Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS57043.roa
File: AS57043.roa (raw, json)
Hash identifier: N60eZGd0UGVUJyUYNFl3q5Cnmik9M5huykvTGAejm2Q=
Subject key identifier: C6:8A:04:E8:39:A5:56:E3:0E:56:74:97:1D:42:F7:CF:46:34:41:2A
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 15077A66D46411256837C14CA174CE5F90D55E81
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS57043.roa
Signing time: Wed 06 Mar 2024 18:17:45 +0000
ROA not before: Wed 06 Mar 2024 18:12:45 +0000
ROA not after: Wed 05 Mar 2025 18:17:45 +0000
asID: 57043
IP address blocks: 45.89.253.0/24 maxlen: 24
191.101.113.0/24 maxlen: 24
194.110.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:07:7a:66:d4:64:11:25:68:37:c1:4c:a1:74:ce:5f:90:d5:5e:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 6 18:12:45 2024 GMT
Not After : Mar 5 18:17:45 2025 GMT
Subject: CN=C68A04E839A556E30E5674971D42F7CF4634412A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:83:c8:4d:78:9d:99:3b:a2:47:b6:3c:df:12:
18:48:fe:f6:ab:82:f1:d5:06:09:ea:16:b9:61:33:
49:77:7d:26:cf:8b:a9:85:78:fd:dc:93:5d:2a:9e:
43:16:84:57:c8:fb:f1:fc:4a:5e:7d:9c:78:e2:c8:
6d:d3:24:c4:bd:bc:45:e9:e4:3c:65:b1:c3:ba:5b:
0a:39:d0:0e:ec:be:4c:bc:2f:f1:d8:98:3a:b8:51:
a0:ee:9a:af:b7:80:e6:df:2d:74:48:26:a4:1c:8e:
24:13:66:4e:e6:76:b8:66:53:85:d4:2d:cb:ba:0d:
10:10:b1:ae:a7:24:1e:cb:f5:1f:b0:6b:aa:eb:b6:
7b:71:50:85:a6:af:82:25:51:6a:e3:08:6c:73:22:
8c:93:25:8e:30:4c:6b:02:10:67:0d:85:c6:78:eb:
08:2b:6d:65:16:a4:33:eb:dd:80:70:75:b8:ab:8c:
3a:08:47:e5:fe:0a:f2:2b:a5:4a:c8:c0:ff:f4:f8:
6c:38:35:cc:dd:19:d5:ba:fb:32:ea:b5:cb:62:0f:
ee:65:bc:81:c4:af:be:1a:1b:5d:5f:f8:3d:42:2b:
58:22:5d:e5:c9:3d:e6:79:4e:cd:b5:d7:2f:e5:23:
51:76:4e:95:be:23:e0:e5:67:82:1a:42:3f:21:d6:
fc:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:8A:04:E8:39:A5:56:E3:0E:56:74:97:1D:42:F7:CF:46:34:41:2A
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS57043.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.253.0/24
191.101.113.0/24
194.110.14.0/24
Signature Algorithm: sha256WithRSAEncryption
79:66:ca:a8:72:eb:f9:a6:6e:5c:72:16:4b:e7:f0:9c:23:77:
65:f0:f8:5d:cf:c2:44:09:36:da:f9:47:be:27:b8:a3:6d:f7:
c8:a7:85:33:9f:32:1f:fb:d6:c0:04:0e:ab:65:54:41:63:f5:
ff:02:0f:33:04:dc:a7:4e:37:5c:a0:92:22:3c:37:5f:c8:e7:
1d:3b:9c:38:4b:28:46:a2:5e:56:58:9c:41:ac:37:68:e9:38:
7c:5e:7a:66:9c:dc:a6:99:da:49:16:9e:28:88:cc:2d:91:41:
b8:a5:75:22:04:69:1b:a9:98:28:11:4a:e4:b2:d4:36:82:4e:
f1:4d:5f:f2:cb:2d:86:09:c3:bf:e1:e4:14:8d:c8:54:05:e9:
b1:49:ee:80:04:f0:ac:d5:d8:36:1f:7c:6b:c5:83:34:1c:1a:
a6:14:8a:49:96:fd:53:2f:b1:98:37:43:2c:07:8f:bd:43:05:
d6:93:84:4a:ed:bc:3c:72:b2:12:c1:12:af:21:56:d1:f1:4d:
92:e2:63:90:2d:0b:15:1d:49:3d:17:09:9b:c5:fc:00:3e:91:
11:92:98:ef:a4:f3:e3:b5:9a:25:95:2b:89:e0:e8:87:2a:97:
b1:72:e3:a5:6b:23:a8:cc:29:0f:e7:73:dc:0c:7f:2f:a6:6e:
0e:63:09:62
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUFQd6ZtRkESVoN8FMoXTOX5DVXoEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAzMDYxODEyNDVaFw0yNTAzMDUxODE3NDVaMDMxMTAvBgNV
BAMTKEM2OEEwNEU4MzlBNTU2RTMwRTU2NzQ5NzFENDJGN0NGNDYzNDQxMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0g8hNeJ2ZO6JHtjzfEhhI/var
gvHVBgnqFrlhM0l3fSbPi6mFeP3ck10qnkMWhFfI+/H8Sl59nHjiyG3TJMS9vEXp
5DxlscO6Wwo50A7svky8L/HYmDq4UaDumq+3gObfLXRIJqQcjiQTZk7mdrhmU4XU
Lcu6DRAQsa6nJB7L9R+wa6rrtntxUIWmr4IlUWrjCGxzIoyTJY4wTGsCEGcNhcZ4
6wgrbWUWpDPr3YBwdbirjDoIR+X+CvIrpUrIwP/0+Gw4NczdGdW6+zLqtctiD+5l
vIHEr74aG11f+D1CK1giXeXJPeZ5Ts211y/lI1F2TpW+I+DlZ4IaQj8h1vybAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUxooE6DmlVuMOVnSXHUL3z0Y0QSowHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNTcwNDMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAAtWf0D
BAC/ZXEDBADCbg4wDQYJKoZIhvcNAQELBQADggEBAHlmyqhy6/mmblxyFkvn8Jwj
d2Xw+F3PwkQJNtr5R74nuKNt98inhTOfMh/71sAEDqtlVEFj9f8CDzME3KdON1yg
kiI8N1/I5x07nDhLKEaiXlZYnEGsN2jpOHxeemac3KaZ2kkWniiIzC2RQbildSIE
aRupmCgRSuSy1DaCTvFNX/LLLYYJw7/h5BSNyFQF6bFJ7oAE8KzV2DYffGvFgzQc
GqYUikmW/VMvsZg3QywHj71DBdaThErtvDxyshLBEq8hVtHxTZLiY5AtCxUdST0X
CZvF/AA+kRGSmO+k8+O1miWVK4ng6Icql7Fy46VrI6jMKQ/nc9wMfy+mbg5jCWI=
-----END CERTIFICATE-----
Generated at Thu May 9 19:13:40 2024 by rpki-client on console-ams.rpki-client.org