Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS58061.roa
File: AS58061.roa (raw, json)
Hash identifier: Dbibu+f2xRbVqwiCr/17COA1Kv8XSYq4ek76+WBF6hY=
Subject key identifier: BA:B1:1F:DD:0B:68:AC:0E:61:71:1E:47:F9:2F:5A:86:6B:DD:36:66
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 0DA1841A1D3B5F97E1A6A9C8AF174843F679A8B4
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS58061.roa
Signing time: Mon 12 May 2025 00:00:15 +0000
ROA not before: Sun 11 May 2025 23:55:15 +0000
ROA not after: Mon 11 May 2026 00:00:15 +0000
asID: 58061
IP address blocks: 91.124.35.0/24 maxlen: 24
91.124.49.0/24 maxlen: 24
91.124.54.0/24 maxlen: 24
91.124.81.0/24 maxlen: 24
91.124.147.0/24 maxlen: 24
91.124.148.0/24 maxlen: 24
91.124.173.0/24 maxlen: 24
91.124.236.0/24 maxlen: 24
91.124.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Jun 2025 20:17:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:a1:84:1a:1d:3b:5f:97:e1:a6:a9:c8:af:17:48:43:f6:79:a8:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 11 23:55:15 2025 GMT
Not After : May 11 00:00:15 2026 GMT
Subject: CN=BAB11FDD0B68AC0E61711E47F92F5A866BDD3666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:5e:65:4f:fd:06:fb:48:ce:87:39:61:66:ee:
9a:08:c7:b4:74:70:53:3c:ce:52:fa:df:60:9e:ad:
ce:70:34:69:d1:af:fd:82:ab:e4:53:ef:80:32:03:
d5:47:0a:9b:ec:fe:12:6d:73:29:e4:82:79:14:05:
c4:40:0e:77:6a:ea:68:19:b3:cf:ec:c5:ef:00:a2:
36:75:99:b4:4c:4f:fd:fb:bb:93:4c:bb:85:91:c3:
eb:3e:06:60:0c:a6:ff:c1:c3:4e:11:8e:12:41:b9:
ba:cd:b9:9f:87:70:93:08:3c:8a:5d:78:de:e9:4f:
91:9f:61:e7:80:39:57:c1:fa:e6:59:86:46:9e:80:
65:b5:41:32:99:05:19:cd:2b:d6:52:f4:23:db:e0:
ad:0c:f0:a0:5c:9f:f7:ad:1c:d8:d2:87:6c:a1:82:
6a:50:3f:1c:dc:0e:bc:31:00:1d:16:73:1a:46:af:
8b:20:44:1a:98:49:7f:55:ba:93:ac:84:7f:1b:cf:
c9:fd:43:76:f3:04:7e:12:79:9c:eb:c6:95:e6:96:
4e:b7:a4:f5:65:9b:01:ca:e6:4e:8b:30:7d:27:c0:
a2:ec:a6:a1:da:80:0f:72:1e:2c:de:63:0b:b2:ed:
a9:69:a7:05:af:fc:7c:01:65:85:f3:d3:e2:2e:45:
1b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:B1:1F:DD:0B:68:AC:0E:61:71:1E:47:F9:2F:5A:86:6B:DD:36:66
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS58061.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.35.0/24
91.124.49.0/24
91.124.54.0/24
91.124.81.0/24
91.124.147.0-91.124.148.255
91.124.173.0/24
91.124.236.0/24
91.124.255.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:a7:a6:55:a0:b8:1f:78:e7:1e:8f:a9:dd:6f:e2:22:4a:18:
21:48:35:27:a9:21:5e:b2:c0:7a:86:7e:f2:84:38:b0:3f:81:
58:50:98:08:5a:2a:2b:b9:62:cd:83:8e:2c:4b:10:d7:1a:43:
67:eb:04:25:66:91:0e:aa:e9:36:c1:dd:69:6a:55:ac:a6:ed:
6c:54:0f:5e:11:c7:07:88:17:a7:7b:55:ac:8f:3b:ee:ad:05:
e2:2c:83:18:68:51:c9:c4:ff:cf:39:b7:a5:72:5e:54:0c:87:
56:3b:c4:1a:48:cf:1d:5b:09:ed:9b:41:30:42:95:50:1e:b8:
4f:2e:aa:66:38:ba:dd:59:05:d7:7b:57:b6:98:0a:3d:fa:06:
8a:e7:0d:72:7a:d2:94:dd:0e:0c:40:cd:eb:2f:09:19:08:42:
fb:a0:ec:68:ab:b8:83:8b:b7:da:93:d1:9c:de:3e:78:dd:89:
fe:7e:77:cd:ab:9a:86:c8:d8:8e:5a:ad:f6:84:37:8c:a7:8e:
ca:14:a3:79:d4:27:7f:dd:c4:96:47:bf:82:f3:d4:79:c6:9e:
69:38:a7:ec:67:8b:c2:ed:3d:1f:d8:c5:e0:fd:fc:2e:2c:b7:
29:89:8a:83:e7:53:5f:75:da:b3:f6:db:51:de:5a:7f:77:66:
a1:0b:cd:cf
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUDaGEGh07X5fhpqnIrxdIQ/Z5qLQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA1MTEyMzU1MTVaFw0yNjA1MTEwMDAwMTVaMDMxMTAvBgNV
BAMTKEJBQjExRkREMEI2OEFDMEU2MTcxMUU0N0Y5MkY1QTg2NkJERDM2NjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbXmVP/Qb7SM6HOWFm7poIx7R0
cFM8zlL632Cerc5wNGnRr/2Cq+RT74AyA9VHCpvs/hJtcynkgnkUBcRADndq6mgZ
s8/sxe8AojZ1mbRMT/37u5NMu4WRw+s+BmAMpv/Bw04RjhJBubrNuZ+HcJMIPIpd
eN7pT5GfYeeAOVfB+uZZhkaegGW1QTKZBRnNK9ZS9CPb4K0M8KBcn/etHNjSh2yh
gmpQPxzcDrwxAB0WcxpGr4sgRBqYSX9VupOshH8bz8n9Q3bzBH4SeZzrxpXmlk63
pPVlmwHK5k6LMH0nwKLspqHagA9yHizeYwuy7alppwWv/HwBZYXz0+IuRRtfAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUurEf3QtorA5hcR5H+S9ahmvdNmYwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTgwNjEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwUQYIKwYBBQUHAQcBAf8EQjBAMD4EAgABMDgDBABbfCMD
BABbfDEDBABbfDYDBABbfFEwDAMEAFt8kwMEAFt8lAMEAFt8rQMEAFt87AMEAFt8
/zANBgkqhkiG9w0BAQsFAAOCAQEAqaemVaC4H3jnHo+p3W/iIkoYIUg1J6khXrLA
eoZ+8oQ4sD+BWFCYCFoqK7lizYOOLEsQ1xpDZ+sEJWaRDqrpNsHdaWpVrKbtbFQP
XhHHB4gXp3tVrI877q0F4iyDGGhRycT/zzm3pXJeVAyHVjvEGkjPHVsJ7ZtBMEKV
UB64Ty6qZji63VkF13tXtpgKPfoGiucNcnrSlN0ODEDN6y8JGQhC+6DsaKu4g4u3
2pPRnN4+eN2J/n53zauahsjYjlqt9oQ3jKeOyhSjedQnf93Elke/gvPUecaeaTin
7GeLwu09H9jF4P38Liy3KYmKg+dTX3Xas/bbUd5af3dmoQvNzw==
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:14:31 2025 by rpki-client