Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS58061.roa
File: AS58061.roa (raw, json)
Hash identifier: Db1La/NEy1HBhzh4HXdoAgHKxS6jwRCpmGik3VBFrGc=
Subject key identifier: 6D:BF:6E:DA:B2:5A:8C:99:AE:3D:63:2B:55:D1:F4:AF:B0:9D:E7:8E
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 4A337DF7859CDF70DACAED58CF4BE10A29077B53
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS58061.roa
Signing time: Tue 02 Apr 2024 10:50:35 +0000
ROA not before: Tue 02 Apr 2024 10:45:35 +0000
ROA not after: Tue 01 Apr 2025 10:50:35 +0000
asID: 58061
IP address blocks: 5.181.130.0/24 maxlen: 24
89.19.51.0/24 maxlen: 24
179.61.229.0/24 maxlen: 24
181.214.180.0/24 maxlen: 24
181.214.216.0/24 maxlen: 24
185.139.3.0/24 maxlen: 24
185.158.105.0/24 maxlen: 24
191.101.112.0/24 maxlen: 24
191.101.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:33:7d:f7:85:9c:df:70:da:ca:ed:58:cf:4b:e1:0a:29:07:7b:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 2 10:45:35 2024 GMT
Not After : Apr 1 10:50:35 2025 GMT
Subject: CN=6DBF6EDAB25A8C99AE3D632B55D1F4AFB09DE78E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ec:1f:5c:75:8d:23:f2:99:76:44:c4:d0:0c:
8e:07:a3:e6:6d:9f:b0:c3:ef:6b:0c:9c:5e:0e:b1:
fd:38:dd:82:3e:ef:6c:c1:17:fc:66:cd:83:22:8d:
8e:ac:bd:2d:ec:22:80:40:82:db:f8:8f:37:85:03:
e9:d6:31:c2:21:e3:e0:bd:64:10:d8:89:bc:c7:37:
56:40:96:1f:ed:62:05:35:fc:04:33:81:74:d9:3b:
63:83:af:2a:c7:7e:d8:0d:8c:a7:2c:f4:38:86:49:
b2:3e:3d:2a:0f:25:c8:ca:29:8a:f0:81:e1:65:22:
8f:9c:7c:f5:b7:e1:3e:fe:88:c8:b3:35:c3:05:39:
ef:06:d8:84:30:08:38:5e:bb:41:3a:bc:b6:c7:4f:
29:ba:ff:e1:b6:07:a4:19:52:d9:fe:b6:78:2c:bc:
a1:2d:72:df:73:b3:6d:46:27:46:bf:0b:38:bd:0f:
4a:db:24:1d:10:62:88:95:11:53:c6:85:0e:b6:b4:
34:9c:f1:97:ee:86:5b:fb:20:8b:7a:15:c7:dc:9d:
32:bb:92:a5:aa:f5:a1:55:6b:c5:73:a1:f7:36:d7:
1d:c5:50:a8:f6:af:5c:5e:5d:94:92:95:02:b5:ac:
ad:97:2a:9f:2c:df:5f:70:9a:d8:d5:8b:ec:17:36:
b9:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:BF:6E:DA:B2:5A:8C:99:AE:3D:63:2B:55:D1:F4:AF:B0:9D:E7:8E
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS58061.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.130.0/24
89.19.51.0/24
179.61.229.0/24
181.214.180.0/24
181.214.216.0/24
185.139.3.0/24
185.158.105.0/24
191.101.112.0/24
191.101.126.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:8f:20:81:09:fa:62:e4:7e:48:de:e3:f9:af:e4:87:ef:11:
e0:a3:72:c6:eb:53:aa:fd:7b:d0:a8:4a:4c:b0:b0:f0:4f:db:
70:ea:b2:22:37:a1:43:0c:ec:9c:20:66:ad:49:8a:1a:ef:8c:
9c:da:2e:dd:87:30:b1:17:a3:85:74:e3:8d:79:2a:cd:4e:6d:
4f:80:f0:a4:f4:a2:1d:88:55:69:4f:6f:12:40:81:4d:f0:30:
bf:85:4f:ae:95:be:22:b2:a2:7e:bb:92:05:a4:1a:b6:8b:c1:
22:24:19:0a:f3:59:49:3e:6d:6c:91:b2:f0:fc:53:b2:a6:a7:
5e:9d:b7:7c:ed:3d:4e:3c:4b:64:73:ff:79:4a:d6:a5:08:2a:
ef:fd:1c:fe:d5:ba:6a:a3:a6:f0:1b:70:1e:00:a9:4b:28:62:
34:fb:85:9a:fc:1d:7c:4f:ba:f0:59:bd:63:49:eb:79:24:c3:
c6:73:d4:4f:98:2c:b8:75:68:bb:1a:45:da:51:39:06:00:ba:
13:19:08:f4:48:5c:31:a0:59:a6:5d:af:2e:e2:1d:b1:0c:3c:
23:ff:b1:dd:4f:ce:7d:da:72:dd:09:8c:fc:3b:3e:67:5b:69:
2c:cd:d8:78:eb:8a:a7:41:19:f0:2c:4a:d5:0b:c7:c6:99:07:
45:dc:c2:e0
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUSjN994Wc33Dayu1Yz0vhCikHe1MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA0MDIxMDQ1MzVaFw0yNTA0MDExMDUwMzVaMDMxMTAvBgNV
BAMTKDZEQkY2RURBQjI1QThDOTlBRTNENjMyQjU1RDFGNEFGQjA5REU3OEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp7B9cdY0j8pl2RMTQDI4Ho+Zt
n7DD72sMnF4Osf043YI+72zBF/xmzYMijY6svS3sIoBAgtv4jzeFA+nWMcIh4+C9
ZBDYibzHN1ZAlh/tYgU1/AQzgXTZO2ODryrHftgNjKcs9DiGSbI+PSoPJcjKKYrw
geFlIo+cfPW34T7+iMizNcMFOe8G2IQwCDheu0E6vLbHTym6/+G2B6QZUtn+tngs
vKEtct9zs21GJ0a/Czi9D0rbJB0QYoiVEVPGhQ62tDSc8Zfuhlv7IIt6FcfcnTK7
kqWq9aFVa8Vzofc21x3FUKj2r1xeXZSSlQK1rK2XKp8s319wmtjVi+wXNrl/AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUbb9u2rJajJmuPWMrVdH0r7Cd544wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNTgwNjEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTwYIKwYBBQUHAQcBAf8EQDA+MDwEAgABMDYDBAAFtYID
BABZEzMDBACzPeUDBAC11rQDBAC11tgDBAC5iwMDBAC5nmkDBAC/ZXADBAC/ZX4w
DQYJKoZIhvcNAQELBQADggEBAG6PIIEJ+mLkfkje4/mv5IfvEeCjcsbrU6r9e9Co
SkywsPBP23DqsiI3oUMM7JwgZq1JihrvjJzaLt2HMLEXo4V04415Ks1ObU+A8KT0
oh2IVWlPbxJAgU3wML+FT66VviKyon67kgWkGraLwSIkGQrzWUk+bWyRsvD8U7Km
p16dt3ztPU48S2Rz/3lK1qUIKu/9HP7VumqjpvAbcB4AqUsoYjT7hZr8HXxPuvBZ
vWNJ63kkw8Zz1E+YLLh1aLsaRdpROQYAuhMZCPRIXDGgWaZdry7iHbEMPCP/sd1P
zn3act0JjPw7PmdbaSzN2HjriqdBGfAsStULx8aZB0XcwuA=
-----END CERTIFICATE-----
Generated at Fri May 10 02:01:24 2024 by rpki-client on console-ams.rpki-client.org