Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS210542.roa
File: AS210542.roa (raw, json)
Hash identifier: J07fYwPd/wGZi7CAOYtqq3zbHf5w/vEpc72+sAuTUwk=
Subject key identifier: FF:5F:03:89:F6:6A:AD:85:8A:B5:77:63:BB:87:36:84:2A:CB:C2:93
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 3F6008D071BA552CC317D8375B24BA4ACAE18592
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS210542.roa
Signing time: Wed 15 May 2024 00:00:08 +0000
ROA not before: Tue 14 May 2024 23:55:08 +0000
ROA not after: Wed 14 May 2025 00:00:08 +0000
asID: 210542
IP address blocks: 141.11.134.0/23 maxlen: 24
141.11.138.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:60:08:d0:71:ba:55:2c:c3:17:d8:37:5b:24:ba:4a:ca:e1:85:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: May 14 23:55:08 2024 GMT
Not After : May 14 00:00:08 2025 GMT
Subject: CN=FF5F0389F66AAD858AB57763BB8736842ACBC293
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5d:f0:3d:0c:9c:6d:f6:c5:d9:a4:76:f2:89:
d0:e1:ef:25:40:bc:3b:39:f8:b6:c0:cb:d6:91:5d:
87:ae:46:8c:cd:9e:6c:e7:51:f8:03:a4:27:4c:61:
14:9b:9f:f2:c7:e5:a1:b9:81:b6:b0:5e:18:0f:b7:
e3:80:d8:53:3a:8f:eb:22:78:c4:73:77:cd:94:4a:
3e:47:c3:29:db:49:e5:af:db:5f:16:34:52:66:bc:
1c:eb:f9:29:60:d0:ce:a0:19:25:ae:ef:70:19:57:
0f:88:bb:4e:65:15:81:6d:62:b1:66:98:ee:eb:e1:
8e:3c:2a:ec:31:62:f2:33:c7:62:53:96:c7:58:f8:
28:1b:eb:2a:22:e5:60:51:86:04:2d:54:7c:cc:9f:
c9:b3:49:21:bb:06:1a:64:00:bd:a9:64:78:28:9c:
6b:76:05:28:b0:bc:d7:fc:d3:ec:8e:f3:b7:4f:21:
26:a2:be:c6:e7:1d:36:ec:b4:b2:0e:71:d5:31:a4:
3b:f1:7d:22:75:e2:9c:ad:40:a1:f0:12:c9:c1:9c:
ae:5f:55:98:db:f5:6c:c5:a7:11:9f:a6:aa:19:b8:
15:48:b0:3f:83:f5:14:63:6d:6b:c8:35:e3:3c:29:
f4:a4:30:d2:5c:4a:2f:ca:01:b3:3b:db:63:59:5e:
80:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:5F:03:89:F6:6A:AD:85:8A:B5:77:63:BB:87:36:84:2A:CB:C2:93
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS210542.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.134.0/23
141.11.138.0/23
Signature Algorithm: sha256WithRSAEncryption
36:84:ae:d5:8d:98:6d:50:c3:f7:60:0f:0d:1f:ec:13:a6:dc:
50:ea:dc:e8:82:6a:fd:20:52:5e:0c:73:1b:9c:eb:c2:d6:49:
26:2f:48:c6:f3:1b:4f:6f:c2:d1:23:c3:cb:26:31:ca:89:37:
2a:cd:73:ae:53:95:71:41:b4:14:5e:ea:80:fe:7b:2b:a3:6d:
54:7c:15:db:28:e3:01:8a:9b:fe:0a:5a:e9:cc:31:94:30:fd:
49:49:48:21:48:9d:84:96:58:1e:a7:52:74:3a:40:c9:0d:e4:
c4:4f:9a:09:93:ef:c1:48:e6:be:74:d1:b4:12:cb:98:cd:99:
b3:26:6b:99:49:ad:99:84:30:fd:7d:6b:49:87:bc:0b:88:4e:
35:37:df:9c:29:d0:89:4a:f7:11:6c:b5:3b:56:be:74:b6:4f:
53:9b:e9:ea:95:5d:eb:cf:fb:ea:05:ae:73:69:02:57:1b:52:
b5:35:6f:18:1c:93:a2:4c:1a:6b:28:c6:87:04:96:fe:f4:32:
7f:56:91:66:50:b5:f0:e3:19:97:5f:0b:61:e0:be:01:62:26:
5a:ce:27:05:ad:4e:4a:e0:bf:15:07:a4:fd:6d:27:06:fb:4e:
86:c6:80:54:a7:b6:39:cc:2f:6b:44:5c:59:42:d0:12:6c:f5:
db:1b:3c:d0
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUP2AI0HG6VSzDF9g3WyS6SsrhhZIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDA1MTQyMzU1MDhaFw0yNTA1MTQwMDAwMDhaMDMxMTAvBgNV
BAMTKEZGNUYwMzg5RjY2QUFEODU4QUI1Nzc2M0JCODczNjg0MkFDQkMyOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzXfA9DJxt9sXZpHbyidDh7yVA
vDs5+LbAy9aRXYeuRozNnmznUfgDpCdMYRSbn/LH5aG5gbawXhgPt+OA2FM6j+si
eMRzd82USj5HwynbSeWv218WNFJmvBzr+Slg0M6gGSWu73AZVw+Iu05lFYFtYrFm
mO7r4Y48KuwxYvIzx2JTlsdY+Cgb6yoi5WBRhgQtVHzMn8mzSSG7BhpkAL2pZHgo
nGt2BSiwvNf80+yO87dPISaivsbnHTbstLIOcdUxpDvxfSJ14pytQKHwEsnBnK5f
VZjb9WzFpxGfpqoZuBVIsD+D9RRjbWvINeM8KfSkMNJcSi/KAbM722NZXoBjAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQU/18DifZqrYWKtXdju4c2hCrLwpMwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjEwNTQyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBjQuG
AwQBjQuKMA0GCSqGSIb3DQEBCwUAA4IBAQA2hK7VjZhtUMP3YA8NH+wTptxQ6tzo
gmr9IFJeDHMbnOvC1kkmL0jG8xtPb8LRI8PLJjHKiTcqzXOuU5VxQbQUXuqA/nsr
o21UfBXbKOMBipv+ClrpzDGUMP1JSUghSJ2Ellgep1J0OkDJDeTET5oJk+/BSOa+
dNG0EsuYzZmzJmuZSa2ZhDD9fWtJh7wLiE41N9+cKdCJSvcRbLU7Vr50tk9Tm+nq
lV3rz/vqBa5zaQJXG1K1NW8YHJOiTBprKMaHBJb+9DJ/VpFmULXw4xmXXwth4L4B
YiZazicFrU5K4L8VB6T9bScG+06GxoBUp7Y5zC9rRFxZQtASbPXbGzzQ
-----END CERTIFICATE-----
Generated at Mon May 20 16:42:02 2024 by rpki-client on console-fra.rpki-client.org