Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS47583.roa
File: AS47583.roa (raw, json)
Hash identifier: uzEsFU+BygfASIfEyj8+Uw8jt8pHkHUD/jri6/+HI6s=
Subject key identifier: 5A:1F:46:60:6A:FA:FF:09:48:DD:4E:64:AE:78:8E:C6:DC:C8:82:B9
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 1AF17452A902E7158934439CDE7841F16F6056E4
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS47583.roa
Signing time: Mon 12 Feb 2024 14:27:13 +0000
ROA not before: Mon 12 Feb 2024 14:22:13 +0000
ROA not after: Mon 10 Feb 2025 14:27:13 +0000
asID: 47583
IP address blocks: 5.252.75.0/24 maxlen: 24
45.133.178.0/24 maxlen: 24
45.137.158.0/24 maxlen: 24
45.137.159.0/24 maxlen: 24
92.242.187.0/24 maxlen: 24
179.61.188.0/24 maxlen: 24
179.61.189.0/24 maxlen: 24
179.61.219.0/24 maxlen: 24
179.61.246.0/24 maxlen: 24
181.215.68.0/23 maxlen: 24
181.215.78.0/23 maxlen: 24
181.215.134.0/23 maxlen: 23
185.137.92.0/24 maxlen: 24
185.139.1.0/24 maxlen: 24
185.139.2.0/24 maxlen: 24
185.145.38.0/24 maxlen: 24
185.158.107.0/24 maxlen: 24
185.158.132.0/24 maxlen: 24
185.170.58.0/24 maxlen: 24
185.172.57.0/24 maxlen: 24
191.96.1.0/24 maxlen: 24
191.96.31.0/24 maxlen: 24
191.96.53.0/24 maxlen: 24
191.96.54.0/24 maxlen: 24
191.96.56.0/24 maxlen: 24
191.96.57.0/24 maxlen: 24
191.96.63.0/24 maxlen: 24
191.96.144.0/24 maxlen: 24
191.96.159.0/24 maxlen: 24
191.96.234.0/24 maxlen: 24
191.96.244.0/24 maxlen: 24
191.96.251.0/24 maxlen: 24
191.101.0.0/24 maxlen: 24
191.101.1.0/24 maxlen: 24
191.101.2.0/24 maxlen: 24
191.101.3.0/24 maxlen: 24
191.101.12.0/22 maxlen: 22
191.101.18.0/24 maxlen: 24
191.101.32.0/24 maxlen: 24
191.101.70.0/23 maxlen: 24
191.101.78.0/23 maxlen: 24
191.101.80.0/23 maxlen: 24
191.101.104.0/24 maxlen: 24
191.101.228.0/22 maxlen: 24
191.101.232.0/22 maxlen: 24
193.58.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:f1:74:52:a9:02:e7:15:89:34:43:9c:de:78:41:f1:6f:60:56:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Feb 12 14:22:13 2024 GMT
Not After : Feb 10 14:27:13 2025 GMT
Subject: CN=5A1F46606AFAFF0948DD4E64AE788EC6DCC882B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:2c:74:8a:32:d8:17:fc:67:93:9c:23:09:8a:
4b:99:89:b3:9b:4e:73:e4:5f:a6:c4:aa:d1:7b:61:
55:7d:f4:d9:05:4b:0d:5c:d6:53:0a:ae:bd:21:22:
84:e8:1f:22:96:46:a4:a6:91:93:af:7b:dd:e3:44:
1d:2c:92:55:f4:09:e3:88:aa:2b:38:d1:c9:c0:4f:
31:0b:44:78:6c:fa:6e:29:2a:90:03:7f:c0:25:c8:
7b:55:e1:68:ac:cd:76:08:6e:61:1f:0f:20:ea:0b:
e5:9a:d1:1a:5c:b9:9a:51:4a:74:e9:cd:08:e2:23:
fb:ac:bc:95:72:ae:10:ab:d3:e4:59:27:ac:d6:f8:
b8:f6:aa:eb:71:9b:d3:a5:f1:60:47:09:18:ec:04:
fb:f1:af:69:4a:16:8a:9a:ee:e3:24:3f:2c:91:49:
46:ab:6e:db:b3:fa:f1:43:21:e6:9d:52:a0:49:9a:
8c:53:0a:30:6b:d0:5a:56:bf:cf:6b:b4:56:98:aa:
f3:1a:d9:74:e3:6a:f9:14:f2:05:59:ba:6d:53:ce:
fc:4d:03:c1:6c:2b:49:c4:79:24:4a:08:97:b5:95:
4f:74:13:f0:85:01:bb:47:9a:16:b4:a1:4e:88:f6:
0a:2c:65:bd:ba:cc:80:95:53:b1:b7:38:b8:99:86:
50:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:1F:46:60:6A:FA:FF:09:48:DD:4E:64:AE:78:8E:C6:DC:C8:82:B9
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS47583.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.75.0/24
45.133.178.0/24
45.137.158.0/23
92.242.187.0/24
179.61.188.0/23
179.61.219.0/24
179.61.246.0/24
181.215.68.0/23
181.215.78.0/23
181.215.134.0/23
185.137.92.0/24
185.139.1.0-185.139.2.255
185.145.38.0/24
185.158.107.0/24
185.158.132.0/24
185.170.58.0/24
185.172.57.0/24
191.96.1.0/24
191.96.31.0/24
191.96.53.0-191.96.54.255
191.96.56.0/23
191.96.63.0/24
191.96.144.0/24
191.96.159.0/24
191.96.234.0/24
191.96.244.0/24
191.96.251.0/24
191.101.0.0/22
191.101.12.0/22
191.101.18.0/24
191.101.32.0/24
191.101.70.0/23
191.101.78.0-191.101.81.255
191.101.104.0/24
191.101.228.0-191.101.235.255
193.58.105.0/24
Signature Algorithm: sha256WithRSAEncryption
49:75:bb:e9:dd:df:95:12:08:fd:c8:0c:0c:49:7b:bf:59:c9:
b3:34:0e:f4:8a:e1:93:dc:23:1b:1d:b8:92:6a:70:5e:9a:82:
e0:57:74:84:03:85:3c:a8:de:94:f4:88:72:28:0e:28:ef:5d:
af:d3:fa:c6:31:66:76:ba:9a:40:31:30:19:ad:95:c2:58:8d:
26:93:17:31:a5:93:fa:b9:3e:99:5a:a9:2c:02:b5:3d:d8:dc:
77:33:ec:17:60:dc:7b:34:2c:52:70:6b:b8:83:e5:25:40:a5:
3f:4f:dc:86:5f:22:da:c8:90:ce:10:3e:32:f3:8b:5b:26:a2:
d5:a8:30:92:16:9d:22:2b:4c:9f:13:1f:9e:3e:48:c9:a5:63:
1f:a1:af:c1:a6:69:fb:5f:cd:67:a7:cc:99:c5:42:82:af:a0:
fb:c3:ef:60:d1:bf:0d:1b:95:11:e2:4f:16:5d:66:02:6c:76:
df:ce:2d:71:d4:5f:56:4b:d2:64:c2:8a:7e:76:76:ed:5b:81:
3f:00:a5:67:a2:a5:4e:ed:c3:c6:53:f7:94:8b:22:d0:14:a8:
dc:70:81:60:65:3b:98:ce:be:aa:a7:e7:b0:e3:1b:cc:ab:05:
1b:b7:2d:67:9a:ee:52:23:a2:0c:ec:3a:fa:a5:38:7d:52:c8:
69:bf:8f:28
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUGvF0UqkC5xWJNEOc3nhB8W9gVuQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAyMTIxNDIyMTNaFw0yNTAyMTAxNDI3MTNaMDMxMTAvBgNV
BAMTKDVBMUY0NjYwNkFGQUZGMDk0OERENEU2NEFFNzg4RUM2RENDODgyQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTLHSKMtgX/GeTnCMJikuZibOb
TnPkX6bEqtF7YVV99NkFSw1c1lMKrr0hIoToHyKWRqSmkZOve93jRB0sklX0CeOI
qis40cnATzELRHhs+m4pKpADf8AlyHtV4WiszXYIbmEfDyDqC+Wa0RpcuZpRSnTp
zQjiI/usvJVyrhCr0+RZJ6zW+Lj2qutxm9Ol8WBHCRjsBPvxr2lKFoqa7uMkPyyR
SUarbtuz+vFDIeadUqBJmoxTCjBr0FpWv89rtFaYqvMa2XTjavkU8gVZum1TzvxN
A8FsK0nEeSRKCJe1lU90E/CFAbtHmha0oU6I9gosZb26zICVU7G3OLiZhlANAgMB
AAGjggMDMIIC/zAdBgNVHQ4EFgQUWh9GYGr6/wlI3U5krniOxtzIgrkwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDc1ODMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEXBggrBgEFBQcBBwEB/wSCAQYwggECMIH/BAIAATCB
+AMEAAX8SwMEAC2FsgMEAS2JngMEAFzyuwMEAbM9vAMEALM92wMEALM99gMEAbXX
RAMEAbXXTgMEAbXXhgMEALmJXDAMAwQAuYsBAwQAuYsCAwQAuZEmAwQAuZ5rAwQA
uZ6EAwQAuao6AwQAuaw5AwQAv2ABAwQAv2AfMAwDBAC/YDUDBAC/YDYDBAG/YDgD
BAC/YD8DBAC/YJADBAC/YJ8DBAC/YOoDBAC/YPQDBAC/YPsDBAK/ZQADBAK/ZQwD
BAC/ZRIDBAC/ZSADBAG/ZUYwDAMEAb9lTgMEAb9lUAMEAL9laDAMAwQCv2XkAwQC
v2XoAwQAwTppMA0GCSqGSIb3DQEBCwUAA4IBAQBJdbvp3d+VEgj9yAwMSXu/Wcmz
NA70iuGT3CMbHbiSanBemoLgV3SEA4U8qN6U9IhyKA4o712v0/rGMWZ2uppAMTAZ
rZXCWI0mkxcxpZP6uT6ZWqksArU92Nx3M+wXYNx7NCxScGu4g+UlQKU/T9yGXyLa
yJDOED4y84tbJqLVqDCSFp0iK0yfEx+ePkjJpWMfoa/Bpmn7X81np8yZxUKCr6D7
w+9g0b8NG5UR4k8WXWYCbHbfzi1x1F9WS9Jkwop+dnbtW4E/AKVnoqVO7cPGU/eU
iyLQFKjccIFgZTuYzr6qp+ew4xvMqwUbty1nmu5SI6IM7Dr6pTh9Ushpv48o
-----END CERTIFICATE-----
Generated at Fri May 10 16:27:12 2024 by rpki-client on console-fra.rpki-client.org