Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS42689.roa
File: AS42689.roa (raw, json)
Hash identifier: IgqAEfgJE2FFiSr0fDq95IA9lF8aeK1ZeabgIRY2FHk=
Subject key identifier: 46:6B:5B:0E:70:68:77:62:9B:76:C0:33:77:66:32:A5:F8:84:7F:12
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 0FDEFBB70841D950E6B1C4E8335065A9F2383B5E
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS42689.roa
Signing time: Wed 27 Mar 2024 12:19:22 +0000
ROA not before: Wed 27 Mar 2024 12:14:22 +0000
ROA not after: Wed 26 Mar 2025 12:19:22 +0000
asID: 42689
IP address blocks: 91.124.4.0/24 maxlen: 24
91.124.5.0/24 maxlen: 24
91.124.25.0/24 maxlen: 24
91.124.53.0/24 maxlen: 24
91.124.56.0/24 maxlen: 24
91.124.61.0/24 maxlen: 24
91.124.80.0/24 maxlen: 24
91.124.126.0/24 maxlen: 24
91.124.172.0/24 maxlen: 24
91.124.192.0/24 maxlen: 24
91.124.193.0/24 maxlen: 24
91.124.218.0/24 maxlen: 24
91.124.239.0/24 maxlen: 24
91.124.240.0/24 maxlen: 24
91.124.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 14:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:de:fb:b7:08:41:d9:50:e6:b1:c4:e8:33:50:65:a9:f2:38:3b:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 27 12:14:22 2024 GMT
Not After : Mar 26 12:19:22 2025 GMT
Subject: CN=466B5B0E706877629B76C033776632A5F8847F12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:55:87:11:36:be:57:30:88:7d:6e:b2:e9:00:
23:39:b5:61:7f:95:11:1e:d9:dc:ad:21:cd:e8:cd:
89:2d:d8:3d:71:66:5b:cc:41:6a:9f:8b:da:7b:46:
63:05:f4:be:70:4c:48:40:04:ba:7a:80:f9:2c:77:
8c:5e:a9:c9:d1:16:65:ec:99:2a:e2:c4:5e:a2:10:
54:45:aa:b1:12:0f:cc:f8:b0:5b:00:c7:59:fc:90:
19:63:09:8e:9a:33:93:d5:ba:22:bd:f4:c2:3d:9f:
0f:b6:b9:50:95:d8:30:ee:3a:28:03:d9:e9:65:d1:
df:bc:b8:9a:fa:b5:80:90:bd:cd:87:fe:06:7f:a5:
c0:a6:18:24:2f:cd:a0:1a:85:1f:2c:97:fe:97:d7:
65:ac:ac:a5:65:3b:0e:75:5e:2c:57:9f:c2:e5:c4:
aa:ae:86:d8:b7:7f:8b:8c:c0:7e:9d:d3:fe:65:98:
b4:01:25:00:7e:13:c3:1e:ad:7c:a9:e8:9b:4a:78:
54:b3:34:83:49:eb:7d:b9:82:c9:42:ba:88:ad:d4:
b9:81:a1:4f:0b:07:fe:4f:83:79:49:cb:cc:37:6e:
4d:a0:7d:67:5e:2c:be:3b:6f:70:42:d4:57:eb:6b:
ee:fe:c5:ed:44:2a:f5:4b:60:03:9d:c7:5e:05:7b:
c5:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:6B:5B:0E:70:68:77:62:9B:76:C0:33:77:66:32:A5:F8:84:7F:12
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS42689.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.4.0/23
91.124.25.0/24
91.124.53.0/24
91.124.56.0/24
91.124.61.0/24
91.124.80.0/24
91.124.126.0/24
91.124.172.0/24
91.124.192.0/23
91.124.218.0/24
91.124.239.0-91.124.240.255
91.124.254.0/24
Signature Algorithm: sha256WithRSAEncryption
05:f0:ad:ce:71:b6:13:1b:b4:e9:0f:e7:1f:9a:18:29:ad:b5:
5f:77:3d:35:44:ff:37:5f:c3:7d:23:d1:69:67:92:5d:fb:18:
75:94:b5:39:44:bf:04:21:7c:ae:f9:8e:82:1a:7e:df:db:65:
4c:93:97:cf:8c:60:92:10:8c:43:94:74:0b:47:51:6a:b0:03:
8b:06:5a:20:32:94:8c:ae:44:ff:8e:aa:9f:50:52:12:fd:c9:
bf:cb:ff:aa:c6:f0:4e:71:1b:bb:76:38:9d:af:51:8e:ef:64:
a5:45:ce:c6:24:df:fd:57:52:d5:eb:05:ae:ef:4f:8d:b5:8d:
37:9d:13:07:1c:39:e4:92:b2:a4:e1:8d:1a:70:4c:f9:09:4c:
38:38:b0:51:6e:33:bd:79:7a:fb:21:bf:3b:63:62:01:ff:8e:
ac:71:2e:6c:1d:14:f3:d6:97:f4:7f:0c:8c:a7:d5:f3:8e:50:
f6:d9:38:d0:69:ed:06:24:da:a3:b2:1c:99:88:3f:87:76:ba:
cb:8c:bc:1c:0e:20:a5:f4:e0:bc:8b:20:0a:c9:6b:fe:90:22:
30:aa:b2:51:55:4f:e3:98:60:6c:8e:ee:71:1d:73:bf:62:72:
85:32:84:c8:6e:e4:9f:af:b8:0f:86:a7:ac:72:bf:d1:40:dc:
43:1a:da:ad
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUD977twhB2VDmscToM1BlqfI4O14wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAzMjcxMjE0MjJaFw0yNTAzMjYxMjE5MjJaMDMxMTAvBgNV
BAMTKDQ2NkI1QjBFNzA2ODc3NjI5Qjc2QzAzMzc3NjYzMkE1Rjg4NDdGMTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQVYcRNr5XMIh9brLpACM5tWF/
lREe2dytIc3ozYkt2D1xZlvMQWqfi9p7RmMF9L5wTEhABLp6gPksd4xeqcnRFmXs
mSrixF6iEFRFqrESD8z4sFsAx1n8kBljCY6aM5PVuiK99MI9nw+2uVCV2DDuOigD
2ell0d+8uJr6tYCQvc2H/gZ/pcCmGCQvzaAahR8sl/6X12WsrKVlOw51XixXn8Ll
xKquhti3f4uMwH6d0/5lmLQBJQB+E8MerXyp6JtKeFSzNINJ6325gslCuoit1LmB
oU8LB/5Pg3lJy8w3bk2gfWdeLL47b3BC1Ffra+7+xe1EKvVLYAOdx14Fe8UvAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQURmtbDnBod2KbdsAzd2YypfiEfxIwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDI2ODkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwaQYIKwYBBQUHAQcBAf8EWjBYMFYEAgABMFADBAFbfAQD
BABbfBkDBABbfDUDBABbfDgDBABbfD0DBABbfFADBABbfH4DBABbfKwDBAFbfMAD
BABbfNowDAMEAFt87wMEAFt88AMEAFt8/jANBgkqhkiG9w0BAQsFAAOCAQEABfCt
znG2Exu06Q/nH5oYKa21X3c9NUT/N1/DfSPRaWeSXfsYdZS1OUS/BCF8rvmOghp+
39tlTJOXz4xgkhCMQ5R0C0dRarADiwZaIDKUjK5E/46qn1BSEv3Jv8v/qsbwTnEb
u3Y4na9Rju9kpUXOxiTf/VdS1esFru9PjbWNN50TBxw55JKypOGNGnBM+QlMODiw
UW4zvXl6+yG/O2NiAf+OrHEubB0U89aX9H8MjKfV845Q9tk40GntBiTao7IcmYg/
h3a6y4y8HA4gpfTgvIsgCslr/pAiMKqyUVVP45hgbI7ucR1zv2JyhTKEyG7kn6+4
D4anrHK/0UDcQxrarQ==
-----END CERTIFICATE-----
Generated at Wed May 22 18:10:31 2024 by rpki-client on console-fra.rpki-client.org