Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS47583.roa
File: AS47583.roa (raw, json)
Hash identifier: l5COETrYxsvBRZIFbdGoNSILevK4/K25MNovEE3wwME=
Subject key identifier: 68:E1:87:78:51:95:67:6E:8B:41:BC:21:CA:8F:FC:65:24:D6:88:6C
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 064E201473333AD23DD97825FB95AC025491F811
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS47583.roa
Signing time: Wed 14 May 2025 08:54:08 +0000
ROA not before: Wed 14 May 2025 08:49:08 +0000
ROA not after: Wed 13 May 2026 08:54:08 +0000
asID: 47583
IP address blocks: 5.252.75.0/24 maxlen: 24
45.133.178.0/24 maxlen: 24
45.137.158.0/24 maxlen: 24
45.137.159.0/24 maxlen: 24
92.242.187.0/24 maxlen: 24
179.61.188.0/24 maxlen: 24
179.61.189.0/24 maxlen: 24
179.61.219.0/24 maxlen: 24
179.61.246.0/24 maxlen: 24
181.215.68.0/23 maxlen: 24
181.215.78.0/23 maxlen: 24
181.215.134.0/23 maxlen: 24
185.137.92.0/24 maxlen: 24
185.139.1.0/24 maxlen: 24
185.139.2.0/24 maxlen: 24
185.145.38.0/24 maxlen: 24
185.158.107.0/24 maxlen: 24
185.158.132.0/24 maxlen: 24
185.170.58.0/24 maxlen: 24
185.172.57.0/24 maxlen: 24
191.96.1.0/24 maxlen: 24
191.96.31.0/24 maxlen: 24
191.96.53.0/24 maxlen: 24
191.96.54.0/24 maxlen: 24
191.96.56.0/24 maxlen: 24
191.96.57.0/24 maxlen: 24
191.96.63.0/24 maxlen: 24
191.96.144.0/24 maxlen: 24
191.96.159.0/24 maxlen: 24
191.96.234.0/24 maxlen: 24
191.96.244.0/24 maxlen: 24
191.96.251.0/24 maxlen: 24
191.101.0.0/24 maxlen: 24
191.101.1.0/24 maxlen: 24
191.101.2.0/24 maxlen: 24
191.101.3.0/24 maxlen: 24
191.101.12.0/22 maxlen: 24
191.101.18.0/24 maxlen: 24
191.101.32.0/24 maxlen: 24
191.101.70.0/23 maxlen: 24
191.101.78.0/23 maxlen: 24
191.101.80.0/23 maxlen: 24
191.101.104.0/24 maxlen: 24
191.101.228.0/22 maxlen: 24
191.101.232.0/22 maxlen: 24
193.58.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 23:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:4e:20:14:73:33:3a:d2:3d:d9:78:25:fb:95:ac:02:54:91:f8:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 14 08:49:08 2025 GMT
Not After : May 13 08:54:08 2026 GMT
Subject: CN=68E187785195676E8B41BC21CA8FFC6524D6886C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1c:ba:e5:78:26:fb:14:c3:9d:f9:7e:51:63:
4b:29:60:f2:e3:2b:93:78:f4:85:5c:9a:75:cf:53:
27:87:0a:80:2b:5f:c8:15:29:cc:1c:4a:0c:4d:d0:
a4:c8:01:ee:7b:90:86:0c:6b:89:d4:71:c1:4b:e1:
fc:c1:18:a0:78:4f:4e:c9:48:57:2f:c9:25:e5:d2:
05:24:1b:da:02:95:a7:db:f7:83:1c:61:64:f7:8b:
e3:ce:1d:15:9b:4c:e6:05:8f:f2:50:78:c3:62:ee:
b7:4f:2f:85:1c:7c:da:ba:8d:99:10:60:74:c5:3d:
d5:4f:30:3c:2f:ea:08:f1:0b:59:86:16:54:da:56:
bb:3a:a9:14:38:94:38:df:d2:b7:c5:f3:6f:fd:40:
54:3b:fa:7b:5e:38:1a:b0:bf:e4:e6:e6:f0:20:04:
5e:bf:22:58:4c:ef:53:18:d9:17:ff:28:29:9f:6f:
d9:cc:57:ad:1f:13:0c:80:f7:df:59:38:83:74:a4:
06:c6:4d:93:c9:8b:56:a9:ca:89:15:c1:fc:1f:1b:
3c:87:f6:42:42:8d:e6:0c:25:d7:a5:c1:1f:24:b9:
7e:ce:e3:db:8d:d3:3b:97:f1:b7:52:fc:59:53:66:
42:2e:6e:76:5c:01:1e:34:04:e9:d6:ed:d1:b7:4a:
82:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:E1:87:78:51:95:67:6E:8B:41:BC:21:CA:8F:FC:65:24:D6:88:6C
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS47583.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.75.0/24
45.133.178.0/24
45.137.158.0/23
92.242.187.0/24
179.61.188.0/23
179.61.219.0/24
179.61.246.0/24
181.215.68.0/23
181.215.78.0/23
181.215.134.0/23
185.137.92.0/24
185.139.1.0-185.139.2.255
185.145.38.0/24
185.158.107.0/24
185.158.132.0/24
185.170.58.0/24
185.172.57.0/24
191.96.1.0/24
191.96.31.0/24
191.96.53.0-191.96.54.255
191.96.56.0/23
191.96.63.0/24
191.96.144.0/24
191.96.159.0/24
191.96.234.0/24
191.96.244.0/24
191.96.251.0/24
191.101.0.0/22
191.101.12.0/22
191.101.18.0/24
191.101.32.0/24
191.101.70.0/23
191.101.78.0-191.101.81.255
191.101.104.0/24
191.101.228.0-191.101.235.255
193.58.105.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:52:43:63:61:57:89:c3:35:f8:3a:e2:09:08:95:a5:d7:b1:
0c:6f:ad:a9:83:ea:dd:00:62:97:9a:2b:aa:8f:50:36:8e:75:
71:56:c9:fc:f8:b1:cf:a1:3c:fe:01:e7:c4:fa:0f:39:ed:91:
6c:c4:43:69:45:b1:4d:ce:41:a6:03:84:06:e3:4f:4a:3a:0f:
69:8d:a2:91:dc:37:ce:4a:b3:57:c5:0c:e8:14:ec:f7:be:3b:
8d:87:5e:fc:6a:9a:e4:f5:81:23:ad:a3:91:c1:8b:8d:9e:63:
dc:7f:ce:88:90:44:cd:bd:3a:f7:1b:f6:f5:cf:d2:1f:a1:6e:
e3:b1:97:e2:4a:36:8e:d9:f6:7f:29:b4:24:0a:d4:b1:ed:78:
11:2e:d8:35:27:dc:6b:a7:f1:07:d1:99:63:a1:d9:65:32:14:
4a:19:c8:89:c1:94:67:a8:bf:52:b0:4a:95:a1:53:ae:40:1a:
e1:62:de:95:93:b6:f3:10:91:83:57:e8:da:7a:87:01:c7:fd:
51:68:4a:53:97:f1:10:47:80:ab:d0:90:ea:c8:3c:db:eb:04:
bd:9a:7a:a9:fa:0d:a9:97:5b:88:22:f1:e4:62:9b:31:33:c1:
a2:42:b2:63:b4:38:63:7e:b0:5c:11:0f:a6:94:88:69:fe:08:
3b:34:95:d0
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUBk4gFHMzOtI92Xgl+5WsAlSR+BEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA1MTQwODQ5MDhaFw0yNjA1MTMwODU0MDhaMDMxMTAvBgNV
BAMTKDY4RTE4Nzc4NTE5NTY3NkU4QjQxQkMyMUNBOEZGQzY1MjRENjg4NkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVHLrleCb7FMOd+X5RY0spYPLj
K5N49IVcmnXPUyeHCoArX8gVKcwcSgxN0KTIAe57kIYMa4nUccFL4fzBGKB4T07J
SFcvySXl0gUkG9oClafb94McYWT3i+POHRWbTOYFj/JQeMNi7rdPL4UcfNq6jZkQ
YHTFPdVPMDwv6gjxC1mGFlTaVrs6qRQ4lDjf0rfF82/9QFQ7+nteOBqwv+Tm5vAg
BF6/IlhM71MY2Rf/KCmfb9nMV60fEwyA999ZOIN0pAbGTZPJi1apyokVwfwfGzyH
9kJCjeYMJdelwR8kuX7O49uN0zuX8bdS/FlTZkIubnZcAR40BOnW7dG3SoKZAgMB
AAGjggMDMIIC/zAdBgNVHQ4EFgQUaOGHeFGVZ26LQbwhyo/8ZSTWiGwwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDc1ODMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEXBggrBgEFBQcBBwEB/wSCAQYwggECMIH/BAIAATCB
+AMEAAX8SwMEAC2FsgMEAS2JngMEAFzyuwMEAbM9vAMEALM92wMEALM99gMEAbXX
RAMEAbXXTgMEAbXXhgMEALmJXDAMAwQAuYsBAwQAuYsCAwQAuZEmAwQAuZ5rAwQA
uZ6EAwQAuao6AwQAuaw5AwQAv2ABAwQAv2AfMAwDBAC/YDUDBAC/YDYDBAG/YDgD
BAC/YD8DBAC/YJADBAC/YJ8DBAC/YOoDBAC/YPQDBAC/YPsDBAK/ZQADBAK/ZQwD
BAC/ZRIDBAC/ZSADBAG/ZUYwDAMEAb9lTgMEAb9lUAMEAL9laDAMAwQCv2XkAwQC
v2XoAwQAwTppMA0GCSqGSIb3DQEBCwUAA4IBAQCjUkNjYVeJwzX4OuIJCJWl17EM
b62pg+rdAGKXmiuqj1A2jnVxVsn8+LHPoTz+AefE+g857ZFsxENpRbFNzkGmA4QG
409KOg9pjaKR3DfOSrNXxQzoFOz3vjuNh178aprk9YEjraORwYuNnmPcf86IkETN
vTr3G/b1z9IfoW7jsZfiSjaO2fZ/KbQkCtSx7XgRLtg1J9xrp/EH0ZljodllMhRK
GciJwZRnqL9SsEqVoVOuQBrhYt6Vk7bzEJGDV+jaeocBx/1RaEpTl/EQR4Cr0JDq
yDzb6wS9mnqp+g2pl1uIIvHkYpsxM8GiQrJjtDhjfrBcEQ+mlIhp/gg7NJXQ
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:22:21 2025 by rpki-client