Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS61112.roa
File: AS61112.roa (raw, json)
Hash identifier: cTBl23XSgtEHDS7PDePBuhzewNwvCJqQquPt92Un7mU=
Subject key identifier: B2:1F:D1:00:86:15:D1:9E:10:7C:A1:C2:12:1F:E3:98:A8:DA:8E:D5
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 14C9071AF4D51B8629A02A886C83CCA742F3D2C0
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS61112.roa
Signing time: Sat 04 Jan 2025 00:00:20 +0000
ROA not before: Fri 03 Jan 2025 23:55:20 +0000
ROA not after: Sat 03 Jan 2026 00:00:20 +0000
asID: 61112
IP address blocks: 141.11.76.0/23 maxlen: 24
141.11.78.0/23 maxlen: 24
141.11.86.0/23 maxlen: 24
141.11.90.0/23 maxlen: 24
141.11.130.0/23 maxlen: 24
141.11.148.0/23 maxlen: 24
141.11.174.0/23 maxlen: 24
141.11.216.0/23 maxlen: 24
141.11.218.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 21:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:c9:07:1a:f4:d5:1b:86:29:a0:2a:88:6c:83:cc:a7:42:f3:d2:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Jan 3 23:55:20 2025 GMT
Not After : Jan 3 00:00:20 2026 GMT
Subject: CN=B21FD1008615D19E107CA1C2121FE398A8DA8ED5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f0:5d:51:7f:f4:35:4f:15:3f:1a:df:f9:63:
ee:b6:19:d8:3d:82:b2:cd:02:4f:cc:01:72:ba:a3:
ef:61:cc:14:0e:c6:25:a3:f6:e0:6b:65:50:ca:da:
4b:48:11:1c:90:c3:6c:d0:cb:ea:af:2b:39:af:89:
9d:bf:d5:3a:65:5d:c9:b6:ed:61:13:65:c0:85:ff:
63:ee:dc:24:10:10:46:e6:2b:fa:5d:34:b6:9c:19:
fd:d7:81:37:4d:f0:57:93:75:ec:b5:f9:0a:c7:dd:
52:ce:8e:ad:0a:bb:91:3d:21:06:47:ae:da:3e:c6:
6d:05:64:a0:de:97:99:3b:f2:75:09:f7:a5:12:2a:
8c:ff:a6:0e:b5:ed:0c:5e:93:2b:87:9e:7a:a9:48:
c9:36:f2:a3:e4:33:78:bf:0d:65:90:9b:e8:b6:65:
0d:b9:ff:96:c1:d4:ca:d3:ba:d8:f3:19:88:a2:20:
67:75:ed:49:f3:a6:7b:5d:f6:e6:63:f7:01:f1:be:
be:69:46:e3:e8:76:00:68:94:5d:65:36:cc:db:ba:
ba:f0:50:a3:58:89:a5:89:c2:5e:89:d0:5a:69:45:
81:eb:0a:d2:3c:e3:4a:92:4d:a8:bb:50:1c:b8:a9:
ec:64:83:41:6c:3e:41:0a:69:8b:47:d8:86:2e:43:
69:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:1F:D1:00:86:15:D1:9E:10:7C:A1:C2:12:1F:E3:98:A8:DA:8E:D5
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS61112.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.76.0/22
141.11.86.0/23
141.11.90.0/23
141.11.130.0/23
141.11.148.0/23
141.11.174.0/23
141.11.216.0/22
Signature Algorithm: sha256WithRSAEncryption
32:73:27:f7:a1:49:8d:ec:1c:02:20:22:81:70:ab:ea:08:6e:
98:bd:aa:19:fb:95:9d:73:b2:52:65:52:44:f4:5a:d9:80:80:
4f:a3:7d:74:ae:14:50:86:ca:97:66:f8:89:0f:09:51:4c:59:
0a:0d:c9:3c:fa:7b:37:f8:b1:82:f2:7d:15:a1:dc:58:a0:26:
1f:3e:f6:6a:97:76:ab:70:75:8c:fc:34:5e:84:94:df:52:5a:
79:0a:59:e8:68:9c:7e:e8:4e:5a:ed:95:d5:1f:85:26:a4:7a:
8d:8f:14:60:1e:b1:ec:d5:43:7c:93:0d:47:9f:32:c3:19:9a:
52:08:97:45:79:2b:4e:74:64:5d:25:e6:ff:df:5d:0a:df:b9:
fc:8e:f6:d5:4c:0b:93:5e:4f:e3:c3:dc:05:21:e3:8e:c8:03:
3a:0f:15:84:c6:9a:b7:94:8d:79:bb:e6:44:a3:74:e0:c1:36:
59:77:7d:b4:c3:bb:57:2b:1c:df:f9:5e:78:ec:d5:af:4f:da:
14:7a:41:9f:1b:6c:fd:1c:81:d6:64:5e:5c:81:a3:33:f6:66:
ad:f5:fd:8c:f7:5c:7f:94:98:12:ca:4c:7b:52:c5:e8:eb:c2:
01:ac:d0:06:b2:29:50:e7:e4:b4:0f:e5:a0:1a:c3:db:0d:91:
dc:8f:df:ee
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUFMkHGvTVG4YpoCqIbIPMp0Lz0sAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTAxMDMyMzU1MjBaFw0yNjAxMDMwMDAwMjBaMDMxMTAvBgNV
BAMTKEIyMUZEMTAwODYxNUQxOUUxMDdDQTFDMjEyMUZFMzk4QThEQThFRDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA8F1Rf/Q1TxU/Gt/5Y+62Gdg9
grLNAk/MAXK6o+9hzBQOxiWj9uBrZVDK2ktIERyQw2zQy+qvKzmviZ2/1TplXcm2
7WETZcCF/2Pu3CQQEEbmK/pdNLacGf3XgTdN8FeTdey1+QrH3VLOjq0Ku5E9IQZH
rto+xm0FZKDel5k78nUJ96USKoz/pg617QxekyuHnnqpSMk28qPkM3i/DWWQm+i2
ZQ25/5bB1MrTutjzGYiiIGd17Unzpntd9uZj9wHxvr5pRuPodgBolF1lNszburrw
UKNYiaWJwl6J0FppRYHrCtI840qSTai7UBy4qexkg0FsPkEKaYtH2IYuQ2nnAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUsh/RAIYV0Z4QfKHCEh/jmKjajtUwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNjExMTIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBAKNC0wD
BAGNC1YDBAGNC1oDBAGNC4IDBAGNC5QDBAGNC64DBAKNC9gwDQYJKoZIhvcNAQEL
BQADggEBADJzJ/ehSY3sHAIgIoFwq+oIbpi9qhn7lZ1zslJlUkT0WtmAgE+jfXSu
FFCGypdm+IkPCVFMWQoNyTz6ezf4sYLyfRWh3FigJh8+9mqXdqtwdYz8NF6ElN9S
WnkKWehonH7oTlrtldUfhSakeo2PFGAesezVQ3yTDUefMsMZmlIIl0V5K050ZF0l
5v/fXQrfufyO9tVMC5NeT+PD3AUh447IAzoPFYTGmreUjXm75kSjdODBNll3fbTD
u1crHN/5Xnjs1a9P2hR6QZ8bbP0cgdZkXlyBozP2Zq31/Yz3XH+UmBLKTHtSxejr
wgGs0AayKVDn5LQP5aAaw9sNkdyP3+4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:24:09 2025 by rpki-client