Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59711.roa
File: AS59711.roa (raw, json)
Hash identifier: Tl2azXgAoj/DgDXzlTYaI+iUttuEmIPOL121kVtzKl8=
Subject key identifier: 68:C4:EA:C8:87:5B:8F:43:90:E3:E5:A4:2D:E5:90:F6:E5:E1:D7:71
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3E4C16BA5C11E9EAD5DDCD4ABECCCDF36D752BD0
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59711.roa
Signing time: Fri 17 Jan 2025 14:27:41 +0000
ROA not before: Fri 17 Jan 2025 14:22:41 +0000
ROA not after: Fri 16 Jan 2026 14:27:41 +0000
asID: 59711
IP address blocks: 82.21.255.0/24 maxlen: 24
82.22.255.0/24 maxlen: 24
82.23.245.0/24 maxlen: 24
82.24.255.0/24 maxlen: 24
82.25.255.0/24 maxlen: 24
82.29.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:4c:16:ba:5c:11:e9:ea:d5:dd:cd:4a:be:cc:cd:f3:6d:75:2b:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 17 14:22:41 2025 GMT
Not After : Jan 16 14:27:41 2026 GMT
Subject: CN=68C4EAC8875B8F4390E3E5A42DE590F6E5E1D771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c3:ac:cc:67:1f:9d:a2:f0:c7:1b:e0:ed:08:
45:e8:b2:a6:4c:3f:12:97:97:be:4c:58:c1:6a:ce:
f6:c3:91:16:c6:10:bb:22:2e:eb:41:3b:d1:49:8c:
9d:1d:18:80:b6:fb:ed:6f:ee:7e:48:5c:42:d9:04:
e3:fe:f7:34:9d:b4:97:c7:3c:e8:69:4e:fb:b5:bb:
b7:0a:d6:ee:20:97:af:8d:92:1c:a1:dc:c3:96:3c:
5d:76:68:b9:b1:68:fe:d7:dc:c9:b7:0b:c6:fb:6a:
78:35:52:45:e2:cd:73:82:bf:1e:27:93:34:2d:ab:
75:bb:41:85:98:14:93:0d:e0:9b:3e:d0:be:4d:6a:
ad:2e:f1:d0:05:13:65:f0:ca:0d:72:0b:d9:de:c3:
07:a3:c5:7f:ce:f4:4b:b3:68:01:0d:5c:04:69:23:
72:6c:9d:a6:1a:1c:48:16:b2:da:c7:22:4e:73:e1:
48:ac:0f:ae:6d:2f:83:06:8f:bc:0f:b7:c1:d9:4b:
bd:60:42:23:00:bf:87:45:d4:be:fa:34:ef:f8:87:
18:46:9a:ae:96:c7:ad:d4:60:4e:08:23:4f:f7:16:
ef:1b:21:c7:17:4b:41:2d:f7:fe:2c:2d:6c:95:c6:
e0:c8:77:03:1a:2f:a4:5e:9c:08:26:08:67:d2:e7:
d3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:C4:EA:C8:87:5B:8F:43:90:E3:E5:A4:2D:E5:90:F6:E5:E1:D7:71
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59711.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.255.0/24
82.22.255.0/24
82.23.245.0/24
82.24.255.0/24
82.25.255.0/24
82.29.255.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:67:42:0c:81:d3:5e:f1:27:8b:d0:8b:13:0e:f6:f7:2e:28:
3e:ba:74:00:06:66:f9:7f:d9:9d:c3:59:4d:77:35:ed:ff:90:
04:17:01:35:5a:a6:97:9a:5f:b7:97:be:8c:4a:cf:36:f5:99:
7b:2c:8f:c4:b9:41:c4:6c:b0:a7:bd:3f:66:34:f0:0c:26:b6:
a9:5d:64:bc:31:ac:fc:0d:28:f6:e5:93:c1:e9:a7:f7:3f:a4:
58:63:d2:bf:f4:1e:ec:36:66:1e:73:5e:cb:8e:e3:d5:3c:81:
34:57:0f:3c:c8:8c:22:29:3a:fb:4e:0d:7d:f9:93:bf:db:07:
1e:7b:b4:fb:03:5a:78:51:8a:74:ec:1d:bf:fd:dd:75:ea:da:
9e:a8:73:19:62:54:42:eb:3d:10:23:83:fd:7f:7a:7b:1c:6b:
67:55:0e:7b:af:60:9e:d7:94:05:a6:13:b2:a5:f3:33:13:86:
06:38:cf:f5:8b:19:30:fe:36:23:1e:4f:fa:f7:fc:a6:44:44:
c0:18:bc:eb:4a:82:98:a0:d0:45:92:6b:d0:a3:9d:af:87:f4:
f4:8c:f3:62:28:07:1d:07:62:16:14:5d:09:98:21:3a:5c:0e:
e7:10:af:9a:2b:16:2c:83:4c:ea:4e:7d:2e:ce:2b:15:7e:5d:
e5:67:b0:14
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUPkwWulwR6erV3c1KvszN8211K9AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMTcxNDIyNDFaFw0yNjAxMTYxNDI3NDFaMDMxMTAvBgNV
BAMTKDY4QzRFQUM4ODc1QjhGNDM5MEUzRTVBNDJERTU5MEY2RTVFMUQ3NzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8w6zMZx+dovDHG+DtCEXosqZM
PxKXl75MWMFqzvbDkRbGELsiLutBO9FJjJ0dGIC2++1v7n5IXELZBOP+9zSdtJfH
POhpTvu1u7cK1u4gl6+Nkhyh3MOWPF12aLmxaP7X3Mm3C8b7ang1UkXizXOCvx4n
kzQtq3W7QYWYFJMN4Js+0L5Naq0u8dAFE2Xwyg1yC9newwejxX/O9EuzaAENXARp
I3JsnaYaHEgWstrHIk5z4UisD65tL4MGj7wPt8HZS71gQiMAv4dF1L76NO/4hxhG
mq6Wx63UYE4II0/3Fu8bIccXS0Et9/4sLWyVxuDIdwMaL6RenAgmCGfS59NFAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUaMTqyIdbj0OQ4+WkLeWQ9uXh13EwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTk3MTEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBABSFf8D
BABSFv8DBABSF/UDBABSGP8DBABSGf8DBABSHf8wDQYJKoZIhvcNAQELBQADggEB
AAtnQgyB017xJ4vQixMO9vcuKD66dAAGZvl/2Z3DWU13Ne3/kAQXATVappeaX7eX
voxKzzb1mXssj8S5QcRssKe9P2Y08AwmtqldZLwxrPwNKPblk8Hpp/c/pFhj0r/0
Huw2Zh5zXsuO49U8gTRXDzzIjCIpOvtODX35k7/bBx57tPsDWnhRinTsHb/93XXq
2p6ocxliVELrPRAjg/1/ensca2dVDnuvYJ7XlAWmE7Kl8zMThgY4z/WLGTD+NiMe
T/r3/KZERMAYvOtKgpig0EWSa9Cjna+H9PSM82IoBx0HYhYUXQmYITpcDucQr5or
FiyDTOpOfS7OKxV+XeVnsBQ=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:01:10 2025 by rpki-client