Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS47583.roa
File: AS47583.roa (raw, json)
Hash identifier: epT6/dwy4ZwzSkO24lu79EZT0zkQNxEeNxw2rYKkS2M=
Subject key identifier: 60:0A:29:67:91:13:F6:6A:E3:88:1D:8B:A0:51:0E:1F:64:DA:FF:45
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3F6AC5EF8AA2ADA3898A82CD0759201944B4452E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS47583.roa
Signing time: Wed 12 Jun 2024 08:04:22 +0000
ROA not before: Wed 12 Jun 2024 07:59:22 +0000
ROA not after: Wed 11 Jun 2025 08:04:22 +0000
asID: 47583
IP address blocks: 5.252.75.0/24 maxlen: 24
45.133.178.0/24 maxlen: 24
45.137.158.0/24 maxlen: 24
45.137.159.0/24 maxlen: 24
92.242.187.0/24 maxlen: 24
179.61.188.0/24 maxlen: 24
179.61.189.0/24 maxlen: 24
179.61.219.0/24 maxlen: 24
179.61.246.0/24 maxlen: 24
181.215.68.0/23 maxlen: 24
181.215.78.0/23 maxlen: 24
181.215.134.0/23 maxlen: 24
185.137.92.0/24 maxlen: 24
185.139.1.0/24 maxlen: 24
185.139.2.0/24 maxlen: 24
185.145.38.0/24 maxlen: 24
185.158.107.0/24 maxlen: 24
185.158.132.0/24 maxlen: 24
185.170.58.0/24 maxlen: 24
185.172.57.0/24 maxlen: 24
191.96.1.0/24 maxlen: 24
191.96.31.0/24 maxlen: 24
191.96.53.0/24 maxlen: 24
191.96.54.0/24 maxlen: 24
191.96.56.0/24 maxlen: 24
191.96.57.0/24 maxlen: 24
191.96.63.0/24 maxlen: 24
191.96.144.0/24 maxlen: 24
191.96.159.0/24 maxlen: 24
191.96.234.0/24 maxlen: 24
191.96.244.0/24 maxlen: 24
191.96.251.0/24 maxlen: 24
191.101.0.0/24 maxlen: 24
191.101.1.0/24 maxlen: 24
191.101.2.0/24 maxlen: 24
191.101.3.0/24 maxlen: 24
191.101.12.0/22 maxlen: 24
191.101.18.0/24 maxlen: 24
191.101.32.0/24 maxlen: 24
191.101.70.0/23 maxlen: 24
191.101.78.0/23 maxlen: 24
191.101.80.0/23 maxlen: 24
191.101.104.0/24 maxlen: 24
191.101.228.0/22 maxlen: 24
191.101.232.0/22 maxlen: 24
193.58.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:6a:c5:ef:8a:a2:ad:a3:89:8a:82:cd:07:59:20:19:44:b4:45:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 12 07:59:22 2024 GMT
Not After : Jun 11 08:04:22 2025 GMT
Subject: CN=600A29679113F66AE3881D8BA0510E1F64DAFF45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:33:20:c9:c2:29:84:11:d5:38:03:f8:e2:d2:
85:ae:03:40:4d:c6:05:18:07:04:95:4f:5a:dd:81:
28:eb:1d:59:d2:51:94:68:15:8c:7b:6a:e5:b5:67:
cc:64:5a:d8:87:a6:9d:23:7c:94:4a:ce:16:00:44:
81:3e:56:df:ed:5c:12:52:c0:15:40:26:84:1d:55:
f0:09:f5:16:36:29:2d:50:5e:cb:50:57:d3:61:98:
09:fa:50:29:69:67:35:09:04:97:03:d8:98:0e:4a:
a7:b4:35:4b:f0:db:fa:0b:02:46:bb:4f:62:86:67:
b8:15:8a:52:2b:d0:bd:77:ad:1e:9a:41:19:57:b5:
1b:4f:54:cd:13:7e:36:41:27:c4:69:53:b5:55:59:
4f:22:23:8d:61:eb:9f:3a:ef:b5:b8:f1:9b:19:19:
a0:fc:d0:bb:37:d1:26:78:c8:eb:f7:0c:8f:c2:10:
20:7d:7a:dd:fd:b8:ff:5c:c6:d1:a5:bf:11:96:99:
35:d2:ff:ab:a3:8a:de:90:c2:8b:d1:69:e5:93:cd:
fa:4b:95:b1:46:4e:8c:e1:65:31:32:29:a3:10:16:
4f:e3:85:0e:85:23:dc:e7:c9:92:da:5f:81:74:63:
52:ee:dc:89:1b:4e:e8:d1:7a:77:28:7d:d6:1e:24:
5b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:0A:29:67:91:13:F6:6A:E3:88:1D:8B:A0:51:0E:1F:64:DA:FF:45
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS47583.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.75.0/24
45.133.178.0/24
45.137.158.0/23
92.242.187.0/24
179.61.188.0/23
179.61.219.0/24
179.61.246.0/24
181.215.68.0/23
181.215.78.0/23
181.215.134.0/23
185.137.92.0/24
185.139.1.0-185.139.2.255
185.145.38.0/24
185.158.107.0/24
185.158.132.0/24
185.170.58.0/24
185.172.57.0/24
191.96.1.0/24
191.96.31.0/24
191.96.53.0-191.96.54.255
191.96.56.0/23
191.96.63.0/24
191.96.144.0/24
191.96.159.0/24
191.96.234.0/24
191.96.244.0/24
191.96.251.0/24
191.101.0.0/22
191.101.12.0/22
191.101.18.0/24
191.101.32.0/24
191.101.70.0/23
191.101.78.0-191.101.81.255
191.101.104.0/24
191.101.228.0-191.101.235.255
193.58.105.0/24
Signature Algorithm: sha256WithRSAEncryption
85:a4:5e:e8:07:8a:3c:61:bb:06:93:47:86:de:8d:7c:e8:cb:
e8:13:2f:7b:de:84:7c:4d:bd:17:31:7f:cc:5b:24:6b:63:a8:
a4:42:59:37:10:61:77:48:5b:18:a3:40:f2:a6:63:3f:70:62:
9e:94:bf:ff:14:78:86:c8:84:ee:ee:d4:cd:00:fa:6c:16:f3:
f4:3f:4c:a5:9c:bd:66:05:d5:f8:02:4c:5b:ab:00:07:a8:54:
dc:e6:81:12:40:ae:de:b0:e4:8b:44:be:c3:1f:f6:f0:86:8f:
c7:3e:0b:81:74:3b:5f:e5:18:55:4e:f3:59:4e:b7:ad:02:0e:
ed:b8:39:f0:fa:8b:de:93:81:30:72:89:68:26:e6:23:18:b6:
40:93:85:aa:1f:87:aa:80:09:af:5e:12:78:73:90:78:81:00:
7b:dc:4d:ee:1b:62:ba:6d:ee:de:29:ba:86:7d:c2:35:f2:f3:
3c:a0:39:7d:97:e6:44:46:58:e0:a1:e5:dd:03:0e:88:dc:be:
fc:c5:ed:d2:1e:aa:61:ca:1d:fa:0c:c3:3d:7c:47:00:68:36:
08:09:04:75:59:27:89:04:e6:18:7c:76:51:b6:fa:71:eb:b4:
ad:20:23:bf:36:54:82:78:c7:70:de:70:3e:55:e3:fe:da:23:
25:45:ce:f5
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUP2rF74qiraOJioLNB1kgGUS0RS4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA2MTIwNzU5MjJaFw0yNTA2MTEwODA0MjJaMDMxMTAvBgNV
BAMTKDYwMEEyOTY3OTExM0Y2NkFFMzg4MUQ4QkEwNTEwRTFGNjREQUZGNDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTMyDJwimEEdU4A/ji0oWuA0BN
xgUYBwSVT1rdgSjrHVnSUZRoFYx7auW1Z8xkWtiHpp0jfJRKzhYARIE+Vt/tXBJS
wBVAJoQdVfAJ9RY2KS1QXstQV9NhmAn6UClpZzUJBJcD2JgOSqe0NUvw2/oLAka7
T2KGZ7gVilIr0L13rR6aQRlXtRtPVM0TfjZBJ8RpU7VVWU8iI41h658677W48ZsZ
GaD80Ls30SZ4yOv3DI/CECB9et39uP9cxtGlvxGWmTXS/6ujit6QwovRaeWTzfpL
lbFGTozhZTEyKaMQFk/jhQ6FI9znyZLaX4F0Y1Lu3IkbTujRencofdYeJFvdAgMB
AAGjggMDMIIC/zAdBgNVHQ4EFgQUYAopZ5ET9mrjiB2LoFEOH2Ta/0UwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDc1ODMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEXBggrBgEFBQcBBwEB/wSCAQYwggECMIH/BAIAATCB
+AMEAAX8SwMEAC2FsgMEAS2JngMEAFzyuwMEAbM9vAMEALM92wMEALM99gMEAbXX
RAMEAbXXTgMEAbXXhgMEALmJXDAMAwQAuYsBAwQAuYsCAwQAuZEmAwQAuZ5rAwQA
uZ6EAwQAuao6AwQAuaw5AwQAv2ABAwQAv2AfMAwDBAC/YDUDBAC/YDYDBAG/YDgD
BAC/YD8DBAC/YJADBAC/YJ8DBAC/YOoDBAC/YPQDBAC/YPsDBAK/ZQADBAK/ZQwD
BAC/ZRIDBAC/ZSADBAG/ZUYwDAMEAb9lTgMEAb9lUAMEAL9laDAMAwQCv2XkAwQC
v2XoAwQAwTppMA0GCSqGSIb3DQEBCwUAA4IBAQCFpF7oB4o8YbsGk0eG3o186Mvo
Ey973oR8Tb0XMX/MWyRrY6ikQlk3EGF3SFsYo0DypmM/cGKelL//FHiGyITu7tTN
APpsFvP0P0ylnL1mBdX4AkxbqwAHqFTc5oESQK7esOSLRL7DH/bwho/HPguBdDtf
5RhVTvNZTretAg7tuDnw+ovek4EwcoloJuYjGLZAk4WqH4eqgAmvXhJ4c5B4gQB7
3E3uG2K6be7eKbqGfcI18vM8oDl9l+ZERljgoeXdAw6I3L78xe3SHqphyh36DMM9
fEcAaDYICQR1WSeJBOYYfHZRtvpx67StICO/NlSCeMdw3nA+VeP+2iMlRc71
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:44:48 2024 by rpki-client on console-fra.rpki-client.org