Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210542.roa
File: AS210542.roa (raw, json)
Hash identifier: BuKWmnk2FGktwTRqZJF5w15n1RDPhOVuUY6c8nNrEzs=
Subject key identifier: 1D:05:B9:EE:95:63:79:69:D0:3C:6F:19:E1:0D:F7:F8:DB:5F:DB:38
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3C11F1DCF0F5301FE578C909AF73394050483501
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210542.roa
Signing time: Sat 03 May 2025 00:00:39 +0000
ROA not before: Fri 02 May 2025 23:55:39 +0000
ROA not after: Sat 02 May 2026 00:00:39 +0000
asID: 210542
IP address blocks: 179.61.173.0/24 maxlen: 24
181.214.2.0/24 maxlen: 24
181.214.25.0/24 maxlen: 24
181.214.33.0/24 maxlen: 24
181.214.75.0/24 maxlen: 24
181.214.130.0/24 maxlen: 24
181.214.132.0/24 maxlen: 24
181.214.185.0/24 maxlen: 24
181.214.205.0/24 maxlen: 24
181.214.250.0/24 maxlen: 24
181.215.110.0/24 maxlen: 24
181.215.127.0/24 maxlen: 24
181.215.136.0/24 maxlen: 24
181.215.148.0/24 maxlen: 24
181.215.154.0/24 maxlen: 24
181.215.190.0/24 maxlen: 24
181.215.239.0/24 maxlen: 24
185.173.27.0/24 maxlen: 24
191.96.111.0/24 maxlen: 24
194.53.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 14:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:11:f1:dc:f0:f5:30:1f:e5:78:c9:09:af:73:39:40:50:48:35:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 2 23:55:39 2025 GMT
Not After : May 2 00:00:39 2026 GMT
Subject: CN=1D05B9EE95637969D03C6F19E10DF7F8DB5FDB38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:78:4e:7a:4c:1c:a3:ed:2e:bd:51:ae:df:96:
21:e2:12:7d:0b:32:e3:d5:28:d0:d3:39:6a:a7:28:
c4:5e:83:69:06:93:83:28:e9:e0:84:c0:39:df:c7:
3f:c4:30:ec:dc:a1:18:4f:c9:f8:f5:bf:da:4e:ed:
70:ae:4c:55:03:54:14:84:c7:bf:28:e6:a2:68:9d:
7a:d5:28:ea:09:aa:d2:22:30:49:8c:f6:35:6c:36:
29:de:13:b2:f7:d0:18:8e:8b:53:04:90:ff:85:18:
37:8f:f5:0e:f0:f3:cf:e2:a3:2b:86:6f:5f:1c:c3:
57:80:bf:5b:c1:6d:e4:07:95:20:ec:80:24:7d:04:
b2:73:da:7b:5a:eb:10:e9:dc:b8:92:56:a5:60:3d:
7b:5f:89:2e:6f:9d:80:ee:18:4d:de:ee:2a:2c:31:
a0:2b:b5:29:70:94:52:18:b2:70:6f:3c:95:31:d3:
fb:47:c0:d8:6c:95:b4:63:56:76:ee:2d:a3:7e:d8:
f5:1b:11:74:7a:79:26:ef:33:81:d3:e5:2e:be:a8:
7f:00:1c:23:ba:41:6d:bc:dc:44:b8:44:f8:a2:e3:
87:88:31:be:b7:70:2b:0c:7e:e0:ba:2a:e5:5e:e1:
b8:f9:fc:5f:b7:c1:75:4d:c4:16:93:34:3c:97:54:
60:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:05:B9:EE:95:63:79:69:D0:3C:6F:19:E1:0D:F7:F8:DB:5F:DB:38
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210542.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.173.0/24
181.214.2.0/24
181.214.25.0/24
181.214.33.0/24
181.214.75.0/24
181.214.130.0/24
181.214.132.0/24
181.214.185.0/24
181.214.205.0/24
181.214.250.0/24
181.215.110.0/24
181.215.127.0/24
181.215.136.0/24
181.215.148.0/24
181.215.154.0/24
181.215.190.0/24
181.215.239.0/24
185.173.27.0/24
191.96.111.0/24
194.53.142.0/24
Signature Algorithm: sha256WithRSAEncryption
84:35:6a:1c:f0:f7:41:4b:db:45:5c:c3:09:62:e7:00:92:57:
af:aa:7b:96:ba:c5:4e:af:ef:88:0d:65:3e:86:be:fb:e8:21:
d8:89:42:d7:19:94:d7:83:fd:35:f9:05:b0:e3:cf:4b:23:13:
38:bf:c6:30:46:01:13:24:fb:b6:7a:c5:1d:f0:02:d9:7d:91:
05:0e:38:36:b5:73:8d:74:28:c4:39:0b:d4:88:2c:85:46:2c:
a5:6e:30:fb:d5:b5:78:9c:a3:7f:6b:88:a5:4b:1f:c1:4e:51:
e3:4f:b7:f3:59:89:a8:ed:cd:8e:fd:40:68:9e:1b:99:6e:43:
58:72:08:7a:be:54:d8:fe:64:36:1c:71:73:94:8a:9b:06:fa:
e3:6b:ef:6c:41:8a:8f:ac:3e:58:82:8b:4e:9b:93:d1:ea:7a:
4f:dc:5d:b2:0a:76:fd:1d:b2:78:d0:17:59:ab:fb:3c:37:ab:
33:d5:96:bd:86:d3:df:09:2e:81:b7:00:1a:b8:ba:a1:7a:e2:
2b:db:20:86:27:a5:8c:a3:b3:f6:72:23:ab:4c:47:40:7d:6a:
ae:07:64:c9:1a:38:3f:5e:54:05:11:84:1a:7c:20:82:52:ce:
6b:a4:d0:1c:ee:5d:e0:00:29:9d:5d:d6:ba:53:7e:80:44:80:
ac:32:f6:06
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgIUPBHx3PD1MB/leMkJr3M5QFBINQEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA1MDIyMzU1MzlaFw0yNjA1MDIwMDAwMzlaMDMxMTAvBgNV
BAMTKDFEMDVCOUVFOTU2Mzc5NjlEMDNDNkYxOUUxMERGN0Y4REI1RkRCMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjeE56TByj7S69Ua7fliHiEn0L
MuPVKNDTOWqnKMReg2kGk4Mo6eCEwDnfxz/EMOzcoRhPyfj1v9pO7XCuTFUDVBSE
x78o5qJonXrVKOoJqtIiMEmM9jVsNineE7L30BiOi1MEkP+FGDeP9Q7w88/ioyuG
b18cw1eAv1vBbeQHlSDsgCR9BLJz2nta6xDp3LiSVqVgPXtfiS5vnYDuGE3e7ios
MaArtSlwlFIYsnBvPJUx0/tHwNhslbRjVnbuLaN+2PUbEXR6eSbvM4HT5S6+qH8A
HCO6QW283ES4RPii44eIMb63cCsMfuC6KuVe4bj5/F+3wXVNxBaTNDyXVGDdAgMB
AAGjggJ/MIICezAdBgNVHQ4EFgQUHQW57pVjeWnQPG8Z4Q33+Ntf2zgwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEwNTQyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQA
sz2tAwQAtdYCAwQAtdYZAwQAtdYhAwQAtdZLAwQAtdaCAwQAtdaEAwQAtda5AwQA
tdbNAwQAtdb6AwQAtdduAwQAtdd/AwQAtdeIAwQAtdeUAwQAtdeaAwQAtde+AwQA
tdfvAwQAua0bAwQAv2BvAwQAwjWOMA0GCSqGSIb3DQEBCwUAA4IBAQCENWoc8PdB
S9tFXMMJYucAklevqnuWusVOr++IDWU+hr776CHYiULXGZTXg/01+QWw489LIxM4
v8YwRgETJPu2esUd8ALZfZEFDjg2tXONdCjEOQvUiCyFRiylbjD71bV4nKN/a4il
Sx/BTlHjT7fzWYmo7c2O/UBonhuZbkNYcgh6vlTY/mQ2HHFzlIqbBvrja+9sQYqP
rD5YgotOm5PR6npP3F2yCnb9HbJ40BdZq/s8N6sz1Za9htPfCS6BtwAauLqheuIr
2yCGJ6WMo7P2ciOrTEdAfWquB2TJGjg/XlQFEYQafCCCUs5rpNAc7l3gACmdXda6
U36ARICsMvYG
-----END CERTIFICATE-----
Generated at Tue May 6 22:02:37 2025 by rpki-client