Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS58061.roa
File: AS58061.roa (raw, json)
Hash identifier: RxwG6fk0mPD2AqOuc0iL4NkMb4Xwn0z4v6S6bcuw6Vo=
Subject key identifier: 88:9F:37:3D:D2:B9:65:99:2C:DE:6E:62:1B:05:9C:08:6E:BF:9F:50
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 7B45436245DFE9B65B7A049C354B9782DEC53E3D
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS58061.roa
Signing time: Sun 16 Feb 2025 00:01:08 +0000
ROA not before: Sat 15 Feb 2025 23:56:08 +0000
ROA not after: Sun 15 Feb 2026 00:01:08 +0000
asID: 58061
IP address blocks: 91.124.18.0/24 maxlen: 24
91.124.29.0/24 maxlen: 24
91.124.35.0/24 maxlen: 24
91.124.49.0/24 maxlen: 24
91.124.54.0/24 maxlen: 24
91.124.60.0/24 maxlen: 24
91.124.81.0/24 maxlen: 24
91.124.128.0/24 maxlen: 24
91.124.147.0/24 maxlen: 24
91.124.148.0/24 maxlen: 24
91.124.173.0/24 maxlen: 24
91.124.186.0/24 maxlen: 24
91.124.200.0/24 maxlen: 24
91.124.221.0/24 maxlen: 24
91.124.236.0/24 maxlen: 24
91.124.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 10:55:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:45:43:62:45:df:e9:b6:5b:7a:04:9c:35:4b:97:82:de:c5:3e:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 15 23:56:08 2025 GMT
Not After : Feb 15 00:01:08 2026 GMT
Subject: CN=889F373DD2B965992CDE6E621B059C086EBF9F50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:e4:43:c9:f1:ce:07:21:dc:1a:46:b5:40:2f:
02:71:13:15:8f:d8:82:5f:52:c3:7a:65:13:5f:53:
9a:4d:46:21:ec:7c:aa:48:98:47:51:b6:c6:57:a9:
a4:01:21:b4:b4:5d:a5:9b:e3:d6:59:dc:38:71:34:
9f:d0:1f:1f:dd:f5:24:9b:3c:89:ad:5e:60:fb:7b:
e5:b5:48:0a:c1:e5:be:fd:ef:47:eb:88:9a:45:7a:
90:95:cb:e2:85:7b:29:9a:d6:6a:fa:4f:55:c9:7c:
c3:0a:92:2a:94:3e:b9:95:ff:ef:4f:2d:fe:0d:ca:
2b:9b:77:15:22:fb:96:91:3e:af:5c:fb:31:6d:ce:
8a:eb:df:49:36:b8:91:cd:12:4f:97:b1:fb:9a:a2:
b7:90:a1:6a:e1:79:16:b1:f4:f4:4c:e7:d8:a7:2b:
fc:f6:e7:f1:3c:04:d3:92:44:4d:12:7f:3f:ae:f3:
3c:f3:f7:a2:f5:4c:f5:7e:11:13:23:d8:fa:a2:8c:
36:32:8c:bd:e7:de:5f:d5:74:c6:03:a7:d3:7a:77:
aa:a2:44:d9:96:0c:a8:27:e1:90:fe:2a:79:21:d0:
37:9e:f3:d0:81:10:55:b1:20:2e:2f:dc:fd:01:c1:
4b:d4:ee:33:81:99:33:b5:7b:f2:74:88:eb:ee:d8:
4f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:9F:37:3D:D2:B9:65:99:2C:DE:6E:62:1B:05:9C:08:6E:BF:9F:50
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS58061.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.18.0/24
91.124.29.0/24
91.124.35.0/24
91.124.49.0/24
91.124.54.0/24
91.124.60.0/24
91.124.81.0/24
91.124.128.0/24
91.124.147.0-91.124.148.255
91.124.173.0/24
91.124.186.0/24
91.124.200.0/24
91.124.221.0/24
91.124.236.0/24
91.124.255.0/24
Signature Algorithm: sha256WithRSAEncryption
00:a5:c7:85:4b:1c:14:8e:00:6e:b6:a6:ab:10:d9:ba:e3:29:
b9:68:49:ec:19:32:31:c1:cd:ba:86:49:ab:8e:03:f1:7b:96:
54:d3:f9:ed:5b:a0:b4:be:f0:9c:e0:75:28:05:b6:ff:69:f0:
37:84:0c:47:24:01:68:84:52:73:09:4d:2a:53:ac:80:01:cb:
6e:e5:8e:d3:13:e1:72:c6:12:3a:2e:0c:39:06:bd:d6:05:c5:
0e:a4:ee:b6:3f:f6:7a:d4:9b:b7:ac:22:41:a2:e8:8d:e5:50:
1a:53:92:d9:89:cb:4a:60:e2:79:a9:d9:1e:df:5e:a7:77:05:
09:a5:ce:03:53:61:a7:29:04:38:bb:64:d4:37:e2:47:7e:dd:
1f:89:7b:64:1d:dc:42:13:03:03:b9:65:a1:9d:c6:bc:37:8c:
1c:23:c5:a9:68:a7:54:85:43:0a:16:c8:71:28:8a:6a:48:ec:
eb:d0:91:88:66:aa:22:b1:3d:96:b8:74:ea:5e:e2:77:c9:b2:
98:a3:be:0a:18:ed:e6:ba:e0:94:ae:67:9c:1c:f7:71:92:3c:
25:12:32:b3:b3:7c:c1:4e:9e:54:e9:7c:93:dc:c9:db:a3:92:
9c:6d:b6:61:fa:1b:61:f8:0c:11:35:0b:6c:15:44:20:b6:40:
59:58:c7:8e
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIUe0VDYkXf6bZbegScNUuXgt7FPj0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTAyMTUyMzU2MDhaFw0yNjAyMTUwMDAxMDhaMDMxMTAvBgNV
BAMTKDg4OUYzNzNERDJCOTY1OTkyQ0RFNkU2MjFCMDU5QzA4NkVCRjlGNTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDy5EPJ8c4HIdwaRrVALwJxExWP
2IJfUsN6ZRNfU5pNRiHsfKpImEdRtsZXqaQBIbS0XaWb49ZZ3DhxNJ/QHx/d9SSb
PImtXmD7e+W1SArB5b7970friJpFepCVy+KFeyma1mr6T1XJfMMKkiqUPrmV/+9P
Lf4NyiubdxUi+5aRPq9c+zFtzorr30k2uJHNEk+XsfuaoreQoWrheRax9PRM59in
K/z25/E8BNOSRE0Sfz+u8zzz96L1TPV+ERMj2PqijDYyjL3n3l/VdMYDp9N6d6qi
RNmWDKgn4ZD+Knkh0Dee89CBEFWxIC4v3P0BwUvU7jOBmTO1e/J0iOvu2E8RAgMB
AAGjggJlMIICYTAdBgNVHQ4EFgQUiJ83PdK5ZZks3m5iGwWcCG6/n1AwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTgwNjEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwewYIKwYBBQUHAQcBAf8EbDBqMGgEAgABMGIDBABbfBID
BABbfB0DBABbfCMDBABbfDEDBABbfDYDBABbfDwDBABbfFEDBABbfIAwDAMEAFt8
kwMEAFt8lAMEAFt8rQMEAFt8ugMEAFt8yAMEAFt83QMEAFt87AMEAFt8/zANBgkq
hkiG9w0BAQsFAAOCAQEAAKXHhUscFI4AbramqxDZuuMpuWhJ7BkyMcHNuoZJq44D
8XuWVNP57VugtL7wnOB1KAW2/2nwN4QMRyQBaIRScwlNKlOsgAHLbuWO0xPhcsYS
Oi4MOQa91gXFDqTutj/2etSbt6wiQaLojeVQGlOS2YnLSmDieanZHt9ep3cFCaXO
A1NhpykEOLtk1DfiR37dH4l7ZB3cQhMDA7lloZ3GvDeMHCPFqWinVIVDChbIcSiK
akjs69CRiGaqIrE9lrh06l7id8mymKO+Chjt5rrglK5nnBz3cZI8JRIys7N8wU6e
VOl8k9zJ26OSnG22YfobYfgMETULbBVEILZAWVjHjg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:15:13 2025 by rpki-client