Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS58061.roa
File: AS58061.roa (raw, json)
Hash identifier: CvchE8e4jwWd7NwzCXG9iqPiezEnADh3XMt4SbfnNpA=
Subject key identifier: 52:CD:FF:73:09:63:21:A6:5C:D0:D4:57:E4:0A:9C:12:63:71:E3:C4
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 2E4602E7C500316274D0C43E87CC23CF7FE22277
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS58061.roa
Signing time: Wed 16 Apr 2025 00:00:27 +0000
ROA not before: Tue 15 Apr 2025 23:55:27 +0000
ROA not after: Wed 15 Apr 2026 00:00:27 +0000
asID: 58061
IP address blocks: 91.124.18.0/24 maxlen: 24
91.124.35.0/24 maxlen: 24
91.124.49.0/24 maxlen: 24
91.124.54.0/24 maxlen: 24
91.124.60.0/24 maxlen: 24
91.124.81.0/24 maxlen: 24
91.124.147.0/24 maxlen: 24
91.124.148.0/24 maxlen: 24
91.124.173.0/24 maxlen: 24
91.124.186.0/24 maxlen: 24
91.124.200.0/24 maxlen: 24
91.124.236.0/24 maxlen: 24
91.124.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 15:28:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:46:02:e7:c5:00:31:62:74:d0:c4:3e:87:cc:23:cf:7f:e2:22:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 15 23:55:27 2025 GMT
Not After : Apr 15 00:00:27 2026 GMT
Subject: CN=52CDFF73096321A65CD0D457E40A9C126371E3C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ee:58:0c:69:d1:6e:e9:fa:30:8b:b0:05:b5:
94:ed:25:0e:cc:50:ab:31:9b:dc:9d:08:e3:2e:b1:
15:d7:a0:a0:ed:6f:b7:84:d9:d1:e2:f5:7a:26:9c:
26:00:f0:73:d4:fd:77:b8:85:06:a3:ce:46:53:1f:
d7:59:f8:41:43:61:7c:ce:df:61:0f:d3:21:fc:2c:
7b:26:1e:e9:23:43:76:5f:14:f1:dc:f5:6a:d1:df:
de:67:78:25:21:a6:e2:dc:34:c3:5e:f2:99:2a:cb:
d8:5c:a7:39:6b:22:df:94:87:dd:28:c0:af:54:ca:
0f:10:ed:ab:26:98:62:96:ee:d3:6c:02:7b:46:cf:
a1:b7:ec:de:64:c6:e2:b9:77:e4:81:05:e7:c4:97:
91:76:8f:e6:f5:a0:2f:07:57:a0:cb:6e:4e:31:a7:
36:45:e9:a4:28:04:26:b9:e9:f3:56:40:63:1f:87:
60:f3:8f:31:cf:16:ea:d7:84:11:3a:66:db:c6:5d:
6a:cd:4f:65:42:93:86:ff:2c:56:fb:9d:d9:64:8a:
c5:b9:76:93:2e:04:1e:b2:e1:d3:4f:fe:ae:fd:3c:
ea:35:be:13:e4:7c:0c:d3:49:c4:5c:d3:cf:29:80:
5f:bd:dc:63:0e:ed:24:8e:08:12:93:42:3e:dd:4f:
a9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:CD:FF:73:09:63:21:A6:5C:D0:D4:57:E4:0A:9C:12:63:71:E3:C4
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS58061.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.18.0/24
91.124.35.0/24
91.124.49.0/24
91.124.54.0/24
91.124.60.0/24
91.124.81.0/24
91.124.147.0-91.124.148.255
91.124.173.0/24
91.124.186.0/24
91.124.200.0/24
91.124.236.0/24
91.124.255.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:c2:a5:4e:e4:7d:f9:10:87:e6:3e:b1:07:f3:77:d8:ca:f9:
61:76:8e:29:a9:47:e3:6e:d1:a1:1d:8a:c9:0e:b7:ba:e0:8d:
7b:6a:c5:bd:30:11:2e:92:d4:60:da:1b:a5:55:8a:b1:09:26:
d5:47:52:b2:24:6e:4b:ae:9f:e1:0b:82:41:39:0a:0b:6d:d1:
c1:40:87:d3:e8:10:a7:4a:04:d2:ab:2e:47:ca:d9:20:d4:35:
ec:c9:06:9a:f9:4d:fd:d9:ab:11:30:30:95:ad:dd:dd:54:7d:
be:09:36:4b:72:74:ed:a3:f8:1d:86:c9:8c:b8:75:ac:69:ac:
27:41:85:44:76:22:bd:07:e1:fd:df:29:c0:ba:27:f0:cd:de:
17:54:0e:95:c6:e4:cf:e1:df:14:50:dc:5d:02:65:ec:15:f9:
d8:99:97:3d:67:a5:d2:ab:93:5f:5b:86:72:0e:f9:db:8f:c8:
f8:95:f2:02:11:a4:a0:60:0b:d3:3a:91:1a:bc:c9:18:67:3d:
bc:04:f1:d2:e4:2b:56:d4:f2:22:d0:b3:f7:d0:e2:4b:cb:5e:
e0:55:2d:57:e4:90:67:df:38:40:ec:a5:6f:9e:bd:1d:a6:fc:
26:13:ce:aa:11:c4:dc:6e:b7:95:dd:61:47:cb:86:a8:4d:4e:
b9:ef:a4:dd
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIULkYC58UAMWJ00MQ+h8wjz3/iIncwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MTUyMzU1MjdaFw0yNjA0MTUwMDAwMjdaMDMxMTAvBgNV
BAMTKDUyQ0RGRjczMDk2MzIxQTY1Q0QwRDQ1N0U0MEE5QzEyNjM3MUUzQzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa7lgMadFu6fowi7AFtZTtJQ7M
UKsxm9ydCOMusRXXoKDtb7eE2dHi9XomnCYA8HPU/Xe4hQajzkZTH9dZ+EFDYXzO
32EP0yH8LHsmHukjQ3ZfFPHc9WrR395neCUhpuLcNMNe8pkqy9hcpzlrIt+Uh90o
wK9Uyg8Q7asmmGKW7tNsAntGz6G37N5kxuK5d+SBBefEl5F2j+b1oC8HV6DLbk4x
pzZF6aQoBCa56fNWQGMfh2DzjzHPFurXhBE6ZtvGXWrNT2VCk4b/LFb7ndlkisW5
dpMuBB6y4dNP/q79POo1vhPkfAzTScRc088pgF+93GMO7SSOCBKTQj7dT6kBAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUUs3/cwljIaZc0NRX5AqcEmNx48QwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTgwNjEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwaQYIKwYBBQUHAQcBAf8EWjBYMFYEAgABMFADBABbfBID
BABbfCMDBABbfDEDBABbfDYDBABbfDwDBABbfFEwDAMEAFt8kwMEAFt8lAMEAFt8
rQMEAFt8ugMEAFt8yAMEAFt87AMEAFt8/zANBgkqhkiG9w0BAQsFAAOCAQEAG8Kl
TuR9+RCH5j6xB/N32Mr5YXaOKalH427RoR2KyQ63uuCNe2rFvTARLpLUYNobpVWK
sQkm1UdSsiRuS66f4QuCQTkKC23RwUCH0+gQp0oE0qsuR8rZINQ17MkGmvlN/dmr
ETAwla3d3VR9vgk2S3J07aP4HYbJjLh1rGmsJ0GFRHYivQfh/d8pwLon8M3eF1QO
lcbkz+HfFFDcXQJl7BX52JmXPWel0quTX1uGcg7524/I+JXyAhGkoGAL0zqRGrzJ
GGc9vATx0uQrVtTyItCz99DiS8te4FUtV+SQZ984QOylb569Hab8JhPOqhHE3G63
ld1hR8uGqE1Oue+k3Q==
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:09:58 2025 by rpki-client