Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7018.roa
File: AS7018.roa (raw, json)
Hash identifier: OLO5Z60y+0edpM5FLH8aCGfYWSAMYmpQgpPDJQmFCVA=
Subject key identifier: 66:1C:A4:91:93:1D:B6:FD:E9:6E:89:07:48:22:C2:A2:1D:D5:9A:51
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 49B03D4F9CC13B4C1E5BCF345C138E99F25D996B
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7018.roa
Signing time: Sat 27 Apr 2024 14:55:52 +0000
ROA not before: Sat 27 Apr 2024 14:50:52 +0000
ROA not after: Sat 26 Apr 2025 14:55:52 +0000
asID: 7018
IP address blocks: 91.124.0.0/24 maxlen: 24
91.124.2.0/24 maxlen: 24
91.124.3.0/24 maxlen: 24
91.124.8.0/21 maxlen: 21
91.124.16.0/24 maxlen: 24
91.124.17.0/24 maxlen: 24
91.124.59.0/24 maxlen: 24
91.124.82.0/24 maxlen: 24
91.124.90.0/24 maxlen: 24
91.124.134.0/24 maxlen: 24
91.124.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:b0:3d:4f:9c:c1:3b:4c:1e:5b:cf:34:5c:13:8e:99:f2:5d:99:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 27 14:50:52 2024 GMT
Not After : Apr 26 14:55:52 2025 GMT
Subject: CN=661CA491931DB6FDE96E89074822C2A21DD59A51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:bd:6d:ae:41:9a:0c:91:35:95:81:fe:28:4b:
54:c5:db:7e:75:f2:ed:12:7d:53:c6:ec:ba:af:02:
b8:4d:1d:3a:5a:02:73:5c:55:1d:d8:b9:46:19:de:
cd:58:33:f4:95:a3:20:8f:e0:60:ff:d5:dc:81:97:
88:c3:de:ae:60:77:9b:7f:44:e1:0e:c2:6c:04:2c:
dd:a5:b4:b3:0e:d0:77:c1:ef:88:d8:ba:43:f3:b3:
7c:83:18:70:35:e2:bf:a7:5d:08:14:e6:91:79:dc:
c0:9c:d5:bd:10:f9:86:ed:18:bf:77:ee:10:f8:00:
77:44:cc:fb:03:6f:79:58:70:d0:a9:66:6a:4e:da:
50:d6:94:ac:82:43:79:05:16:f6:f4:eb:83:96:f2:
13:35:8b:47:95:de:f2:73:04:2b:d8:46:be:50:3e:
a2:0d:fb:7a:ad:dd:e2:37:d9:57:29:23:34:d7:22:
63:1b:0a:9c:27:6b:93:40:e6:bd:59:ed:d0:25:be:
4e:19:a3:9e:87:ab:d2:a1:24:18:42:32:5c:c8:e0:
96:23:d4:0e:c9:c3:63:42:b2:3b:3b:03:2d:8d:c2:
e0:57:c0:88:1f:24:1b:3b:73:f8:65:84:29:e2:1c:
a8:73:e0:9f:be:f1:fb:ef:65:fa:3c:22:4e:6b:96:
0d:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:1C:A4:91:93:1D:B6:FD:E9:6E:89:07:48:22:C2:A2:1D:D5:9A:51
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS7018.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.0.0/24
91.124.2.0/23
91.124.8.0-91.124.17.255
91.124.59.0/24
91.124.82.0/24
91.124.90.0/24
91.124.134.0/24
91.124.208.0/24
Signature Algorithm: sha256WithRSAEncryption
69:be:da:e8:a8:bd:d2:79:f6:f7:9a:db:45:fb:d6:07:2b:c1:
ff:72:b5:73:c8:1c:31:9e:a8:a3:6f:be:e4:34:8f:a1:42:62:
34:2e:b6:c7:69:af:21:d1:f9:8d:6b:aa:0d:a9:1d:71:47:6f:
e8:2a:c8:ee:00:2b:76:57:7a:b4:3b:f6:f9:cf:98:bb:50:10:
f4:3e:d6:d1:bf:81:fb:a9:1b:c8:25:ad:91:f6:da:ee:03:1d:
10:ab:80:60:13:0f:35:f0:d8:e2:0d:96:eb:72:21:87:ad:a1:
5c:d7:b7:b8:8e:3c:43:29:ab:76:6c:6d:bc:58:5e:13:8a:c9:
17:55:c6:bc:57:50:02:de:77:1f:80:d8:74:95:07:ff:d1:c1:
4d:e4:74:6b:56:48:45:8e:72:52:25:00:bc:90:37:d1:d0:dc:
61:09:40:1e:90:56:5b:3b:21:0e:08:7e:a5:b8:46:bd:b1:58:
cf:42:b9:92:6d:da:eb:9c:a9:ab:99:de:5a:c8:2c:ec:43:95:
bb:80:d3:bf:fe:7f:52:26:4c:b0:fd:e0:91:5b:17:09:c0:82:
76:ff:b5:a7:e4:c4:14:c3:76:f6:0d:c2:43:a6:41:2b:28:2c:
55:b7:d9:bc:c6:19:88:5d:76:13:8f:1e:63:b7:0d:a8:22:dd:
b3:ce:93:48
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIUSbA9T5zBO0weW880XBOOmfJdmWswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDA0MjcxNDUwNTJaFw0yNTA0MjYxNDU1NTJaMDMxMTAvBgNV
BAMTKDY2MUNBNDkxOTMxREI2RkRFOTZFODkwNzQ4MjJDMkEyMURENTlBNTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTvW2uQZoMkTWVgf4oS1TF2351
8u0SfVPG7LqvArhNHTpaAnNcVR3YuUYZ3s1YM/SVoyCP4GD/1dyBl4jD3q5gd5t/
ROEOwmwELN2ltLMO0HfB74jYukPzs3yDGHA14r+nXQgU5pF53MCc1b0Q+YbtGL93
7hD4AHdEzPsDb3lYcNCpZmpO2lDWlKyCQ3kFFvb064OW8hM1i0eV3vJzBCvYRr5Q
PqIN+3qt3eI32VcpIzTXImMbCpwna5NA5r1Z7dAlvk4Zo56Hq9KhJBhCMlzI4JYj
1A7Jw2NCsjs7Ay2NwuBXwIgfJBs7c/hlhCniHKhz4J++8fvvZfo8Ik5rlg3ZAgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQUZhykkZMdtv3pbokHSCLCoh3VmlEwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNzAxOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBRBggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwOAMEAFt8AAME
AVt8AjAMAwQDW3wIAwQBW3wQAwQAW3w7AwQAW3xSAwQAW3xaAwQAW3yGAwQAW3zQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBpvtroqL3Sefb3mttF+9YHK8H/crVzyBwxnqij
b77kNI+hQmI0LrbHaa8h0fmNa6oNqR1xR2/oKsjuACt2V3q0O/b5z5i7UBD0PtbR
v4H7qRvIJa2R9truAx0Qq4BgEw818NjiDZbrciGHraFc17e4jjxDKat2bG28WF4T
iskXVca8V1AC3ncfgNh0lQf/0cFN5HRrVkhFjnJSJQC8kDfR0NxhCUAekFZbOyEO
CH6luEa9sVjPQrmSbdrrnKmrmd5ayCzsQ5W7gNO//n9SJkyw/eCRWxcJwIJ2/7Wn
5MQUw3b2DcJDpkErKCxVt9m8xhmIXXYTjx5jtw2oIt2zzpNI
-----END CERTIFICATE-----
Generated at Sat May 4 10:28:30 2024 by rpki-client on console-fra.rpki-client.org