Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS57043.roa
File: AS57043.roa (raw, json)
Hash identifier: OnAE2ZS3YTSaO7Jf+WAdI9mLES2kZDL2T9PXOIZhqtw=
Subject key identifier: B6:9C:C2:EA:96:57:3D:27:9A:A7:A9:26:B7:E5:4F:49:1A:DE:9E:BB
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 6F61A5CCB782F559FE750D1AAE1F9E5BA9F2FE82
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS57043.roa
Signing time: Tue 26 Nov 2024 08:05:07 +0000
ROA not before: Tue 26 Nov 2024 08:00:07 +0000
ROA not after: Tue 25 Nov 2025 08:05:07 +0000
asID: 57043
IP address blocks: 191.101.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:61:a5:cc:b7:82:f5:59:fe:75:0d:1a:ae:1f:9e:5b:a9:f2:fe:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Nov 26 08:00:07 2024 GMT
Not After : Nov 25 08:05:07 2025 GMT
Subject: CN=B69CC2EA96573D279AA7A926B7E54F491ADE9EBB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5b:ef:0a:df:24:83:49:d1:8c:82:65:3b:49:
ac:7a:83:21:55:ff:49:9c:b7:b2:9d:68:3d:cd:07:
c4:e3:97:9e:93:b9:9a:be:17:cc:4b:ec:82:da:67:
ec:dc:21:ab:36:18:6b:ac:1a:24:5a:30:de:52:95:
56:db:ba:2b:41:12:67:96:c0:22:6f:ea:92:de:ac:
5c:f2:05:94:7b:7d:c7:ef:1c:2d:c9:02:f6:ea:74:
9b:94:ea:77:b9:8b:3c:1f:1f:1a:11:d7:0c:00:b5:
77:c4:1f:46:cf:56:31:cc:db:05:f7:09:e0:9b:0e:
e3:25:60:34:16:55:b6:2b:60:35:97:22:ad:ad:f3:
3f:28:ad:89:8b:3e:23:56:02:7e:c0:cb:c3:3a:8e:
41:37:7c:ca:e7:0b:80:ec:2f:fe:35:b6:47:f5:8a:
e1:65:d3:4d:fe:d9:a9:b5:71:0c:77:e6:e3:f5:1e:
17:84:3e:5c:6c:37:2b:71:06:75:07:06:ff:b2:a4:
c9:f3:e3:72:4b:fd:5c:1d:f9:bd:e6:a5:ef:8e:44:
df:6b:70:68:d6:cc:58:e2:88:66:5d:3a:44:a2:e2:
95:40:e1:b4:62:ee:37:42:cb:e2:5a:7b:fd:ef:aa:
98:eb:89:27:9a:96:40:98:e2:d5:d0:2e:7b:01:3f:
95:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:9C:C2:EA:96:57:3D:27:9A:A7:A9:26:B7:E5:4F:49:1A:DE:9E:BB
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS57043.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.101.113.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:a3:dd:e7:df:a5:f7:db:88:07:d5:32:62:18:99:43:76:61:
d2:e6:59:35:57:9a:89:c0:92:e2:2c:33:64:7e:8a:20:bd:0a:
df:42:b9:f3:8c:3b:2a:bd:b0:a9:cc:10:c9:e1:e8:b8:ba:32:
bd:c2:b3:7c:c3:67:a8:ce:9c:03:9d:b2:19:04:9e:4d:09:85:
7e:79:eb:6c:d8:bf:cc:3e:17:4b:d4:e6:16:92:48:89:c9:4b:
b4:0e:1a:9c:98:a0:b8:ea:1b:f9:26:52:38:00:31:90:e0:10:
2e:be:1b:16:05:65:24:b0:dd:6d:ab:8a:51:fc:8f:9b:2a:17:
0c:78:cd:06:8f:71:7a:1e:ed:7c:2d:eb:5c:35:24:41:87:86:
b1:b6:74:63:d9:0f:53:53:e0:8c:a5:cd:71:3a:28:27:bc:df:
38:1a:1c:64:40:32:8b:18:b9:3b:61:5b:57:21:85:fc:2e:17:
92:83:74:78:d7:56:62:55:72:b1:4c:ec:9b:98:08:ef:8c:4c:
b9:25:36:46:54:58:4e:75:25:38:5b:e6:3b:84:85:fc:95:3c:
87:ca:10:30:89:75:cb:36:dc:02:72:38:9c:73:52:80:63:aa:
3b:e2:8e:a4:26:6f:5d:b7:f7:24:02:75:f0:bd:e4:aa:83:77:
8e:bb:df:60
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUb2GlzLeC9Vn+dQ0arh+eW6ny/oIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDExMjYwODAwMDdaFw0yNTExMjUwODA1MDdaMDMxMTAvBgNV
BAMTKEI2OUNDMkVBOTY1NzNEMjc5QUE3QTkyNkI3RTU0RjQ5MUFERTlFQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUW+8K3ySDSdGMgmU7Sax6gyFV
/0mct7KdaD3NB8Tjl56TuZq+F8xL7ILaZ+zcIas2GGusGiRaMN5SlVbbuitBEmeW
wCJv6pLerFzyBZR7fcfvHC3JAvbqdJuU6ne5izwfHxoR1wwAtXfEH0bPVjHM2wX3
CeCbDuMlYDQWVbYrYDWXIq2t8z8orYmLPiNWAn7Ay8M6jkE3fMrnC4DsL/41tkf1
iuFl003+2am1cQx35uP1HheEPlxsNytxBnUHBv+ypMnz43JL/Vwd+b3mpe+ORN9r
cGjWzFjiiGZdOkSi4pVA4bRi7jdCy+Jae/3vqpjriSealkCY4tXQLnsBP5U5AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUtpzC6pZXPSeap6kmt+VPSRrenrswHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNTcwNDMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC/ZXEw
DQYJKoZIhvcNAQELBQADggEBAAqj3effpffbiAfVMmIYmUN2YdLmWTVXmonAkuIs
M2R+iiC9Ct9CufOMOyq9sKnMEMnh6Li6Mr3Cs3zDZ6jOnAOdshkEnk0JhX5562zY
v8w+F0vU5haSSInJS7QOGpyYoLjqG/kmUjgAMZDgEC6+GxYFZSSw3W2rilH8j5sq
Fwx4zQaPcXoe7Xwt61w1JEGHhrG2dGPZD1NT4IylzXE6KCe83zgaHGRAMosYuTth
W1chhfwuF5KDdHjXVmJVcrFM7JuYCO+MTLklNkZUWE51JThb5juEhfyVPIfKEDCJ
dcs23AJyOJxzUoBjqjvijqQmb1239yQCdfC95KqDd46732A=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:53:49 2025 by rpki-client