Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS42831.roa
File: AS42831.roa (raw, json)
Hash identifier: N04L/wpOrl2r/N39lylo60EGbhi9E8ozpUQAn1tbo7k=
Subject key identifier: AA:A5:A3:D1:4D:79:BA:AF:D3:67:1E:AC:13:3D:A3:29:B4:17:BA:BC
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3DE668402C0607923602B34AB5ACF045409CE0E5
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS42831.roa
Signing time: Tue 12 Dec 2023 00:00:06 +0000
ROA not before: Mon 11 Dec 2023 23:55:06 +0000
ROA not after: Tue 10 Dec 2024 00:00:06 +0000
asID: 42831
IP address blocks: 5.181.124.0/24 maxlen: 24
5.252.78.0/24 maxlen: 24
37.143.61.0/24 maxlen: 24
181.215.25.0/24 maxlen: 24
181.215.226.0/24 maxlen: 24
181.215.229.0/24 maxlen: 24
191.96.110.0/24 maxlen: 24
191.96.209.0/24 maxlen: 24
191.101.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:e6:68:40:2c:06:07:92:36:02:b3:4a:b5:ac:f0:45:40:9c:e0:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Dec 11 23:55:06 2023 GMT
Not After : Dec 10 00:00:06 2024 GMT
Subject: CN=AAA5A3D14D79BAAFD3671EAC133DA329B417BABC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c5:45:fb:1f:6a:8d:4f:f2:d5:2e:e6:48:ed:
18:55:d7:9c:d5:0d:95:45:21:e3:dc:d5:55:16:b1:
7c:4d:13:8d:63:bc:4a:a6:2c:6a:bf:71:68:12:61:
26:e8:f2:61:0e:0e:89:97:03:21:84:55:5b:7e:36:
10:a6:bf:bf:c8:49:a8:53:85:ca:39:41:d7:41:0a:
22:13:58:c0:a1:c7:b5:48:9d:f7:fd:3d:8e:98:a8:
8d:4c:ce:af:37:93:fe:d1:23:6c:73:44:fd:ce:10:
35:8c:64:ef:6d:3e:04:ba:f3:10:19:bf:47:76:ea:
7e:e0:4c:af:99:6f:31:51:34:ec:32:5e:b5:da:0c:
40:c2:75:34:fe:5d:c4:a2:8b:7b:4b:35:b4:f0:b1:
e5:25:1e:63:54:40:2e:46:6c:eb:56:b6:62:f9:ff:
46:0f:b8:64:b3:97:89:69:0b:07:4b:9b:05:92:f4:
a0:8c:cb:29:fe:4f:f5:c0:31:3f:15:c1:88:54:00:
9e:91:ca:b0:c0:c3:3b:d0:68:c2:5d:59:d2:48:dc:
8e:e4:bf:89:f6:17:1f:61:b2:b8:6a:11:ea:bc:f7:
0e:97:aa:0e:51:5b:56:1f:e5:28:18:4f:4e:93:4e:
bb:56:de:ac:f5:0a:b5:7f:3a:7c:41:8f:0a:ce:bd:
87:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:A5:A3:D1:4D:79:BA:AF:D3:67:1E:AC:13:3D:A3:29:B4:17:BA:BC
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS42831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.124.0/24
5.252.78.0/24
37.143.61.0/24
181.215.25.0/24
181.215.226.0/24
181.215.229.0/24
191.96.110.0/24
191.96.209.0/24
191.101.59.0/24
Signature Algorithm: sha256WithRSAEncryption
83:d7:e2:06:a3:48:59:9b:e6:45:82:b1:3c:a1:f3:1d:b5:2d:
97:c7:9b:00:1f:63:33:c2:73:a1:bc:fa:5b:c3:1d:cf:71:7f:
2f:1b:fc:f8:68:e0:46:ca:27:11:79:88:52:be:84:e0:3a:63:
c3:7e:a9:77:4f:ca:eb:50:1a:4d:4e:21:f9:a7:44:68:06:36:
e1:a3:16:e8:74:95:ec:04:c7:0c:1e:70:2d:6d:fb:65:b3:3a:
c7:81:5d:6e:08:bb:ba:c5:26:11:be:5a:70:ed:28:8b:dd:4c:
88:fb:01:42:33:62:8a:c4:58:f8:51:81:85:4b:8f:ae:4c:84:
1e:29:a5:d6:8d:88:6b:13:3d:eb:b1:78:4e:43:9b:28:c6:59:
73:08:68:07:86:45:d2:ce:91:c6:b0:90:d5:ef:da:87:53:e1:
ac:94:9a:60:1c:89:96:0b:76:27:09:a9:ec:ed:1c:b3:4d:3f:
d5:1d:ca:ba:b7:fe:d1:88:57:59:4e:e6:1e:a7:b3:b8:4d:d5:
b9:12:b4:36:0b:80:0f:8c:30:d6:c0:82:78:a5:5a:67:cf:2c:
45:b0:de:92:49:09:4d:56:e1:6c:86:25:9d:ce:1a:a3:bb:61:
ed:2f:56:f2:db:bb:b0:1f:22:7d:c8:fe:96:ba:01:f3:7b:21:
43:1e:28:fd
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUPeZoQCwGB5I2ArNKtazwRUCc4OUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzEyMTEyMzU1MDZaFw0yNDEyMTAwMDAwMDZaMDMxMTAvBgNV
BAMTKEFBQTVBM0QxNEQ3OUJBQUZEMzY3MUVBQzEzM0RBMzI5QjQxN0JBQkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkxUX7H2qNT/LVLuZI7RhV15zV
DZVFIePc1VUWsXxNE41jvEqmLGq/cWgSYSbo8mEODomXAyGEVVt+NhCmv7/ISahT
hco5QddBCiITWMChx7VInff9PY6YqI1Mzq83k/7RI2xzRP3OEDWMZO9tPgS68xAZ
v0d26n7gTK+ZbzFRNOwyXrXaDEDCdTT+XcSii3tLNbTwseUlHmNUQC5GbOtWtmL5
/0YPuGSzl4lpCwdLmwWS9KCMyyn+T/XAMT8VwYhUAJ6RyrDAwzvQaMJdWdJI3I7k
v4n2Fx9hsrhqEeq89w6Xqg5RW1Yf5SgYT06TTrtW3qz1CrV/OnxBjwrOvYcBAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUqqWj0U15uq/TZx6sEz2jKbQXurwwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDI4MzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTwYIKwYBBQUHAQcBAf8EQDA+MDwEAgABMDYDBAAFtXwD
BAAF/E4DBAAljz0DBAC11xkDBAC11+IDBAC11+UDBAC/YG4DBAC/YNEDBAC/ZTsw
DQYJKoZIhvcNAQELBQADggEBAIPX4gajSFmb5kWCsTyh8x21LZfHmwAfYzPCc6G8
+lvDHc9xfy8b/Pho4EbKJxF5iFK+hOA6Y8N+qXdPyutQGk1OIfmnRGgGNuGjFuh0
lewExwwecC1t+2WzOseBXW4Iu7rFJhG+WnDtKIvdTIj7AUIzYorEWPhRgYVLj65M
hB4ppdaNiGsTPeuxeE5DmyjGWXMIaAeGRdLOkcawkNXv2odT4ayUmmAciZYLdicJ
qeztHLNNP9Udyrq3/tGIV1lO5h6ns7hN1bkStDYLgA+MMNbAgnilWmfPLEWw3pJJ
CU1W4WyGJZ3OGqO7Ye0vVvLbu7AfIn3I/pa6AfN7IUMeKP0=
-----END CERTIFICATE-----
Generated at Sat May 4 03:15:27 2024 by rpki-client on console-fra.rpki-client.org