Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS61112.roa
File: AS61112.roa (raw, json)
Hash identifier: DZcHFA3Rd52O1IO5sGy55uElVc2tud2ERIVTk8TqZd8=
Subject key identifier: 53:8C:B9:A3:91:53:4B:E7:2F:04:B5:97:B1:0B:AD:79:5C:27:F4:99
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 29CD701EBF4E52D91385A33F25D97186067BE348
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS61112.roa
Signing time: Mon 01 Jul 2024 16:44:51 +0000
ROA not before: Mon 01 Jul 2024 16:39:51 +0000
ROA not after: Mon 30 Jun 2025 16:44:51 +0000
asID: 61112
IP address blocks: 141.11.76.0/23 maxlen: 24
141.11.78.0/23 maxlen: 24
141.11.86.0/23 maxlen: 24
141.11.90.0/23 maxlen: 24
141.11.130.0/23 maxlen: 24
141.11.146.0/23 maxlen: 24
141.11.148.0/23 maxlen: 24
141.11.174.0/23 maxlen: 24
141.11.216.0/23 maxlen: 24
141.11.218.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:cd:70:1e:bf:4e:52:d9:13:85:a3:3f:25:d9:71:86:06:7b:e3:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Jul 1 16:39:51 2024 GMT
Not After : Jun 30 16:44:51 2025 GMT
Subject: CN=538CB9A391534BE72F04B597B10BAD795C27F499
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:20:03:b0:da:b1:cd:5d:a6:75:e0:53:f3:5b:
91:08:46:d7:5e:31:f6:63:40:14:f8:a6:3b:3d:89:
89:88:dc:40:a9:e3:30:4a:7a:af:86:b8:ec:7f:cb:
65:9f:61:6b:26:69:db:e7:52:7c:e4:f0:00:1c:58:
c6:dc:9a:a3:7f:2e:33:63:52:cf:21:03:4e:55:76:
ab:76:b3:6c:bf:44:63:a6:86:06:08:c7:94:16:70:
3a:f0:32:76:f5:44:14:6e:c4:11:a5:f9:3e:8b:36:
64:6d:61:d1:a5:67:ea:e5:02:68:8c:cb:22:7b:b3:
09:e4:1d:19:65:61:fc:6b:f6:b7:9a:43:f3:91:3f:
97:7d:8f:94:3f:f5:9f:96:48:23:38:c8:d3:49:5e:
99:9f:d2:61:63:da:c1:4b:69:a2:0b:c0:0a:f9:0c:
e6:ec:d6:65:20:b2:27:ba:d8:7a:28:2c:86:0f:1b:
9e:10:d3:7f:c1:f0:b7:d1:2f:81:a2:08:66:83:73:
7e:82:8f:cf:64:49:d2:95:2e:f4:31:97:a0:f8:05:
98:3c:84:b1:23:13:df:6d:9b:f5:2e:a9:ca:ae:2f:
7c:b0:38:e2:8b:b8:67:fc:d7:07:b1:b0:94:d2:64:
5f:4b:8f:41:71:07:4b:93:49:bf:14:da:db:9a:d7:
12:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:8C:B9:A3:91:53:4B:E7:2F:04:B5:97:B1:0B:AD:79:5C:27:F4:99
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS61112.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.76.0/22
141.11.86.0/23
141.11.90.0/23
141.11.130.0/23
141.11.146.0-141.11.149.255
141.11.174.0/23
141.11.216.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:7e:5b:a4:2f:81:e6:5a:67:90:63:fd:ab:28:00:34:f7:f9:
af:d6:b5:1d:01:e0:8b:33:15:ef:2f:b1:89:d1:b9:d7:8c:2b:
7f:7f:a9:4e:27:6d:f6:ce:91:33:7c:31:95:69:f5:a6:76:03:
f2:0b:d5:b8:78:8c:be:5d:65:ec:b7:59:c3:cb:59:ea:51:51:
19:17:ec:0b:05:e4:f7:5b:f3:1d:24:5c:9b:b9:59:d4:91:40:
da:a7:ad:d0:54:bd:9d:f1:f2:61:12:8c:cf:fa:2e:aa:3d:9c:
f3:a4:fc:77:8f:1b:69:3d:34:6f:49:3a:40:dd:46:8f:2a:ef:
57:a3:02:3c:29:d6:f6:44:7d:26:f7:ba:71:0e:08:72:d2:f0:
5e:d6:05:7c:0f:3f:87:73:3c:7c:57:d6:c7:1f:9e:3f:c8:9d:
90:00:01:f6:2b:0f:fa:02:be:ed:e3:05:e9:fb:f1:6a:68:d9:
ca:2d:7f:22:85:cd:07:73:1e:e6:ce:24:c1:dc:12:30:a0:ac:
bf:31:c3:41:9b:40:66:2c:47:56:37:cc:d4:71:a6:1b:48:a8:
d0:33:06:02:62:39:0e:7b:6a:39:54:d3:48:e7:d2:55:35:4c:
cb:1d:fe:56:ad:48:56:9b:3a:55:0e:56:c9:70:72:4e:89:6b:
45:02:d6:74
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUKc1wHr9OUtkThaM/JdlxhgZ740gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDA3MDExNjM5NTFaFw0yNTA2MzAxNjQ0NTFaMDMxMTAvBgNV
BAMTKDUzOENCOUEzOTE1MzRCRTcyRjA0QjU5N0IxMEJBRDc5NUMyN0Y0OTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrIAOw2rHNXaZ14FPzW5EIRtde
MfZjQBT4pjs9iYmI3ECp4zBKeq+GuOx/y2WfYWsmadvnUnzk8AAcWMbcmqN/LjNj
Us8hA05Vdqt2s2y/RGOmhgYIx5QWcDrwMnb1RBRuxBGl+T6LNmRtYdGlZ+rlAmiM
yyJ7swnkHRllYfxr9reaQ/ORP5d9j5Q/9Z+WSCM4yNNJXpmf0mFj2sFLaaILwAr5
DObs1mUgsie62HooLIYPG54Q03/B8LfRL4GiCGaDc36Cj89kSdKVLvQxl6D4BZg8
hLEjE99tm/UuqcquL3ywOOKLuGf81wexsJTSZF9Lj0FxB0uTSb8U2tua1xLFAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUU4y5o5FTS+cvBLWXsQuteVwn9JkwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNjExMTIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSwYIKwYBBQUHAQcBAf8EPDA6MDgEAgABMDIDBAKNC0wD
BAGNC1YDBAGNC1oDBAGNC4IwDAMEAY0LkgMEAY0LlAMEAY0LrgMEAo0L2DANBgkq
hkiG9w0BAQsFAAOCAQEAoH5bpC+B5lpnkGP9qygANPf5r9a1HQHgizMV7y+xidG5
14wrf3+pTidt9s6RM3wxlWn1pnYD8gvVuHiMvl1l7LdZw8tZ6lFRGRfsCwXk91vz
HSRcm7lZ1JFA2qet0FS9nfHyYRKMz/ouqj2c86T8d48baT00b0k6QN1GjyrvV6MC
PCnW9kR9Jve6cQ4IctLwXtYFfA8/h3M8fFfWxx+eP8idkAAB9isP+gK+7eMF6fvx
amjZyi1/IoXNB3Me5s4kwdwSMKCsvzHDQZtAZixHVjfM1HGmG0io0DMGAmI5Dntq
OVTTSOfSVTVMyx3+Vq1IVps6VQ5WyXByTolrRQLWdA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:59:16 2024 by rpki-client on console-ams.rpki-client.org