Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS30860.roa
File: AS30860.roa (raw, json)
Hash identifier: uZ5/xpDZP5YPQkKE+KiCQgUn8h9c7u8eRgYxPy8mqRU=
Subject key identifier: 32:8D:10:A9:9E:83:75:C3:FE:89:77:16:3C:DE:91:1E:A9:8F:29:D0
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 4342C2AC5F8E45114D71F850FDB3B15307FB5E4E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS30860.roa
Signing time: Thu 09 Jan 2025 16:19:18 +0000
ROA not before: Thu 09 Jan 2025 16:14:18 +0000
ROA not after: Thu 08 Jan 2026 16:19:18 +0000
asID: 30860
IP address blocks: 2.57.20.0/23 maxlen: 24
185.34.42.0/24 maxlen: 24
185.174.63.0/24 maxlen: 24
191.96.69.0/24 maxlen: 24
191.96.171.0/24 maxlen: 24
191.96.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 19:35:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:42:c2:ac:5f:8e:45:11:4d:71:f8:50:fd:b3:b1:53:07:fb:5e:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 9 16:14:18 2025 GMT
Not After : Jan 8 16:19:18 2026 GMT
Subject: CN=328D10A99E8375C3FE8977163CDE911EA98F29D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:76:5c:35:ba:01:78:e1:f8:86:b1:4c:16:1c:
71:03:6a:32:f8:fb:54:57:2f:ec:d1:2d:4e:d2:42:
b6:5b:37:33:8d:7a:84:4c:1f:53:7f:ec:f9:7b:8e:
d0:49:a4:53:9d:d3:29:39:44:d4:c4:e3:88:ff:16:
39:f2:d5:0c:ce:b1:09:01:dd:ff:2b:e2:4a:dc:30:
ee:57:7a:90:aa:64:d3:aa:c8:c0:9b:ae:16:8a:ae:
d8:2a:56:3c:3e:24:24:b6:06:d2:eb:84:0d:4b:e5:
31:b8:99:84:97:cc:13:d0:f2:57:13:6a:1c:54:2a:
04:a6:d1:b5:9b:d4:1a:2d:58:d7:27:e6:f4:bc:50:
3a:af:44:41:4b:0b:a8:5b:ca:84:ff:a0:b9:7c:03:
41:48:2c:e3:3a:97:df:d1:64:bb:cb:d0:13:98:48:
0c:82:07:0c:d4:5b:28:99:45:a4:cb:1a:99:04:0f:
ef:fe:08:13:eb:ff:0f:de:d4:31:91:0d:9d:80:66:
93:34:00:03:cc:fb:28:79:19:98:96:32:03:73:4b:
01:de:41:a9:cb:25:43:0b:35:cf:ca:b9:86:23:35:
94:2a:01:2a:a5:f4:b0:a7:bf:8c:ff:91:dd:f1:f0:
7d:90:c3:bb:c2:f5:f3:e4:af:89:cf:27:7e:81:9d:
5e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:8D:10:A9:9E:83:75:C3:FE:89:77:16:3C:DE:91:1E:A9:8F:29:D0
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS30860.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.20.0/23
185.34.42.0/24
185.174.63.0/24
191.96.69.0/24
191.96.171.0/24
191.96.173.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:04:8d:00:f6:be:03:09:74:39:d2:2f:a1:7e:c7:fc:01:59:
9f:7c:95:3c:20:23:50:b0:c5:b4:40:7a:c8:f5:64:f1:2a:7a:
90:90:51:47:76:e2:1a:12:39:5b:f5:0a:e5:6f:30:92:31:cd:
48:df:0f:c5:f1:f8:5e:89:48:63:78:b2:87:4f:ff:a9:30:58:
c0:b5:97:9d:a7:d8:b5:bc:bb:e0:77:09:08:92:4d:3c:ec:66:
34:cb:39:7c:3e:ce:2f:b5:5d:5e:b8:96:0d:3c:72:b1:86:6c:
c3:29:0a:20:18:eb:e7:98:f3:6f:a8:11:ab:05:84:d1:c7:14:
7e:26:ef:c9:f1:c7:e4:a5:42:7a:72:94:ca:a8:17:a3:8e:fb:
d0:cd:79:3d:2f:2c:de:55:24:7a:f8:07:9c:a0:a5:83:f7:00:
48:25:e0:cc:d1:07:d7:73:1b:9e:51:34:2f:50:2f:cc:52:9a:
74:ea:af:31:b6:68:76:88:f7:5c:98:d9:5d:08:c5:ed:01:36:
8b:a5:7e:02:0f:fd:cb:c7:ff:f1:ab:6a:cc:51:c1:ba:98:2b:
01:b7:ad:17:35:1c:2f:93:4d:c6:d8:ee:82:aa:fa:12:25:e8:
f9:4f:eb:fe:4f:f4:00:89:1c:89:36:74:4d:19:4a:eb:ac:63:
17:85:ea:1b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUQ0LCrF+ORRFNcfhQ/bOxUwf7Xk4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAxMDkxNjE0MThaFw0yNjAxMDgxNjE5MThaMDMxMTAvBgNV
BAMTKDMyOEQxMEE5OUU4Mzc1QzNGRTg5NzcxNjNDREU5MTFFQTk4RjI5RDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJdlw1ugF44fiGsUwWHHEDajL4
+1RXL+zRLU7SQrZbNzONeoRMH1N/7Pl7jtBJpFOd0yk5RNTE44j/Fjny1QzOsQkB
3f8r4krcMO5XepCqZNOqyMCbrhaKrtgqVjw+JCS2BtLrhA1L5TG4mYSXzBPQ8lcT
ahxUKgSm0bWb1BotWNcn5vS8UDqvREFLC6hbyoT/oLl8A0FILOM6l9/RZLvL0BOY
SAyCBwzUWyiZRaTLGpkED+/+CBPr/w/e1DGRDZ2AZpM0AAPM+yh5GZiWMgNzSwHe
QanLJUMLNc/KuYYjNZQqASql9LCnv4z/kd3x8H2Qw7vC9fPkr4nPJ36BnV69AgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUMo0QqZ6DdcP+iXcWPN6RHqmPKdAwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzA4NjAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBAECORQD
BAC5IioDBAC5rj8DBAC/YEUDBAC/YKsDBAC/YK0wDQYJKoZIhvcNAQELBQADggEB
AD0EjQD2vgMJdDnSL6F+x/wBWZ98lTwgI1CwxbRAesj1ZPEqepCQUUd24hoSOVv1
CuVvMJIxzUjfD8Xx+F6JSGN4sodP/6kwWMC1l52n2LW8u+B3CQiSTTzsZjTLOXw+
zi+1XV64lg08crGGbMMpCiAY6+eY82+oEasFhNHHFH4m78nxx+SlQnpylMqoF6OO
+9DNeT0vLN5VJHr4B5ygpYP3AEgl4MzRB9dzG55RNC9QL8xSmnTqrzG2aHaI91yY
2V0Ixe0BNoulfgIP/cvH//GrasxRwbqYKwG3rRc1HC+TTcbY7oKq+hIl6PlP6/5P
9ACJHIk2dE0ZSuusYxeF6hs=
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:36:46 2025 by rpki-client