Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS12741.roa
File: AS12741.roa (raw, json)
Hash identifier: i9nUBytKIfa8rnXPEJH0G5ccjYKb7QpIczS7UAlmdN0=
Subject key identifier: 55:35:44:32:52:BE:2E:8C:37:41:8D:2E:C4:99:FC:CE:09:40:18:93
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 423AFED4000A8CDF078214501CB61D71062AE653
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS12741.roa
Signing time: Tue 01 Apr 2025 03:08:56 +0000
ROA not before: Tue 01 Apr 2025 03:03:56 +0000
ROA not after: Tue 31 Mar 2026 03:08:56 +0000
asID: 12741
IP address blocks: 91.124.152.0/22 maxlen: 24
91.124.156.0/22 maxlen: 24
95.135.148.0/22 maxlen: 24
95.135.184.0/22 maxlen: 24
95.135.212.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 03:24:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:3a:fe:d4:00:0a:8c:df:07:82:14:50:1c:b6:1d:71:06:2a:e6:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 1 03:03:56 2025 GMT
Not After : Mar 31 03:08:56 2026 GMT
Subject: CN=5535443252BE2E8C37418D2EC499FCCE09401893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:85:c6:ee:b0:4d:ab:4c:bd:d2:b9:22:38:0a:
32:66:41:c9:ec:da:e6:ad:45:47:15:40:a1:45:88:
fe:e6:09:c8:c5:ea:54:d4:b8:f5:3d:e4:b9:fe:4a:
f0:31:c8:6b:56:39:46:c1:d1:fd:d8:4c:23:dd:91:
d9:ac:eb:5c:10:20:54:a2:eb:01:7f:6c:cc:f3:0d:
8c:0c:6a:f6:ea:68:ee:7a:92:77:32:85:68:b4:c7:
a9:e1:5f:08:9b:c3:b9:e7:a2:5c:ce:27:68:c1:52:
ac:b8:be:d3:b3:6c:a4:e2:ef:c3:cf:bd:ef:e7:1d:
b5:1b:3c:bf:0e:e8:3e:e7:9a:56:bd:8c:26:2c:57:
16:88:e3:6b:e6:b0:79:99:ef:72:0d:dd:e8:de:98:
dc:99:72:25:54:23:95:d3:f4:75:f1:d1:94:22:d4:
64:3a:15:9d:2e:15:6c:76:a9:14:70:ab:b2:7e:db:
b1:fc:da:d3:7e:51:29:98:b0:27:47:f2:59:59:0d:
fe:81:69:6d:3a:67:e7:96:23:e0:95:6e:60:cc:45:
f4:3a:9e:84:3f:4b:51:73:ba:0a:f2:be:50:2a:2f:
c0:e5:93:54:70:5c:57:bc:04:46:b8:37:2d:41:8f:
b7:b5:4d:c2:b8:2a:6a:d7:0b:b8:2e:bc:b7:c1:40:
b9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:35:44:32:52:BE:2E:8C:37:41:8D:2E:C4:99:FC:CE:09:40:18:93
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS12741.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.152.0/21
95.135.148.0/22
95.135.184.0/22
95.135.212.0/22
Signature Algorithm: sha256WithRSAEncryption
74:d2:24:ce:0e:24:89:0f:4f:11:df:91:59:01:f4:02:47:4c:
53:1a:1a:9a:51:4d:9d:7b:ce:eb:ac:e5:4b:15:99:99:d8:41:
df:33:31:ea:32:97:99:8f:56:e1:92:89:87:15:a8:b8:71:fc:
e8:cb:05:6a:eb:49:99:e9:e0:41:10:31:0c:d9:cd:fc:bd:7d:
19:51:93:12:cb:c3:19:37:d9:0c:d1:45:5a:80:25:50:4b:28:
c6:bc:6e:34:5e:65:b1:52:f2:6f:b0:03:35:62:06:40:c5:0f:
3a:d7:79:b2:36:c9:2a:15:2d:18:e7:8f:ff:f2:44:91:71:c5:
94:f4:9d:86:0e:83:da:44:71:6b:ee:22:82:82:e4:38:8a:3f:
3d:c4:3d:78:72:c7:e2:66:d1:b4:93:68:33:0e:bf:d7:40:f5:
4a:e4:fb:67:84:27:92:5a:ed:65:bc:ad:33:10:84:c8:d4:a1:
95:1c:8b:76:c8:32:23:5c:01:f3:4d:e9:f6:fd:96:34:bb:96:
ca:a4:1a:aa:fd:aa:86:75:50:5a:cd:a2:ca:c0:41:3f:80:9a:
78:49:d7:f3:a4:75:d3:bd:f2:a2:dc:f5:8c:54:df:1e:95:9c:
62:a4:d3:01:35:47:cb:de:ce:a3:8f:53:26:0a:79:20:cd:68:
9f:c8:b5:83
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUQjr+1AAKjN8HghRQHLYdcQYq5lMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MDEwMzAzNTZaFw0yNjAzMzEwMzA4NTZaMDMxMTAvBgNV
BAMTKDU1MzU0NDMyNTJCRTJFOEMzNzQxOEQyRUM0OTlGQ0NFMDk0MDE4OTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOhcbusE2rTL3SuSI4CjJmQcns
2uatRUcVQKFFiP7mCcjF6lTUuPU95Ln+SvAxyGtWOUbB0f3YTCPdkdms61wQIFSi
6wF/bMzzDYwMavbqaO56kncyhWi0x6nhXwibw7nnolzOJ2jBUqy4vtOzbKTi78PP
ve/nHbUbPL8O6D7nmla9jCYsVxaI42vmsHmZ73IN3ejemNyZciVUI5XT9HXx0ZQi
1GQ6FZ0uFWx2qRRwq7J+27H82tN+USmYsCdH8llZDf6BaW06Z+eWI+CVbmDMRfQ6
noQ/S1FzugryvlAqL8Dlk1RwXFe8BEa4Ny1Bj7e1TcK4KmrXC7guvLfBQLkBAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUVTVEMlK+Low3QY0uxJn8zglAGJMwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTI3NDEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBANbfJgD
BAJfh5QDBAJfh7gDBAJfh9QwDQYJKoZIhvcNAQELBQADggEBAHTSJM4OJIkPTxHf
kVkB9AJHTFMaGppRTZ17zuus5UsVmZnYQd8zMeoyl5mPVuGSiYcVqLhx/OjLBWrr
SZnp4EEQMQzZzfy9fRlRkxLLwxk32QzRRVqAJVBLKMa8bjReZbFS8m+wAzViBkDF
DzrXebI2ySoVLRjnj//yRJFxxZT0nYYOg9pEcWvuIoKC5DiKPz3EPXhyx+Jm0bST
aDMOv9dA9Urk+2eEJ5Ja7WW8rTMQhMjUoZUci3bIMiNcAfNN6fb9ljS7lsqkGqr9
qoZ1UFrNosrAQT+AmnhJ1/OkddO98qLc9YxU3x6VnGKk0wE1R8vezqOPUyYKeSDN
aJ/ItYM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:02 2025 by rpki-client