Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS43350.roa
File: AS43350.roa (raw, json)
Hash identifier: 5t0S85Ictc1cQIyQGE8kn6hDIuJnOd8L2GdzC0Jiy0k=
Subject key identifier: AA:71:7C:13:74:AA:11:9B:64:EC:FB:DF:9A:74:E4:92:D2:69:0B:E8
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 76AF22CCDA197D34037887DC0B3D0F71D08BC0D7
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS43350.roa
Signing time: Wed 05 Jul 2023 07:36:08 +0000
ROA not before: Wed 05 Jul 2023 07:31:08 +0000
ROA not after: Wed 03 Jul 2024 07:36:08 +0000
asID: 43350
IP address blocks: 141.11.1.0/24 maxlen: 24
141.11.21.0/24 maxlen: 24
141.11.45.0/24 maxlen: 24
141.11.103.0/24 maxlen: 24
141.11.107.0/24 maxlen: 24
141.11.123.0/24 maxlen: 24
141.11.182.0/24 maxlen: 24
141.11.184.0/24 maxlen: 24
141.11.187.0/24 maxlen: 24
141.11.246.0/24 maxlen: 24
141.11.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:af:22:cc:da:19:7d:34:03:78:87:dc:0b:3d:0f:71:d0:8b:c0:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Jul 5 07:31:08 2023 GMT
Not After : Jul 3 07:36:08 2024 GMT
Subject: CN=AA717C1374AA119B64ECFBDF9A74E492D2690BE8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e4:e1:40:38:b6:5b:75:c5:4f:10:38:c8:ee:
14:65:f5:e7:b1:2f:c7:a6:b8:28:81:16:85:3c:44:
71:52:c7:42:83:43:c4:d6:0f:d6:bc:91:c9:09:eb:
ba:64:2b:03:c6:6a:44:4a:7b:0d:52:1d:85:ee:96:
6f:71:c9:61:6c:f7:b5:77:5e:46:5d:99:f6:44:31:
70:44:72:5a:fd:70:69:37:a8:a8:8d:f9:62:69:ce:
b6:7d:4e:6e:04:0a:53:5d:1e:69:73:d9:c5:a5:52:
c4:b9:92:95:99:11:63:90:41:35:d5:46:7b:90:54:
78:f7:14:ef:51:29:dc:89:c7:95:6a:67:00:96:5a:
cd:57:18:e8:bc:5c:7b:23:90:37:c6:95:c0:8d:ec:
de:02:e3:bb:dc:95:5e:9d:b2:3e:78:b6:10:37:d2:
97:7b:fe:d5:52:3d:e4:00:00:cb:34:59:82:f3:ec:
dc:38:93:42:3a:24:9d:e4:3c:73:38:64:d4:6a:d0:
c2:a9:85:fb:0a:2d:f9:36:66:0f:a3:c7:de:a1:54:
54:e1:ec:c0:d5:9f:34:f5:99:9e:89:60:05:37:51:
42:8b:0b:80:7d:c8:bf:8f:34:f3:c0:ac:08:90:94:
b2:d7:8e:30:b9:ee:36:5e:3f:ae:72:2b:df:b2:53:
67:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:71:7C:13:74:AA:11:9B:64:EC:FB:DF:9A:74:E4:92:D2:69:0B:E8
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS43350.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.1.0/24
141.11.21.0/24
141.11.45.0/24
141.11.103.0/24
141.11.107.0/24
141.11.123.0/24
141.11.182.0/24
141.11.184.0/24
141.11.187.0/24
141.11.246.0/24
141.11.250.0/24
Signature Algorithm: sha256WithRSAEncryption
75:2c:cb:55:79:03:8e:fc:a4:3e:31:9b:11:df:a9:4f:bc:e6:
74:48:9b:9e:7c:3a:24:6d:96:39:a1:d3:b8:da:6c:c8:0a:82:
1d:e5:08:5c:dc:6c:77:18:08:82:77:a2:20:da:7d:02:56:24:
02:2f:66:13:4b:4d:fe:83:e9:d8:96:63:7a:ba:6c:c1:b7:f2:
84:86:08:e7:c7:fb:ee:03:50:7b:9a:a3:91:15:e6:81:09:be:
98:03:38:a3:1f:77:6b:48:89:db:e0:b0:27:08:d2:35:db:66:
ad:d1:f0:93:d1:f0:d8:3d:0a:d9:24:8a:5c:f0:57:ff:97:4b:
4f:34:9d:b4:51:ef:e6:62:c4:87:6e:40:9a:94:45:2b:73:fb:
a3:51:e1:3e:f2:1c:d0:de:0a:c7:0a:e9:52:6d:21:7a:fd:11:
0c:71:b0:3c:cd:e1:5f:f1:9d:0b:4d:fa:71:0f:10:fd:a5:d7:
c3:5a:2f:93:ed:bc:6b:5c:93:76:2a:21:99:d8:53:37:76:8e:
62:ff:62:f4:1a:f7:0c:4a:e4:ea:e0:6d:2b:b4:f3:33:78:ae:
d7:87:5d:33:00:96:9b:33:6f:e9:12:8b:5e:02:90:a6:a9:3e:
27:3f:28:13:64:04:33:07:cb:da:9a:42:d5:f2:32:78:d5:66:
00:cd:7b:ca
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIUdq8izNoZfTQDeIfcCz0PcdCLwNcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzA3MDUwNzMxMDhaFw0yNDA3MDMwNzM2MDhaMDMxMTAvBgNV
BAMTKEFBNzE3QzEzNzRBQTExOUI2NEVDRkJERjlBNzRFNDkyRDI2OTBCRTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZ5OFAOLZbdcVPEDjI7hRl9eex
L8emuCiBFoU8RHFSx0KDQ8TWD9a8kckJ67pkKwPGakRKew1SHYXulm9xyWFs97V3
XkZdmfZEMXBEclr9cGk3qKiN+WJpzrZ9Tm4EClNdHmlz2cWlUsS5kpWZEWOQQTXV
RnuQVHj3FO9RKdyJx5VqZwCWWs1XGOi8XHsjkDfGlcCN7N4C47vclV6dsj54thA3
0pd7/tVSPeQAAMs0WYLz7Nw4k0I6JJ3kPHM4ZNRq0MKphfsKLfk2Zg+jx96hVFTh
7MDVnzT1mZ6JYAU3UUKLC4B9yL+PNPPArAiQlLLXjjC57jZeP65yK9+yU2fZAgMB
AAGjggJFMIICQTAdBgNVHQ4EFgQUqnF8E3SqEZtk7PvfmnTkktJpC+gwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNDMzNTAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwWwYIKwYBBQUHAQcBAf8ETDBKMEgEAgABMEIDBACNCwED
BACNCxUDBACNCy0DBACNC2cDBACNC2sDBACNC3sDBACNC7YDBACNC7gDBACNC7sD
BACNC/YDBACNC/owDQYJKoZIhvcNAQELBQADggEBAHUsy1V5A478pD4xmxHfqU+8
5nRIm558OiRtljmh07jabMgKgh3lCFzcbHcYCIJ3oiDafQJWJAIvZhNLTf6D6diW
Y3q6bMG38oSGCOfH++4DUHuao5EV5oEJvpgDOKMfd2tIidvgsCcI0jXbZq3R8JPR
8Ng9CtkkilzwV/+XS080nbRR7+ZixIduQJqURStz+6NR4T7yHNDeCscK6VJtIXr9
EQxxsDzN4V/xnQtN+nEPEP2l18NaL5PtvGtck3YqIZnYUzd2jmL/YvQa9wxK5Org
bSu08zN4rteHXTMAlpszb+kSi14CkKapPic/KBNkBDMHy9qaQtXyMnjVZgDNe8o=
-----END CERTIFICATE-----
Generated at Sun May 5 14:38:07 2024 by rpki-client on console-ams.rpki-client.org