Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS59711.roa
File: AS59711.roa (raw, json)
Hash identifier: tjEtcdGPmk5SGPfdKAulV0EBuSy301PuicZuTkuu3qE=
Subject key identifier: 9F:A3:B6:CC:53:DC:71:BB:43:6F:AC:3A:00:EA:29:EB:39:CD:C6:D7
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7F3AE04E75BDE33C5A0920ED8142402075AC60C3
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS59711.roa
Signing time: Fri 17 Jan 2025 14:27:32 +0000
ROA not before: Fri 17 Jan 2025 14:22:32 +0000
ROA not after: Fri 16 Jan 2026 14:27:32 +0000
asID: 59711
IP address blocks: 148.135.147.0/24 maxlen: 24
148.135.150.0/24 maxlen: 24
148.135.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 21:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:3a:e0:4e:75:bd:e3:3c:5a:09:20:ed:81:42:40:20:75:ac:60:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jan 17 14:22:32 2025 GMT
Not After : Jan 16 14:27:32 2026 GMT
Subject: CN=9FA3B6CC53DC71BB436FAC3A00EA29EB39CDC6D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6a:ba:92:29:7e:4b:41:aa:8e:10:e9:15:46:
47:7b:9b:9b:5e:97:4a:37:f1:1a:36:c4:a5:69:0c:
b3:30:cb:e2:71:21:37:a4:ea:ec:c8:a8:61:9c:72:
5e:7b:23:22:a4:a1:1c:64:c0:f7:1e:6b:5e:ba:cd:
32:df:5f:78:34:31:96:d4:ed:e8:d6:df:aa:76:59:
b1:c4:c9:43:7e:be:94:90:ff:c7:cd:09:d7:29:31:
6f:47:11:9c:43:df:00:25:19:14:b3:5a:9d:e4:a4:
45:1d:5b:85:00:05:a0:ff:8d:1c:ab:db:42:f8:1b:
20:c8:4f:e5:88:5a:ee:cd:c8:64:5c:d0:6e:fc:68:
c4:ee:66:af:e5:e1:c4:1d:d2:fc:85:c5:d2:1d:88:
d4:c9:fb:45:90:e8:7b:d6:8d:e4:ac:e2:22:f9:57:
21:c4:49:a4:0c:cb:f2:0d:de:9d:e8:c0:33:1c:7a:
5e:15:ae:bf:59:76:a7:02:c3:58:71:bb:a1:38:e7:
eb:cc:39:3c:fb:9e:f1:d2:fe:83:42:7e:8d:e5:bf:
de:de:17:c1:57:03:40:95:2f:fd:7f:cd:5f:8d:61:
c4:5e:e8:04:be:3d:44:ac:58:cf:39:56:56:19:c8:
9a:85:e4:7a:10:0a:b2:97:cf:b9:b6:fa:2c:77:02:
25:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:A3:B6:CC:53:DC:71:BB:43:6F:AC:3A:00:EA:29:EB:39:CD:C6:D7
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS59711.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.147.0/24
148.135.150.0/24
148.135.159.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:e6:22:85:ad:49:34:d4:2e:29:ed:be:60:ab:5e:18:b1:56:
10:2a:38:77:80:85:34:59:86:d6:39:9f:a0:d8:21:88:6d:ef:
28:52:bf:f9:48:ce:f2:c6:15:c0:d1:af:7c:c0:89:b5:7b:b0:
0e:2e:af:a2:bf:d4:cb:d8:f0:25:10:e5:70:a2:57:73:26:fd:
61:0c:d8:70:91:44:03:8e:1a:9e:c4:13:3e:86:33:e9:a4:eb:
2b:ea:a7:78:d1:fe:e0:03:58:3b:a1:97:23:c0:bc:03:73:2d:
56:a2:83:fe:dc:f8:af:72:d1:89:0b:2b:d1:aa:52:a6:38:7c:
ce:66:ba:35:13:4f:50:a8:68:c0:70:93:93:24:cd:75:18:07:
7c:ac:41:1a:01:31:74:35:2a:87:ea:81:bb:44:6f:e7:37:59:
23:f7:e0:b7:f5:e9:7a:3b:03:29:b2:f9:5e:b9:f8:b1:45:58:
a3:14:4d:52:6f:d8:85:5f:10:e6:92:e2:fd:27:9b:dc:a4:a8:
d4:d1:89:3f:b4:a9:b5:32:c4:19:87:ed:06:0b:d1:42:02:a1:
7a:82:84:7b:d2:00:9e:1c:fe:35:07:13:67:f0:7b:54:fa:9c:
b9:fb:80:c6:59:bc:bb:10:a4:98:d5:ea:06:ca:ac:f6:01:cd:
8e:cd:56:a0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUfzrgTnW94zxaCSDtgUJAIHWsYMMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAxMTcxNDIyMzJaFw0yNjAxMTYxNDI3MzJaMDMxMTAvBgNV
BAMTKDlGQTNCNkNDNTNEQzcxQkI0MzZGQUMzQTAwRUEyOUVCMzlDREM2RDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5arqSKX5LQaqOEOkVRkd7m5te
l0o38Ro2xKVpDLMwy+JxITek6uzIqGGccl57IyKkoRxkwPcea166zTLfX3g0MZbU
7ejW36p2WbHEyUN+vpSQ/8fNCdcpMW9HEZxD3wAlGRSzWp3kpEUdW4UABaD/jRyr
20L4GyDIT+WIWu7NyGRc0G78aMTuZq/l4cQd0vyFxdIdiNTJ+0WQ6HvWjeSs4iL5
VyHESaQMy/IN3p3owDMcel4Vrr9ZdqcCw1hxu6E45+vMOTz7nvHS/oNCfo3lv97e
F8FXA0CVL/1/zV+NYcRe6AS+PUSsWM85VlYZyJqF5HoQCrKXz7m2+ix3AiVvAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUn6O2zFPccbtDb6w6AOop6znNxtcwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTk3MTEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBACUh5MD
BACUh5YDBACUh58wDQYJKoZIhvcNAQELBQADggEBAD3mIoWtSTTULintvmCrXhix
VhAqOHeAhTRZhtY5n6DYIYht7yhSv/lIzvLGFcDRr3zAibV7sA4ur6K/1MvY8CUQ
5XCiV3Mm/WEM2HCRRAOOGp7EEz6GM+mk6yvqp3jR/uADWDuhlyPAvANzLVaig/7c
+K9y0YkLK9GqUqY4fM5mujUTT1CoaMBwk5MkzXUYB3ysQRoBMXQ1KofqgbtEb+c3
WSP34Lf16Xo7Aymy+V65+LFFWKMUTVJv2IVfEOaS4v0nm9ykqNTRiT+0qbUyxBmH
7QYL0UICoXqChHvSAJ4c/jUHE2fwe1T6nLn7gMZZvLsQpJjV6gbKrPYBzY7NVqA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:59 2025 by rpki-client