Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS29802.roa
File: AS29802.roa (raw, json)
Hash identifier: R0c2ETn0FZfpa4TVykfiRanYSdahbuVFnANM/HkSyT0=
Subject key identifier: 87:93:60:AE:EA:96:22:A4:77:92:F3:66:E4:B3:B9:C3:6A:6B:29:6A
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 4A3C9EEE8F9C74D0643A01AC4EEC1FD219DCA062
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS29802.roa
Signing time: Sat 16 Dec 2023 10:43:40 +0000
ROA not before: Sat 16 Dec 2023 10:38:40 +0000
ROA not after: Sat 14 Dec 2024 10:43:40 +0000
asID: 29802
IP address blocks: 141.11.35.0/24 maxlen: 24
141.11.38.0/24 maxlen: 24
141.11.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:3c:9e:ee:8f:9c:74:d0:64:3a:01:ac:4e:ec:1f:d2:19:dc:a0:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Dec 16 10:38:40 2023 GMT
Not After : Dec 14 10:43:40 2024 GMT
Subject: CN=879360AEEA9622A47792F366E4B3B9C36A6B296A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:cb:6f:f6:3f:bc:1d:0b:11:f3:53:2a:cc:65:
ea:d1:6b:8f:5b:a9:47:87:a4:cc:e2:fa:29:e5:d8:
80:78:ab:c1:d7:8f:ac:fb:2d:d9:fa:2b:5f:72:41:
a0:7d:d8:cc:a0:33:d7:56:5c:88:19:61:3c:12:e1:
99:3b:8d:78:bc:11:55:55:62:6b:e7:23:ff:5d:a5:
ea:ff:9d:62:d2:dc:df:4c:2f:4a:e4:86:12:ad:8e:
cd:74:a0:1e:ee:56:d8:a7:0c:6a:40:bb:c4:32:2e:
bd:08:e6:b3:16:21:aa:99:1d:97:20:be:67:2a:cc:
00:a1:5a:2b:fc:6f:51:9a:ed:46:51:44:0e:49:c8:
d6:65:cb:78:6a:ca:56:e5:f9:37:df:26:77:32:43:
dd:7c:0f:4d:e9:f8:f3:14:b6:20:b7:2b:39:a8:4e:
97:92:6e:f8:56:77:2d:c3:27:61:5a:d3:45:cf:b4:
26:b3:37:27:b2:56:d3:d8:c0:22:4e:f8:e8:cd:a4:
b0:6c:98:3f:73:1b:af:12:29:b5:db:9f:6b:78:18:
2b:d3:46:ad:c7:5a:3a:9d:07:cb:fb:00:78:75:e2:
0b:a5:4d:84:e1:d1:48:66:bd:2c:f6:86:de:f3:e3:
dd:ab:cf:f9:99:c7:8d:90:c3:45:f3:34:8a:37:f5:
e9:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:93:60:AE:EA:96:22:A4:77:92:F3:66:E4:B3:B9:C3:6A:6B:29:6A
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS29802.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.35.0/24
141.11.38.0/24
141.11.109.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:df:5a:c0:4a:f7:3a:3f:02:c0:56:7f:ba:54:dc:6e:01:80:
a3:ff:a1:fd:48:b1:0b:54:0a:84:c4:33:50:2f:d7:79:cf:ea:
2e:b0:5d:31:c4:03:ec:7e:dd:f9:11:2a:ee:fa:40:ad:65:8e:
91:32:bc:95:51:1e:e4:0f:3f:59:60:7e:cb:59:17:cc:4c:23:
96:e8:80:3d:92:3c:98:c7:20:36:25:bb:55:18:84:ed:50:38:
79:ab:b5:08:e5:8f:c8:17:10:a0:e3:3d:de:64:b9:55:38:77:
d6:e0:4d:dd:76:8f:c8:5b:2d:17:83:59:f4:82:bd:ac:5c:17:
49:47:7a:d0:64:6b:b8:ec:3e:d0:3e:74:63:b9:30:67:ff:86:
83:4f:4c:dc:1d:b9:ee:c8:0e:ed:ba:4e:61:cf:73:9a:ee:ce:
c5:7b:ef:88:80:6d:de:e1:1f:f4:73:26:72:68:72:86:6e:63:
59:23:95:58:aa:bd:1d:4d:e8:77:a0:d6:7a:e2:f2:07:06:3c:
98:82:72:3b:86:c2:0f:1e:ff:a0:d1:bb:47:ac:44:bb:e1:b8:
28:23:0d:fd:61:f6:5f:b5:a0:b2:a5:f8:09:74:db:a0:bb:4c:
c6:3c:d5:20:7b:d2:00:0e:7a:ef:d5:00:d1:ca:88:c2:62:67:
53:0b:74:10
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUSjye7o+cdNBkOgGsTuwf0hncoGIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzEyMTYxMDM4NDBaFw0yNDEyMTQxMDQzNDBaMDMxMTAvBgNV
BAMTKDg3OTM2MEFFRUE5NjIyQTQ3NzkyRjM2NkU0QjNCOUMzNkE2QjI5NkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXy2/2P7wdCxHzUyrMZerRa49b
qUeHpMzi+inl2IB4q8HXj6z7Ldn6K19yQaB92MygM9dWXIgZYTwS4Zk7jXi8EVVV
YmvnI/9dper/nWLS3N9ML0rkhhKtjs10oB7uVtinDGpAu8QyLr0I5rMWIaqZHZcg
vmcqzAChWiv8b1Ga7UZRRA5JyNZly3hqylbl+TffJncyQ918D03p+PMUtiC3Kzmo
TpeSbvhWdy3DJ2Fa00XPtCazNyeyVtPYwCJO+OjNpLBsmD9zG68SKbXbn2t4GCvT
Rq3HWjqdB8v7AHh14gulTYTh0UhmvSz2ht7z492rz/mZx42Qw0XzNIo39entAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUh5NgruqWIqR3kvNm5LO5w2prKWowHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBACNCyMD
BACNCyYDBACNC20wDQYJKoZIhvcNAQELBQADggEBAMXfWsBK9zo/AsBWf7pU3G4B
gKP/of1IsQtUCoTEM1Av13nP6i6wXTHEA+x+3fkRKu76QK1ljpEyvJVRHuQPP1lg
fstZF8xMI5bogD2SPJjHIDYlu1UYhO1QOHmrtQjlj8gXEKDjPd5kuVU4d9bgTd12
j8hbLReDWfSCvaxcF0lHetBka7jsPtA+dGO5MGf/hoNPTNwdue7IDu26TmHPc5ru
zsV774iAbd7hH/RzJnJocoZuY1kjlViqvR1N6Heg1nri8gcGPJiCcjuGwg8e/6DR
u0esRLvhuCgjDf1h9l+1oLKl+Al026C7TMY81SB70gAOeu/VANHKiMJiZ1MLdBA=
-----END CERTIFICATE-----
Generated at Tue Apr 30 15:11:48 2024 by rpki-client on console-fra.rpki-client.org