Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS58061.roa
File: AS58061.roa (raw, json)
Hash identifier: nDiqBKoavRSiGKd3N9bCIl5fVIDtgZk01o0NtVDrdKs=
Subject key identifier: 27:6B:8A:2A:9D:EB:19:E6:6B:32:F5:8F:4C:17:0A:B7:3D:11:64:C4
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 52ED94EB93FF3E86E88EA76BFBCDD9D271ED701B
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS58061.roa
Signing time: Mon 23 Sep 2024 19:58:41 +0000
ROA not before: Mon 23 Sep 2024 19:53:41 +0000
ROA not after: Mon 22 Sep 2025 19:58:41 +0000
asID: 58061
IP address blocks: 91.124.18.0/24 maxlen: 24
91.124.29.0/24 maxlen: 24
91.124.35.0/24 maxlen: 24
91.124.49.0/24 maxlen: 24
91.124.54.0/24 maxlen: 24
91.124.60.0/24 maxlen: 24
91.124.81.0/24 maxlen: 24
91.124.128.0/24 maxlen: 24
91.124.147.0/24 maxlen: 24
91.124.148.0/24 maxlen: 24
91.124.173.0/24 maxlen: 24
91.124.177.0/24 maxlen: 24
91.124.186.0/24 maxlen: 24
91.124.200.0/24 maxlen: 24
91.124.221.0/24 maxlen: 24
91.124.236.0/24 maxlen: 24
91.124.241.0/24 maxlen: 24
91.124.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:ed:94:eb:93:ff:3e:86:e8:8e:a7:6b:fb:cd:d9:d2:71:ed:70:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Sep 23 19:53:41 2024 GMT
Not After : Sep 22 19:58:41 2025 GMT
Subject: CN=276B8A2A9DEB19E66B32F58F4C170AB73D1164C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:98:ce:62:ab:9c:83:ae:4f:81:f4:ae:4f:10:
52:c0:fe:31:80:0d:53:ca:b5:ad:30:5d:d0:51:6e:
bd:ab:8b:24:78:79:60:0a:ea:c8:43:c0:0f:d1:8a:
ec:6d:f9:cd:01:a9:58:63:c0:f2:3f:8b:d5:a8:ec:
77:57:a7:11:3a:08:7a:6e:16:b3:ae:75:83:4b:78:
20:25:4d:92:0d:9f:8f:88:4f:47:ac:6e:bf:67:15:
9e:01:3b:fb:3b:1f:b3:89:c9:41:e6:a3:3e:3f:a4:
c4:aa:23:2d:ee:8c:2f:df:33:9d:c1:d6:b4:9d:15:
23:23:9b:bc:a9:04:ad:7f:6c:68:c1:05:76:a8:38:
c0:35:af:31:d8:73:5e:80:75:4d:b5:93:d7:77:d9:
2d:77:9a:0b:84:28:bb:e5:d0:a1:f3:6f:8b:d4:4c:
3a:cd:00:a6:de:64:1f:76:57:b0:95:20:22:66:b3:
a8:a6:ac:bc:c5:8b:50:74:81:9f:56:f0:3c:b6:e4:
bd:50:e0:95:09:6d:6f:3c:7b:84:b6:1a:04:a7:ad:
6c:12:aa:75:de:36:3b:ca:a3:21:47:d3:8e:85:e7:
fc:16:8a:f3:8e:9b:65:7d:3d:30:8b:3c:99:98:f8:
1b:d0:17:09:55:38:36:03:5a:ad:40:4a:65:b6:45:
37:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:6B:8A:2A:9D:EB:19:E6:6B:32:F5:8F:4C:17:0A:B7:3D:11:64:C4
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS58061.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.18.0/24
91.124.29.0/24
91.124.35.0/24
91.124.49.0/24
91.124.54.0/24
91.124.60.0/24
91.124.81.0/24
91.124.128.0/24
91.124.147.0-91.124.148.255
91.124.173.0/24
91.124.177.0/24
91.124.186.0/24
91.124.200.0/24
91.124.221.0/24
91.124.236.0/24
91.124.241.0/24
91.124.255.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:1e:e0:75:04:a0:4f:6c:60:cf:98:47:8a:25:d0:23:3b:1c:
18:5a:10:3f:b6:29:d1:63:d2:51:64:7f:8e:41:c6:57:c6:c2:
33:3e:15:fc:6e:0d:e4:c0:a2:c8:d3:05:2b:52:76:b6:97:a6:
e7:eb:5f:00:75:ab:ae:03:d0:8f:19:72:2e:ee:b0:36:33:b7:
f4:85:9b:35:29:ec:fa:51:57:a8:c7:c5:ab:5c:1c:5a:51:ec:
8a:05:93:ff:cd:7a:5a:4e:5a:2d:7a:f0:1d:08:98:e2:43:76:
01:3b:2d:c9:a2:20:c5:64:16:d9:ff:9a:37:7f:da:f6:b7:41:
bf:2e:88:56:26:88:be:1d:c3:fd:79:76:00:f2:93:8e:2b:31:
2d:98:04:6c:8b:0d:a1:4b:f0:f8:59:16:29:6b:91:f0:01:a5:
b0:cc:4e:28:e8:78:5f:ad:79:f9:1c:08:2e:0f:3f:fd:8a:c4:
6f:2e:3d:4e:e4:49:2a:e4:ee:04:e6:9f:88:51:7b:1e:81:1b:
dd:0a:51:5e:67:58:a5:c2:6e:04:fd:59:c6:a7:81:f8:15:41:
bd:0c:8c:6d:ae:22:27:a8:83:02:8e:af:a0:f5:da:91:f8:79:
86:bf:d0:f1:6a:46:00:e1:79:0a:81:ac:02:4f:a9:55:11:db:
24:b6:53:c2
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgIUUu2U65P/Pobojqdr+83Z0nHtcBswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDA5MjMxOTUzNDFaFw0yNTA5MjIxOTU4NDFaMDMxMTAvBgNV
BAMTKDI3NkI4QTJBOURFQjE5RTY2QjMyRjU4RjRDMTcwQUI3M0QxMTY0QzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4mM5iq5yDrk+B9K5PEFLA/jGA
DVPKta0wXdBRbr2riyR4eWAK6shDwA/Riuxt+c0BqVhjwPI/i9Wo7HdXpxE6CHpu
FrOudYNLeCAlTZINn4+IT0esbr9nFZ4BO/s7H7OJyUHmoz4/pMSqIy3ujC/fM53B
1rSdFSMjm7ypBK1/bGjBBXaoOMA1rzHYc16AdU21k9d32S13mguEKLvl0KHzb4vU
TDrNAKbeZB92V7CVICJms6imrLzFi1B0gZ9W8Dy25L1Q4JUJbW88e4S2GgSnrWwS
qnXeNjvKoyFH046F5/wWivOOm2V9PTCLPJmY+BvQFwlVODYDWq1ASmW2RTcdAgMB
AAGjggJyMIICbjAdBgNVHQ4EFgQUJ2uKKp3rGeZrMvWPTBcKtz0RZMQwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTgwNjEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgYcGCCsGAQUFBwEHAQH/BHgwdjB0BAIAATBuAwQAW3wS
AwQAW3wdAwQAW3wjAwQAW3wxAwQAW3w2AwQAW3w8AwQAW3xRAwQAW3yAMAwDBABb
fJMDBABbfJQDBABbfK0DBABbfLEDBABbfLoDBABbfMgDBABbfN0DBABbfOwDBABb
fPEDBABbfP8wDQYJKoZIhvcNAQELBQADggEBAD8e4HUEoE9sYM+YR4ol0CM7HBha
ED+2KdFj0lFkf45BxlfGwjM+FfxuDeTAosjTBStSdraXpufrXwB1q64D0I8Zci7u
sDYzt/SFmzUp7PpRV6jHxatcHFpR7IoFk//NelpOWi168B0ImOJDdgE7LcmiIMVk
Ftn/mjd/2va3Qb8uiFYmiL4dw/15dgDyk44rMS2YBGyLDaFL8PhZFilrkfABpbDM
TijoeF+tefkcCC4PP/2KxG8uPU7kSSrk7gTmn4hRex6BG90KUV5nWKXCbgT9Wcan
gfgVQb0MjG2uIieogwKOr6D12pH4eYa/0PFqRgDheQqBrAJPqVUR2yS2U8I=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:14:53 2025 by rpki-client