Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212669.roa
File: AS212669.roa (raw, json)
Hash identifier: uzdkg3ot20hQsNO0Xidh1lljVIuBHh1dVwZOoACEHTs=
Subject key identifier: 02:72:DD:E5:79:A2:D7:A4:5B:88:F5:44:CC:5A:CB:CA:41:B9:E9:BE
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 409BE5B8E16B3A4F0583015F27AB40AC14F27514
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212669.roa
Signing time: Tue 25 Mar 2025 13:53:58 +0000
ROA not before: Tue 25 Mar 2025 13:48:58 +0000
ROA not after: Tue 24 Mar 2026 13:53:58 +0000
asID: 212669
IP address blocks: 179.61.191.0/24 maxlen: 24
179.61.249.0/24 maxlen: 24
181.214.11.0/24 maxlen: 24
191.101.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 17:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:9b:e5:b8:e1:6b:3a:4f:05:83:01:5f:27:ab:40:ac:14:f2:75:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 25 13:48:58 2025 GMT
Not After : Mar 24 13:53:58 2026 GMT
Subject: CN=0272DDE579A2D7A45B88F544CC5ACBCA41B9E9BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a9:b9:ec:d3:b1:59:cb:c0:20:cb:9f:0f:6c:
68:37:18:cd:fe:47:5e:56:28:2d:ec:2b:58:4d:f4:
74:be:7d:40:4e:ab:09:02:65:6f:80:85:14:46:af:
5c:05:84:d4:37:b0:70:58:fc:64:60:4c:61:90:e7:
c3:cb:9f:70:87:64:71:5e:ed:c6:a6:c0:91:c1:ef:
32:28:11:15:0e:7d:44:45:a8:6f:48:2d:d6:d9:6b:
7b:05:95:ad:99:8c:6a:48:af:9d:20:e9:9d:b9:01:
c2:70:ec:25:e3:72:57:cc:f5:de:9b:fd:32:10:32:
06:1d:94:fc:df:cb:e8:16:d5:3a:c1:d7:10:e3:26:
96:3c:76:95:dc:c3:0a:4d:cd:83:54:e7:d4:60:98:
b0:0a:70:4a:f1:86:72:45:73:55:67:82:44:72:a0:
fe:3a:a7:eb:95:e1:ac:21:63:d2:57:01:28:4d:65:
28:5b:e1:ee:f7:21:59:14:d2:22:4e:11:e9:22:e2:
0e:40:0d:a4:7f:11:ac:69:05:4f:92:7e:e2:a3:b3:
b2:ba:24:5a:7d:c9:92:9c:0d:0a:44:ca:58:65:b3:
bc:e4:0f:74:43:44:b5:f4:37:2f:43:d4:53:e3:6b:
b5:4b:09:9d:d5:08:15:0c:e2:78:25:29:42:df:c3:
db:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:72:DD:E5:79:A2:D7:A4:5B:88:F5:44:CC:5A:CB:CA:41:B9:E9:BE
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212669.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.191.0/24
179.61.249.0/24
181.214.11.0/24
191.101.246.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:41:32:c9:6b:5e:d7:dc:7a:ec:52:d0:f8:85:c8:8f:84:c7:
e2:61:34:8e:1a:17:2e:3e:20:3d:63:2d:e5:34:53:f5:c5:79:
e7:37:20:c8:f7:96:39:12:f5:10:44:76:90:d1:05:56:b8:e4:
4d:d3:17:ce:46:88:97:57:8f:25:ab:b0:2b:18:b3:60:72:63:
b9:b1:54:bf:8b:04:2b:6e:aa:e9:a5:03:16:20:9c:6b:e2:91:
71:78:b1:93:3b:a2:d8:7d:eb:dc:f3:96:2f:56:37:51:cb:75:
4c:51:df:1c:62:11:61:d3:3f:29:96:f1:08:17:d1:1e:07:a7:
02:71:03:09:dc:7e:bb:a4:b5:5b:e5:9f:93:20:b1:32:b7:f9:
83:92:69:c9:48:6a:de:92:6a:14:97:1b:85:09:62:81:f7:98:
a3:15:c8:7a:a1:da:34:95:27:5c:d0:8f:1a:0e:7b:79:c6:5e:
74:9d:55:ba:05:40:7e:f9:13:9a:c1:56:9f:e7:d1:f2:8e:94:
f4:da:ac:e8:52:19:3f:d1:c1:2d:88:f9:26:61:a2:25:65:d6:
cb:75:4d:0b:5b:a0:19:8f:4b:82:c6:8b:6b:18:17:24:cb:94:
65:26:6f:1f:4b:06:a6:f1:ee:29:ca:53:0f:d5:87:27:bd:db:
a1:fc:aa:7d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUQJvluOFrOk8FgwFfJ6tArBTydRQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAzMjUxMzQ4NThaFw0yNjAzMjQxMzUzNThaMDMxMTAvBgNV
BAMTKDAyNzJEREU1NzlBMkQ3QTQ1Qjg4RjU0NENDNUFDQkNBNDFCOUU5QkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0qbns07FZy8Agy58PbGg3GM3+
R15WKC3sK1hN9HS+fUBOqwkCZW+AhRRGr1wFhNQ3sHBY/GRgTGGQ58PLn3CHZHFe
7camwJHB7zIoERUOfURFqG9ILdbZa3sFla2ZjGpIr50g6Z25AcJw7CXjclfM9d6b
/TIQMgYdlPzfy+gW1TrB1xDjJpY8dpXcwwpNzYNU59RgmLAKcErxhnJFc1VngkRy
oP46p+uV4awhY9JXAShNZShb4e73IVkU0iJOEeki4g5ADaR/EaxpBU+SfuKjs7K6
JFp9yZKcDQpEylhls7zkD3RDRLX0Ny9D1FPja7VLCZ3VCBUM4nglKULfw9txAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUAnLd5Xmi16RbiPVEzFrLykG56b4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEyNjY5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAsz2/
AwQAsz35AwQAtdYLAwQAv2X2MA0GCSqGSIb3DQEBCwUAA4IBAQCoQTLJa17X3Hrs
UtD4hciPhMfiYTSOGhcuPiA9Yy3lNFP1xXnnNyDI95Y5EvUQRHaQ0QVWuORN0xfO
RoiXV48lq7ArGLNgcmO5sVS/iwQrbqrppQMWIJxr4pFxeLGTO6LYfevc85YvVjdR
y3VMUd8cYhFh0z8plvEIF9EeB6cCcQMJ3H67pLVb5Z+TILEyt/mDkmnJSGrekmoU
lxuFCWKB95ijFch6odo0lSdc0I8aDnt5xl50nVW6BUB++ROawVaf59HyjpT02qzo
Uhk/0cEtiPkmYaIlZdbLdU0LW6AZj0uCxotrGBcky5RlJm8fSwam8e4pylMP1Ycn
vduh/Kp9
-----END CERTIFICATE-----
Generated at Sun Apr 27 00:18:49 2025 by rpki-client