Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS60781.roa
File: AS60781.roa (raw, json)
Hash identifier: yZHoyNfAAe2MH+nKop5n+n2JdHQTCPeF0lZ+J4FFAxw=
Subject key identifier: A0:95:47:FA:0F:0F:24:2B:65:3F:A9:0E:2A:BB:3C:1A:B8:FB:3C:BF
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 4C84BD1664BDE650B96597CF7D8D7D1B7A9AB22A
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS60781.roa
Signing time: Fri 15 Nov 2024 12:38:10 +0000
ROA not before: Fri 15 Nov 2024 12:33:10 +0000
ROA not after: Fri 14 Nov 2025 12:38:10 +0000
asID: 60781
IP address blocks: 191.96.128.0/24 maxlen: 24
191.96.134.0/24 maxlen: 24
191.101.175.0/24 maxlen: 24
191.101.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:84:bd:16:64:bd:e6:50:b9:65:97:cf:7d:8d:7d:1b:7a:9a:b2:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Nov 15 12:33:10 2024 GMT
Not After : Nov 14 12:38:10 2025 GMT
Subject: CN=A09547FA0F0F242B653FA90E2ABB3C1AB8FB3CBF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b5:7d:98:e6:dc:14:40:34:41:4f:fb:ff:1a:
32:f9:76:4f:43:31:8f:ab:d0:52:3e:da:32:7e:fc:
80:49:2d:60:92:b0:b7:07:d4:34:6d:33:bc:4b:bd:
e0:7f:ee:b7:d1:66:96:d2:44:90:f9:43:91:92:a2:
c0:d4:cf:2c:90:8d:93:6f:5c:2e:1b:31:89:76:98:
4a:6d:33:31:6a:c2:26:6f:06:6e:48:05:61:87:28:
ac:88:ee:02:dc:0d:48:41:f6:99:00:38:64:2b:39:
12:8e:77:39:de:c9:d6:69:6d:33:c2:a7:c8:42:85:
a4:e0:2e:86:11:29:dc:9f:f6:a6:aa:56:17:b9:f5:
9a:5b:79:9f:a7:bc:d9:df:0f:5d:7b:d5:2a:82:e0:
27:6c:7f:5d:f7:f0:78:cf:50:95:3b:63:d3:11:11:
2f:70:3d:37:48:cb:6f:ae:e9:02:d8:02:1d:6b:57:
b6:be:59:de:b4:99:49:c9:9a:c3:d2:4c:fb:93:e3:
2c:26:78:c6:3c:72:6f:9a:01:aa:2b:db:3f:8c:78:
ea:d1:d2:e9:41:fa:05:79:43:7b:dc:aa:70:29:50:
13:6c:45:33:d8:63:f2:b4:ce:fe:d0:53:73:50:7b:
2b:75:18:6f:60:db:69:7b:7f:81:af:5a:0f:43:f8:
82:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:95:47:FA:0F:0F:24:2B:65:3F:A9:0E:2A:BB:3C:1A:B8:FB:3C:BF
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS60781.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.128.0/24
191.96.134.0/24
191.101.175.0/24
191.101.200.0/24
Signature Algorithm: sha256WithRSAEncryption
70:8a:1f:a9:ee:e9:80:22:ff:d0:d0:f8:bc:f2:e8:24:97:5b:
77:63:ea:4e:d5:25:24:fb:b3:dc:24:8d:5f:12:87:ea:27:6a:
1f:6c:29:e8:bb:e5:26:5c:7b:d6:2e:bf:34:01:50:51:e5:a9:
18:2d:31:cf:b5:d3:03:a1:26:c9:c2:1c:05:f8:24:07:31:35:
3e:9f:35:4c:f8:be:f8:eb:ab:e3:76:05:10:a1:3d:26:e4:47:
14:3f:8d:71:8c:b7:c5:47:71:2f:fb:e2:15:40:19:e5:54:bb:
54:3e:0d:dc:11:77:8f:31:ff:a7:58:89:85:64:04:3c:80:4b:
00:75:1a:34:5b:1a:89:c8:c6:be:e3:3e:03:fa:f3:92:e0:1b:
20:2f:d9:1f:fb:54:82:15:25:5e:c3:cd:4d:1f:cf:bc:b5:d5:
e0:a2:17:d7:f3:0c:34:a8:62:f0:65:d6:3d:ce:52:55:8b:29:
3f:ba:00:4a:5f:c5:6e:7a:39:bd:d6:92:29:38:e4:f1:c5:72:
17:4c:c1:08:9e:a3:e6:a8:4d:19:a8:52:a7:b7:78:c6:b0:a0:
a4:ff:47:56:9e:41:17:0b:02:f8:90:0c:b5:93:0f:e4:e4:19:
6d:b3:0a:78:28:b7:77:f2:b1:e0:1e:7c:36:9c:54:69:42:09:
fb:b1:09:d7
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUTIS9FmS95lC5ZZfPfY19G3qasiowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDExMTUxMjMzMTBaFw0yNTExMTQxMjM4MTBaMDMxMTAvBgNV
BAMTKEEwOTU0N0ZBMEYwRjI0MkI2NTNGQTkwRTJBQkIzQzFBQjhGQjNDQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCMtX2Y5twUQDRBT/v/GjL5dk9D
MY+r0FI+2jJ+/IBJLWCSsLcH1DRtM7xLveB/7rfRZpbSRJD5Q5GSosDUzyyQjZNv
XC4bMYl2mEptMzFqwiZvBm5IBWGHKKyI7gLcDUhB9pkAOGQrORKOdzneydZpbTPC
p8hChaTgLoYRKdyf9qaqVhe59ZpbeZ+nvNnfD1171SqC4Cdsf1338HjPUJU7Y9MR
ES9wPTdIy2+u6QLYAh1rV7a+Wd60mUnJmsPSTPuT4ywmeMY8cm+aAaor2z+MeOrR
0ulB+gV5Q3vcqnApUBNsRTPYY/K0zv7QU3NQeyt1GG9g22l7f4GvWg9D+ILRAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUoJVH+g8PJCtlP6kOKrs8Grj7PL8wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNjA3ODEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAC/YIAD
BAC/YIYDBAC/Za8DBAC/ZcgwDQYJKoZIhvcNAQELBQADggEBAHCKH6nu6YAi/9DQ
+Lzy6CSXW3dj6k7VJST7s9wkjV8Sh+onah9sKei75SZce9YuvzQBUFHlqRgtMc+1
0wOhJsnCHAX4JAcxNT6fNUz4vvjrq+N2BRChPSbkRxQ/jXGMt8VHcS/74hVAGeVU
u1Q+DdwRd48x/6dYiYVkBDyASwB1GjRbGonIxr7jPgP685LgGyAv2R/7VIIVJV7D
zU0fz7y11eCiF9fzDDSoYvBl1j3OUlWLKT+6AEpfxW56Ob3Wkik45PHFchdMwQie
o+aoTRmoUqe3eMawoKT/R1aeQRcLAviQDLWTD+TkGW2zCngot3fyseAefDacVGlC
CfuxCdc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:39:59 2024 by rpki-client on console-ams.rpki-client.org