuMmvvozdvAsC+PwCo+hXD
Tczc0i5n3zJXDqT4p7Ia65dZG1SBbJb8B2q14CQ2ZYxKSgDmKPrwc6MyR+lP5pA0
k4mnv/MNhiDG1fs26mKx0LMr3LFduNyZuaC+4Zrn799o4IBGXpkWSf7z6h3ANkex
k0BRvNcFPVtJbEyYPehbeO8nSl8Zh04oXOe/StL0Zpkum4z+Siv38KSpjlGyws4/
z0IdVcpJcoHbR9lP5Gxg8xkoP1fvv5y8Emr5TyZTTa3xfTfErLqrzhJtRIUaUK/w
6A0Y
-----END CERTIFICATE-----
Generated at Thu May 2 00:23:45 2024 by rpki-client on console-fra.rpki-client.org