Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS58061.roa
File: AS58061.roa (raw, json)
Hash identifier: 6ZHMI4z5Q6vIyXmfB0oq1MdR1FW/yVLbufbllWJ7R7A=
Subject key identifier: 94:2E:14:92:BB:7A:06:79:F4:08:96:10:2B:C3:57:16:A2:53:D2:CB
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 0E23920E148F0D86E1C28C8267697AD1D78735DD
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS58061.roa
Signing time: Sat 26 Apr 2025 00:00:10 +0000
ROA not before: Fri 25 Apr 2025 23:55:10 +0000
ROA not after: Sat 25 Apr 2026 00:00:10 +0000
asID: 58061
IP address blocks: 91.124.18.0/24 maxlen: 24
91.124.35.0/24 maxlen: 24
91.124.49.0/24 maxlen: 24
91.124.54.0/24 maxlen: 24
91.124.60.0/24 maxlen: 24
91.124.81.0/24 maxlen: 24
91.124.147.0/24 maxlen: 24
91.124.148.0/24 maxlen: 24
91.124.173.0/24 maxlen: 24
91.124.236.0/24 maxlen: 24
91.124.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 08:22:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:23:92:0e:14:8f:0d:86:e1:c2:8c:82:67:69:7a:d1:d7:87:35:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 25 23:55:10 2025 GMT
Not After : Apr 25 00:00:10 2026 GMT
Subject: CN=942E1492BB7A0679F40896102BC35716A253D2CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1d:b1:7b:a2:31:55:b6:0c:d2:16:22:e8:f2:
3a:e7:01:5a:3c:b6:14:6a:02:ef:99:c6:87:eb:66:
1a:33:b0:67:16:7c:3b:4d:a9:c4:4a:8f:3e:46:62:
b7:5f:9f:00:7a:46:d1:a8:2f:b1:c3:c7:06:31:b9:
c3:79:f3:d0:59:15:cd:06:97:a2:1e:1d:74:e8:90:
12:8c:11:a0:32:1d:5c:23:e6:6f:1e:de:72:ee:69:
af:f3:92:52:69:30:54:01:3a:0e:6b:9c:d1:0b:bc:
e0:11:81:0c:37:7e:e9:be:49:52:1c:cc:53:f3:e9:
56:0d:56:ec:ad:d8:f9:a1:fa:0b:80:7e:c4:40:46:
26:ef:f7:47:3d:de:4c:a7:35:fe:20:b2:f1:62:9e:
a3:9a:2e:d9:19:89:18:ad:13:c0:23:f1:f7:54:96:
56:5e:80:d1:8a:a6:b8:36:3f:d4:39:38:72:3e:d1:
e0:bc:ed:da:01:56:d0:73:a5:dd:d8:3b:f5:7c:9a:
4d:a1:49:99:9e:6d:76:c1:91:85:5c:c8:64:9c:d7:
f5:ae:a5:3d:0c:17:de:55:3f:3a:36:ee:1e:95:af:
df:67:12:10:d4:5c:9b:44:69:9e:3b:f1:e9:67:e8:
4f:54:da:5c:38:f9:85:a9:a4:9e:a8:44:9f:98:15:
d0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:2E:14:92:BB:7A:06:79:F4:08:96:10:2B:C3:57:16:A2:53:D2:CB
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS58061.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.18.0/24
91.124.35.0/24
91.124.49.0/24
91.124.54.0/24
91.124.60.0/24
91.124.81.0/24
91.124.147.0-91.124.148.255
91.124.173.0/24
91.124.236.0/24
91.124.255.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:81:b0:0a:30:ef:0e:5b:01:6d:20:b1:05:30:28:c2:38:50:
ce:1d:30:4b:a2:c8:e9:12:46:5d:59:80:ad:92:0b:4e:be:dc:
9e:c9:ac:b6:14:29:54:1f:2d:05:70:74:fe:93:03:c7:e6:41:
4d:da:d4:6c:49:58:8d:4b:30:30:e8:5b:86:51:d1:9b:24:c8:
36:a3:d3:0f:fa:0b:77:c2:4b:16:e7:e9:cd:74:9c:75:3b:2f:
a6:7c:b7:94:1b:35:cd:87:fa:ae:e5:b4:65:4c:99:be:27:d0:
dc:94:d1:ad:54:af:ad:62:09:6d:d0:63:bc:bb:45:ee:1b:bf:
46:7c:11:a9:95:8d:61:55:5e:15:42:50:e9:38:1a:ca:c5:5b:
fe:10:df:18:c5:c8:08:19:72:44:29:6a:62:5e:db:e1:fe:be:
6e:d8:31:e2:80:14:02:29:d0:f2:55:e0:bc:5d:f9:ed:c7:3c:
4f:e7:62:8a:38:8d:e3:70:85:19:a7:40:ec:f2:4f:e4:96:00:
a6:a3:9f:27:bf:1b:d7:e3:2c:b4:5e:9d:a0:96:af:88:5f:79:
79:30:3b:de:dc:21:db:cd:61:e9:cd:7e:fb:e6:36:34:43:a8:
e6:6a:7d:14:b4:1f:97:33:37:ee:33:ab:08:c4:92:55:15:89:
29:d3:01:8c
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUDiOSDhSPDYbhwoyCZ2l60deHNd0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MjUyMzU1MTBaFw0yNjA0MjUwMDAwMTBaMDMxMTAvBgNV
BAMTKDk0MkUxNDkyQkI3QTA2NzlGNDA4OTYxMDJCQzM1NzE2QTI1M0QyQ0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3HbF7ojFVtgzSFiLo8jrnAVo8
thRqAu+ZxofrZhozsGcWfDtNqcRKjz5GYrdfnwB6RtGoL7HDxwYxucN589BZFc0G
l6IeHXTokBKMEaAyHVwj5m8e3nLuaa/zklJpMFQBOg5rnNELvOARgQw3fum+SVIc
zFPz6VYNVuyt2Pmh+guAfsRARibv90c93kynNf4gsvFinqOaLtkZiRitE8Aj8fdU
llZegNGKprg2P9Q5OHI+0eC87doBVtBzpd3YO/V8mk2hSZmebXbBkYVcyGSc1/Wu
pT0MF95VPzo27h6Vr99nEhDUXJtEaZ478eln6E9U2lw4+YWppJ6oRJ+YFdD7AgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUlC4Ukrt6Bnn0CJYQK8NXFqJT0sswHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTgwNjEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwXQYIKwYBBQUHAQcBAf8ETjBMMEoEAgABMEQDBABbfBID
BABbfCMDBABbfDEDBABbfDYDBABbfDwDBABbfFEwDAMEAFt8kwMEAFt8lAMEAFt8
rQMEAFt87AMEAFt8/zANBgkqhkiG9w0BAQsFAAOCAQEAD4GwCjDvDlsBbSCxBTAo
wjhQzh0wS6LI6RJGXVmArZILTr7cnsmsthQpVB8tBXB0/pMDx+ZBTdrUbElYjUsw
MOhbhlHRmyTINqPTD/oLd8JLFufpzXScdTsvpny3lBs1zYf6ruW0ZUyZvifQ3JTR
rVSvrWIJbdBjvLtF7hu/RnwRqZWNYVVeFUJQ6TgaysVb/hDfGMXICBlyRClqYl7b
4f6+btgx4oAUAinQ8lXgvF357cc8T+diijiN43CFGadA7PJP5JYApqOfJ78b1+Ms
tF6doJaviF95eTA73twh281h6c1+++Y2NEOo5mp9FLQflzM37jOrCMSSVRWJKdMB
jA==
-----END CERTIFICATE-----
Generated at Mon May 5 16:05:25 2025 by rpki-client