Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS262287.roa
File: AS262287.roa (raw, json)
Hash identifier: qBwqbCuSJGCDHUHktI7csAbvGmmy260duxRmoCMdJgg=
Subject key identifier: CE:B0:E9:4F:DF:8D:F9:2D:72:CD:CA:48:A3:2F:26:4F:A9:A6:6C:D0
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 55231024866E599D30A4B1358F0EF56CE11618C9
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS262287.roa
Signing time: Tue 01 Apr 2025 00:00:11 +0000
ROA not before: Mon 31 Mar 2025 23:55:11 +0000
ROA not after: Tue 31 Mar 2026 00:00:11 +0000
asID: 262287
IP address blocks: 85.208.74.0/24 maxlen: 24
85.208.75.0/24 maxlen: 24
181.41.220.0/24 maxlen: 24
181.214.150.0/24 maxlen: 24
181.214.151.0/24 maxlen: 24
181.214.249.0/24 maxlen: 24
181.215.97.0/24 maxlen: 24
181.215.99.0/24 maxlen: 24
181.215.101.0/24 maxlen: 24
181.215.102.0/24 maxlen: 24
181.215.104.0/24 maxlen: 24
181.215.128.0/24 maxlen: 24
181.215.172.0/24 maxlen: 24
181.215.195.0/24 maxlen: 24
191.96.19.0/24 maxlen: 24
191.96.139.0/24 maxlen: 24
191.96.247.0/24 maxlen: 24
191.101.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:23:10:24:86:6e:59:9d:30:a4:b1:35:8f:0e:f5:6c:e1:16:18:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 31 23:55:11 2025 GMT
Not After : Mar 31 00:00:11 2026 GMT
Subject: CN=CEB0E94FDF8DF92D72CDCA48A32F264FA9A66CD0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:18:e9:bd:61:66:84:79:7f:c6:c4:0e:0a:54:
e8:9e:3a:fc:74:30:81:fc:f3:7c:0f:c3:08:ff:8d:
d4:eb:2e:cd:d9:71:78:b8:2c:bb:01:be:f6:d7:57:
bd:57:3c:ac:47:f0:62:83:b6:a7:41:e2:38:a2:f7:
42:cb:32:21:ce:57:b9:1d:54:86:2a:a1:a5:37:d0:
78:a4:60:e7:54:f8:f0:40:41:08:07:d3:77:99:9f:
08:16:8b:cf:17:ff:16:52:c1:87:63:3d:5c:ec:fd:
3c:3e:b5:b6:fb:c4:ec:94:17:9e:7d:be:24:af:80:
8a:b1:0f:a9:bf:ca:be:45:2a:fc:9f:ef:05:48:b7:
76:c9:37:8d:18:4e:36:82:b4:12:8c:83:7a:ab:dd:
47:4d:6f:e3:ea:46:47:cd:32:58:45:ae:2e:7d:90:
e1:5b:7b:de:e0:f9:65:60:70:88:63:fd:95:79:f4:
b8:7e:b0:00:ad:04:c8:ec:6b:3f:f7:78:38:84:ea:
d5:1d:1f:23:fe:42:40:63:c9:32:df:7a:59:f6:e6:
68:a3:e1:55:94:cd:24:f8:c3:c3:4b:43:09:20:d0:
b6:72:16:47:bd:17:9f:c2:df:4c:70:59:a8:0f:2f:
55:3b:fd:91:91:0d:df:0f:f6:5a:48:40:67:89:72:
af:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:B0:E9:4F:DF:8D:F9:2D:72:CD:CA:48:A3:2F:26:4F:A9:A6:6C:D0
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS262287.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.74.0/23
181.41.220.0/24
181.214.150.0/23
181.214.249.0/24
181.215.97.0/24
181.215.99.0/24
181.215.101.0-181.215.102.255
181.215.104.0/24
181.215.128.0/24
181.215.172.0/24
181.215.195.0/24
191.96.19.0/24
191.96.139.0/24
191.96.247.0/24
191.101.152.0/24
Signature Algorithm: sha256WithRSAEncryption
35:04:77:16:ab:db:d8:93:dc:b2:ba:03:5f:33:6d:f1:04:0f:
b6:43:33:e5:3c:ff:6e:e9:57:d9:06:16:02:ab:68:2b:f3:f8:
8c:97:d1:a5:57:47:61:57:a3:46:93:12:a9:98:af:af:ea:7a:
96:f2:3f:8f:6c:78:77:e9:d5:ca:28:9c:ee:20:ca:a1:f2:26:
e3:66:ec:2d:e5:a8:46:ee:aa:bc:56:6e:58:eb:f3:70:2d:53:
9a:66:f5:47:0f:88:1f:98:9e:fc:a3:d1:28:8c:a9:2e:90:81:
c1:53:05:b1:2f:5e:e7:68:e2:1a:f6:0c:48:01:b7:34:91:c1:
24:87:3d:5b:4c:c8:36:18:ca:8a:7e:02:08:54:2f:77:5b:02:
43:83:ee:f1:54:3f:b0:8b:d0:15:17:80:58:d7:5c:15:32:7f:
ea:1e:c2:c7:8a:ac:9e:3d:f7:28:01:5d:e5:35:4f:d7:b3:0a:
7f:78:6c:31:05:7c:e9:56:de:ff:e9:98:e1:04:5b:a7:8d:5c:
1c:5f:fe:84:f0:31:37:41:c0:f4:4a:f2:87:ff:b4:50:8d:a8:
96:51:17:75:f0:a6:db:db:c1:90:23:94:bc:aa:ce:13:60:12:
43:b7:4d:91:5a:24:f5:9b:bd:e6:ad:ef:ba:f6:3f:66:29:05:
7d:6d:1f:be
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgIUVSMQJIZuWZ0wpLE1jw71bOEWGMkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAzMzEyMzU1MTFaFw0yNjAzMzEwMDAwMTFaMDMxMTAvBgNV
BAMTKENFQjBFOTRGREY4REY5MkQ3MkNEQ0E0OEEzMkYyNjRGQTlBNjZDRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgGOm9YWaEeX/GxA4KVOieOvx0
MIH883wPwwj/jdTrLs3ZcXi4LLsBvvbXV71XPKxH8GKDtqdB4jii90LLMiHOV7kd
VIYqoaU30HikYOdU+PBAQQgH03eZnwgWi88X/xZSwYdjPVzs/Tw+tbb7xOyUF559
viSvgIqxD6m/yr5FKvyf7wVIt3bJN40YTjaCtBKMg3qr3UdNb+PqRkfNMlhFri59
kOFbe97g+WVgcIhj/ZV59Lh+sACtBMjsaz/3eDiE6tUdHyP+QkBjyTLfeln25mij
4VWUzST4w8NLQwkg0LZyFke9F5/C30xwWagPL1U7/ZGRDd8P9lpIQGeJcq+TAgMB
AAGjggJmMIICYjAdBgNVHQ4EFgQUzrDpT9+N+S1yzcpIoy8mT6mmbNAwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjYyMjg3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQBVdBK
AwQAtSncAwQBtdaWAwQAtdb5AwQAtddhAwQAtddjMAwDBAC112UDBAC112YDBAC1
12gDBAC114ADBAC116wDBAC118MDBAC/YBMDBAC/YIsDBAC/YPcDBAC/ZZgwDQYJ
KoZIhvcNAQELBQADggEBADUEdxar29iT3LK6A18zbfEED7ZDM+U8/27pV9kGFgKr
aCvz+IyX0aVXR2FXo0aTEqmYr6/qepbyP49seHfp1coonO4gyqHyJuNm7C3lqEbu
qrxWbljr83AtU5pm9UcPiB+Ynvyj0SiMqS6QgcFTBbEvXudo4hr2DEgBtzSRwSSH
PVtMyDYYyop+AghUL3dbAkOD7vFUP7CL0BUXgFjXXBUyf+oewseKrJ499ygBXeU1
T9ezCn94bDEFfOlW3v/pmOEEW6eNXBxf/oTwMTdBwPRK8of/tFCNqJZRF3Xwptvb
wZAjlLyqzhNgEkO3TZFaJPWbveat77r2P2YpBX1tH74=
-----END CERTIFICATE-----
Generated at Sun Apr 27 08:18:26 2025 by rpki-client