Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS42689.roa
File: AS42689.roa (raw, json)
Hash identifier: kQtbycznmXGRzopTOKXEap9LqpXVxK9Md6GK5i0P6fU=
Subject key identifier: F4:6D:ED:2E:BE:9B:51:AB:49:FE:33:39:29:D0:AB:E3:40:0C:0D:A8
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 5CB63E9F8943EC07250E7D4536EA564F7F8B2105
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS42689.roa
Signing time: Fri 31 Jan 2025 10:32:52 +0000
ROA not before: Fri 31 Jan 2025 10:27:52 +0000
ROA not after: Fri 30 Jan 2026 10:32:52 +0000
asID: 42689
IP address blocks: 46.202.28.0/24 maxlen: 24
46.202.52.0/24 maxlen: 24
91.124.4.0/24 maxlen: 24
91.124.5.0/24 maxlen: 24
91.124.25.0/24 maxlen: 24
91.124.53.0/24 maxlen: 24
91.124.56.0/24 maxlen: 24
91.124.61.0/24 maxlen: 24
91.124.80.0/24 maxlen: 24
91.124.126.0/24 maxlen: 24
91.124.172.0/24 maxlen: 24
91.124.192.0/24 maxlen: 24
91.124.193.0/24 maxlen: 24
91.124.218.0/24 maxlen: 24
91.124.239.0/24 maxlen: 24
91.124.240.0/24 maxlen: 24
91.124.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 03:24:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:b6:3e:9f:89:43:ec:07:25:0e:7d:45:36:ea:56:4f:7f:8b:21:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jan 31 10:27:52 2025 GMT
Not After : Jan 30 10:32:52 2026 GMT
Subject: CN=F46DED2EBE9B51AB49FE333929D0ABE3400C0DA8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:21:f2:1c:45:3b:26:55:73:ee:0c:f7:f5:3d:
c9:f0:3e:02:ba:da:46:05:3b:c2:ea:c4:30:4a:41:
c4:f6:14:f1:25:b1:c5:d0:7c:b9:8d:91:c1:42:79:
01:15:a6:8b:73:0f:fb:41:f1:44:5c:24:cd:24:38:
a6:1d:f8:f2:4c:cf:3d:f4:a9:6a:02:e2:f9:7f:1e:
90:f3:2e:00:ed:fe:c1:f4:f4:b6:51:2d:14:0a:ff:
5c:cc:07:08:6e:4d:26:0e:ca:a8:77:d8:55:4c:3f:
6d:58:0f:77:95:af:04:bb:f0:5f:f4:6c:9c:d7:41:
8d:36:c6:5b:19:e7:4d:51:b6:dd:a8:c3:41:16:40:
d2:60:1d:2d:34:49:2a:4f:fb:99:f9:46:32:98:51:
de:cf:6b:eb:1a:77:65:87:8d:d0:da:46:05:14:3a:
52:22:b3:c2:85:d0:7d:45:42:8d:db:6d:76:f3:c1:
de:98:eb:51:c2:aa:9f:8a:e4:01:4c:7d:2d:94:45:
47:19:a6:53:3a:77:1b:2a:aa:70:c3:38:b6:35:e6:
c0:53:a3:04:b2:e8:e6:6f:b7:1c:a2:e7:b0:d5:71:
78:70:05:63:69:28:95:b4:84:94:e0:55:23:0d:5a:
b7:9a:0e:10:fd:23:c7:2d:80:e1:12:fe:e5:0d:89:
36:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:6D:ED:2E:BE:9B:51:AB:49:FE:33:39:29:D0:AB:E3:40:0C:0D:A8
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS42689.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.28.0/24
46.202.52.0/24
91.124.4.0/23
91.124.25.0/24
91.124.53.0/24
91.124.56.0/24
91.124.61.0/24
91.124.80.0/24
91.124.126.0/24
91.124.172.0/24
91.124.192.0/23
91.124.218.0/24
91.124.239.0-91.124.240.255
91.124.254.0/24
Signature Algorithm: sha256WithRSAEncryption
17:5a:e3:11:0c:5e:e4:ed:b0:b9:99:89:53:d3:c3:55:91:39:
99:11:05:43:f2:c6:83:51:39:60:61:ea:d1:7e:f6:85:32:43:
6a:62:33:bc:d7:46:cd:03:da:21:71:ee:2f:c9:14:2e:ee:56:
2c:85:7e:c9:91:eb:20:04:51:4d:cc:9a:33:17:66:f6:8d:16:
91:ca:0d:2a:26:44:48:99:ef:c1:c5:13:0c:57:a0:0d:58:8c:
2e:d3:18:cd:cb:9e:b1:ec:3a:4c:27:f3:48:a7:2b:72:c8:41:
eb:a8:98:74:0f:06:63:73:de:bb:17:08:1d:30:b1:53:09:bd:
3f:b3:98:7f:9f:11:a2:66:d4:4c:d0:a0:5c:1e:91:be:2f:24:
74:5e:44:ba:cf:04:4f:85:72:b7:7e:1f:e0:08:e3:c4:56:38:
ab:61:56:bc:40:6a:d3:9f:42:4a:1b:77:b2:95:05:10:0e:cc:
6f:cb:91:27:80:0a:db:ac:87:67:0b:ad:b5:7b:84:8d:ab:64:
7d:1d:6d:f5:a5:9a:0f:69:6c:f4:ff:2e:e3:3d:7f:00:c2:df:
51:a2:51:f7:09:f2:07:e7:68:6f:57:f4:ac:de:e4:d3:6f:de:
52:65:29:f8:2d:ac:31:10:52:81:69:9a:bc:ed:92:e8:77:fd:
4a:19:c8:dc
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIUXLY+n4lD7AclDn1FNupWT3+LIQUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTAxMzExMDI3NTJaFw0yNjAxMzAxMDMyNTJaMDMxMTAvBgNV
BAMTKEY0NkRFRDJFQkU5QjUxQUI0OUZFMzMzOTI5RDBBQkUzNDAwQzBEQTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzIfIcRTsmVXPuDPf1PcnwPgK6
2kYFO8LqxDBKQcT2FPElscXQfLmNkcFCeQEVpotzD/tB8URcJM0kOKYd+PJMzz30
qWoC4vl/HpDzLgDt/sH09LZRLRQK/1zMBwhuTSYOyqh32FVMP21YD3eVrwS78F/0
bJzXQY02xlsZ501Rtt2ow0EWQNJgHS00SSpP+5n5RjKYUd7Pa+sad2WHjdDaRgUU
OlIis8KF0H1FQo3bbXbzwd6Y61HCqp+K5AFMfS2URUcZplM6dxsqqnDDOLY15sBT
owSy6OZvtxyi57DVcXhwBWNpKJW0hJTgVSMNWreaDhD9I8ctgOES/uUNiTbjAgMB
AAGjggJfMIICWzAdBgNVHQ4EFgQU9G3tLr6bUatJ/jM5KdCr40AMDagwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDI2ODkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwdQYIKwYBBQUHAQcBAf8EZjBkMGIEAgABMFwDBAAuyhwD
BAAuyjQDBAFbfAQDBABbfBkDBABbfDUDBABbfDgDBABbfD0DBABbfFADBABbfH4D
BABbfKwDBAFbfMADBABbfNowDAMEAFt87wMEAFt88AMEAFt8/jANBgkqhkiG9w0B
AQsFAAOCAQEAF1rjEQxe5O2wuZmJU9PDVZE5mREFQ/LGg1E5YGHq0X72hTJDamIz
vNdGzQPaIXHuL8kULu5WLIV+yZHrIARRTcyaMxdm9o0WkcoNKiZESJnvwcUTDFeg
DViMLtMYzcuesew6TCfzSKcrcshB66iYdA8GY3PeuxcIHTCxUwm9P7OYf58RombU
TNCgXB6Rvi8kdF5Eus8ET4Vyt34f4AjjxFY4q2FWvEBq059CSht3spUFEA7Mb8uR
J4AK26yHZwuttXuEjatkfR1t9aWaD2ls9P8u4z1/AMLfUaJR9wnyB+dob1f0rN7k
02/eUmUp+C2sMRBSgWmavO2S6Hf9ShnI3A==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:00 2025 by rpki-client