Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS42831.roa
File: AS42831.roa (raw, json)
Hash identifier: nsm+9Gmm3d2ne850Y51oALLY/V9+a0W3BuSzS7MfLmY=
Subject key identifier: E3:D3:70:87:9A:C0:C6:D2:DB:03:E5:A4:A9:CF:37:89:87:9D:C9:DB
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3A95E96379197E1EF23F899D88B27C3AA4EA7E42
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS42831.roa
Signing time: Mon 11 Nov 2024 22:56:36 +0000
ROA not before: Mon 11 Nov 2024 22:51:36 +0000
ROA not after: Mon 10 Nov 2025 22:56:36 +0000
asID: 42831
IP address blocks: 5.181.124.0/24 maxlen: 24
5.252.78.0/24 maxlen: 24
37.143.61.0/24 maxlen: 24
181.215.25.0/24 maxlen: 24
181.215.140.0/24 maxlen: 24
181.215.226.0/24 maxlen: 24
181.215.229.0/24 maxlen: 24
191.96.110.0/24 maxlen: 24
191.96.209.0/24 maxlen: 24
191.101.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:95:e9:63:79:19:7e:1e:f2:3f:89:9d:88:b2:7c:3a:a4:ea:7e:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Nov 11 22:51:36 2024 GMT
Not After : Nov 10 22:56:36 2025 GMT
Subject: CN=E3D370879AC0C6D2DB03E5A4A9CF3789879DC9DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6c:92:df:d2:a7:65:ac:2f:de:26:fd:54:d0:
71:43:9b:54:61:a6:b8:8a:b8:e7:38:9b:2b:42:3c:
9e:22:ea:4c:e5:1b:ec:0d:c5:15:c7:63:09:39:d6:
b1:df:5e:55:c0:69:75:1e:c9:2b:28:13:29:bc:85:
25:85:da:f4:72:ef:d7:cc:07:7d:e0:27:9a:d2:5c:
f4:08:68:1e:f1:7a:23:8a:e7:83:7c:e5:1b:81:d2:
f0:02:a6:51:03:a5:0b:9d:44:1b:82:ad:a4:1d:2d:
5d:3c:7d:54:0a:ff:cf:47:59:43:07:de:2f:9a:ca:
61:a8:df:e2:af:ea:4d:40:6b:24:36:6d:a2:fa:40:
e9:d8:a2:98:b8:65:18:27:ea:be:cd:41:eb:a2:dc:
3e:71:bd:58:05:ca:85:46:01:5b:0d:d4:24:fb:c6:
33:8c:e6:48:83:6f:6c:99:cf:7f:d1:ab:e3:51:1e:
e6:01:fb:c4:8f:c0:a5:97:2c:ec:26:df:6c:89:63:
ab:44:eb:1c:5e:4b:c3:26:a9:ba:8f:5a:72:62:5d:
92:2b:eb:5e:28:90:6e:e7:52:06:24:5d:46:5d:01:
9f:22:f4:11:b8:d5:e2:a7:8f:c4:78:a9:dc:b0:65:
59:84:05:0e:44:7a:5c:d6:67:c0:81:9c:9d:96:29:
28:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:D3:70:87:9A:C0:C6:D2:DB:03:E5:A4:A9:CF:37:89:87:9D:C9:DB
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS42831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.124.0/24
5.252.78.0/24
37.143.61.0/24
181.215.25.0/24
181.215.140.0/24
181.215.226.0/24
181.215.229.0/24
191.96.110.0/24
191.96.209.0/24
191.101.59.0/24
Signature Algorithm: sha256WithRSAEncryption
44:7d:09:cd:9c:c6:be:86:d2:b3:59:23:15:ed:15:4e:a4:dc:
5e:db:0a:6b:b4:94:cd:cc:24:f3:43:3f:18:42:af:60:5b:00:
2f:7e:ab:5f:21:55:76:d3:f6:cb:e5:b0:94:d6:d5:b6:e7:38:
35:dc:eb:66:27:f8:46:81:16:e9:af:4e:d1:ee:81:d3:62:3f:
fe:83:38:16:a2:56:be:9e:a3:17:e1:81:eb:54:d2:eb:a1:d4:
07:fd:e3:7f:ad:0e:60:3a:9d:8b:d4:f7:71:91:12:8c:24:15:
a2:c2:cc:e2:72:27:51:e7:15:f1:19:ca:b5:2e:57:59:30:64:
7f:da:b9:ad:e5:a6:a0:bf:4e:b7:94:7f:f4:84:0e:39:ad:0b:
ce:8c:9a:33:69:f4:b1:61:fa:31:40:d3:d8:b3:53:43:f4:72:
a6:1b:3d:db:84:8e:e7:a9:c3:55:53:b0:8c:ee:b7:23:45:f4:
5e:0a:21:d1:f8:08:ea:cb:8d:27:36:92:db:f6:74:90:8f:61:
98:53:6d:51:4c:89:d5:51:03:c1:9b:e3:03:89:e4:25:4c:85:
d8:a5:cc:3b:af:cb:52:37:b6:02:d1:a3:f7:63:01:d9:97:3e:
82:4e:64:30:65:8c:8b:ea:5a:8e:44:67:38:c1:30:de:67:1e:
d1:bd:0b:ca
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOpXpY3kZfh7yP4mdiLJ8OqTqfkIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDExMTEyMjUxMzZaFw0yNTExMTAyMjU2MzZaMDMxMTAvBgNV
BAMTKEUzRDM3MDg3OUFDMEM2RDJEQjAzRTVBNEE5Q0YzNzg5ODc5REM5REIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDObJLf0qdlrC/eJv1U0HFDm1Rh
priKuOc4mytCPJ4i6kzlG+wNxRXHYwk51rHfXlXAaXUeySsoEym8hSWF2vRy79fM
B33gJ5rSXPQIaB7xeiOK54N85RuB0vACplEDpQudRBuCraQdLV08fVQK/89HWUMH
3i+aymGo3+Kv6k1AayQ2baL6QOnYopi4ZRgn6r7NQeui3D5xvVgFyoVGAVsN1CT7
xjOM5kiDb2yZz3/Rq+NRHuYB+8SPwKWXLOwm32yJY6tE6xxeS8MmqbqPWnJiXZIr
614okG7nUgYkXUZdAZ8i9BG41eKnj8R4qdywZVmEBQ5EelzWZ8CBnJ2WKSj9AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU49Nwh5rAxtLbA+Wkqc83iYedydswHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDI4MzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVQYIKwYBBQUHAQcBAf8ERjBEMEIEAgABMDwDBAAFtXwD
BAAF/E4DBAAljz0DBAC11xkDBAC114wDBAC11+IDBAC11+UDBAC/YG4DBAC/YNED
BAC/ZTswDQYJKoZIhvcNAQELBQADggEBAER9Cc2cxr6G0rNZIxXtFU6k3F7bCmu0
lM3MJPNDPxhCr2BbAC9+q18hVXbT9svlsJTW1bbnODXc62Yn+EaBFumvTtHugdNi
P/6DOBaiVr6eoxfhgetU0uuh1Af943+tDmA6nYvU93GREowkFaLCzOJyJ1HnFfEZ
yrUuV1kwZH/aua3lpqC/TreUf/SEDjmtC86MmjNp9LFh+jFA09izU0P0cqYbPduE
juepw1VTsIzutyNF9F4KIdH4COrLjSc2ktv2dJCPYZhTbVFMidVRA8Gb4wOJ5CVM
hdilzDuvy1I3tgLRo/djAdmXPoJOZDBljIvqWo5EZzjBMN5nHtG9C8o=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:39:59 2024 by rpki-client on console-ams.rpki-client.org