Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS60781.roa
File: AS60781.roa (raw, json)
Hash identifier: tO89ANuXiHd5Tb9sL1OqduWBUGs7LWL+5V4AmQ/jKro=
Subject key identifier: 77:18:CD:C4:C2:BD:17:76:15:A6:BF:0C:80:B6:8C:86:EE:38:C2:A9
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3B4234D800AA07F59BCFF5C2CB0DA1D39EF2154D
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS60781.roa
Signing time: Fri 08 Mar 2024 00:00:06 +0000
ROA not before: Thu 07 Mar 2024 23:55:06 +0000
ROA not after: Fri 07 Mar 2025 00:00:06 +0000
asID: 60781
IP address blocks: 191.96.128.0/24 maxlen: 24
191.101.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:42:34:d8:00:aa:07:f5:9b:cf:f5:c2:cb:0d:a1:d3:9e:f2:15:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 7 23:55:06 2024 GMT
Not After : Mar 7 00:00:06 2025 GMT
Subject: CN=7718CDC4C2BD177615A6BF0C80B68C86EE38C2A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:de:a0:f3:e6:9a:06:d6:42:ac:dc:62:de:e7:
28:42:88:40:e1:e7:34:dc:10:84:85:ce:7e:d8:60:
04:df:08:14:4a:b0:26:01:c0:50:f6:21:f6:90:df:
ad:e1:e2:b2:7e:6a:c2:9b:4c:20:57:d8:02:27:03:
1a:b8:9c:a9:7a:b6:3b:53:b0:e9:7d:55:0c:69:4b:
13:ec:63:b8:73:c6:bf:42:fb:85:5b:1c:c3:18:1c:
a7:36:6b:00:2c:7c:f4:6e:05:c7:da:73:fa:79:ab:
d5:24:1f:7a:19:a6:3c:e4:ec:4a:12:fc:20:f8:6e:
c6:05:b0:d9:79:5e:74:1b:3e:9f:74:3f:f7:78:bf:
d8:c3:97:36:1c:72:32:56:b7:37:4c:bf:4c:a2:e3:
86:15:92:14:79:c4:58:01:2a:bc:30:99:9e:9c:c9:
21:e2:47:ef:dd:62:62:59:27:53:50:c2:1c:7f:90:
39:bb:3e:dd:78:fd:76:22:53:a9:53:93:da:59:ea:
56:28:93:23:1d:01:48:d4:dc:3a:b0:8f:b3:ed:e7:
4b:83:48:f0:6d:62:14:86:86:dc:2d:a2:56:18:69:
c3:b3:c6:fa:69:52:0d:23:1c:0d:87:26:8c:15:66:
82:f6:d1:b5:d1:31:85:ef:be:b7:71:fc:b6:26:60:
0a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:18:CD:C4:C2:BD:17:76:15:A6:BF:0C:80:B6:8C:86:EE:38:C2:A9
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS60781.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.128.0/24
191.101.175.0/24
Signature Algorithm: sha256WithRSAEncryption
53:dc:8f:64:40:20:46:76:6c:ef:4e:eb:f1:8d:b2:54:7c:7b:
20:d8:97:cf:5b:61:6e:e2:5b:48:b9:c6:2f:9c:7a:aa:86:ba:
34:79:65:06:8d:ce:0f:3f:06:7d:71:1f:6d:94:e6:85:d7:38:
41:61:d4:a0:f4:e9:35:52:61:e2:36:fc:70:da:34:50:b3:7f:
66:c3:37:88:db:5d:2d:a6:33:d9:ea:85:0e:be:81:51:ce:de:
84:90:b2:71:a0:65:06:f1:c6:8b:ac:e9:be:1f:de:36:f0:e5:
07:1b:ea:f3:14:24:54:e4:45:ed:ec:3b:15:33:1f:4b:7c:45:
b1:1a:aa:f3:75:9c:fd:49:8e:f8:4f:05:d4:f4:4e:6e:74:9d:
0e:9a:19:ef:a8:60:49:38:ff:13:7b:f5:6b:f0:56:c0:10:a1:
03:1e:1e:e8:dd:e0:2a:4a:ba:66:64:2f:df:e3:69:4e:5b:b8:
d1:1d:cb:9f:e3:9e:cb:af:1d:75:cb:fb:7f:1b:70:6a:b0:04:
7c:c3:c8:da:b7:6b:d7:e7:2c:9f:86:1e:6d:aa:0a:eb:42:19:
bf:37:ef:ba:cf:a5:73:37:0d:65:28:72:7d:3c:58:c7:c6:d4:
d1:43:e5:98:04:38:a6:e7:13:e9:30:6f:2d:2a:01:36:60:7c:
27:c3:96:e1
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUO0I02ACqB/Wbz/XCyw2h057yFU0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAzMDcyMzU1MDZaFw0yNTAzMDcwMDAwMDZaMDMxMTAvBgNV
BAMTKDc3MThDREM0QzJCRDE3NzYxNUE2QkYwQzgwQjY4Qzg2RUUzOEMyQTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH3qDz5poG1kKs3GLe5yhCiEDh
5zTcEISFzn7YYATfCBRKsCYBwFD2IfaQ363h4rJ+asKbTCBX2AInAxq4nKl6tjtT
sOl9VQxpSxPsY7hzxr9C+4VbHMMYHKc2awAsfPRuBcfac/p5q9UkH3oZpjzk7EoS
/CD4bsYFsNl5XnQbPp90P/d4v9jDlzYccjJWtzdMv0yi44YVkhR5xFgBKrwwmZ6c
ySHiR+/dYmJZJ1NQwhx/kDm7Pt14/XYiU6lTk9pZ6lYokyMdAUjU3Dqwj7Pt50uD
SPBtYhSGhtwtolYYacOzxvppUg0jHA2HJowVZoL20bXRMYXvvrdx/LYmYAqtAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUdxjNxMK9F3YVpr8MgLaMhu44wqkwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNjA3ODEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAC/YIAD
BAC/Za8wDQYJKoZIhvcNAQELBQADggEBAFPcj2RAIEZ2bO9O6/GNslR8eyDYl89b
YW7iW0i5xi+ceqqGujR5ZQaNzg8/Bn1xH22U5oXXOEFh1KD06TVSYeI2/HDaNFCz
f2bDN4jbXS2mM9nqhQ6+gVHO3oSQsnGgZQbxxous6b4f3jbw5Qcb6vMUJFTkRe3s
OxUzH0t8RbEaqvN1nP1JjvhPBdT0Tm50nQ6aGe+oYEk4/xN79WvwVsAQoQMeHujd
4CpKumZkL9/jaU5buNEdy5/jnsuvHXXL+38bcGqwBHzDyNq3a9fnLJ+GHm2qCutC
Gb8377rPpXM3DWUocn08WMfG1NFD5ZgEOKbnE+kwby0qATZgfCfDluE=
-----END CERTIFICATE-----
Generated at Wed May 8 16:41:39 2024 by rpki-client on console-ams.rpki-client.org