Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS8888.roa
File: AS8888.roa (raw, json)
Hash identifier: MkDbSPcbAZBiYhfWfrgqcC4w1Q+Dj6aYalKyw86go9M=
Subject key identifier: 70:89:AD:8F:E6:6E:9E:FA:B7:1B:5A:D4:96:02:7F:16:1E:E9:27:B6
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 575F51CEEC96AD958DDB61DE1F4A1994E81AF8BE
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS8888.roa
Signing time: Tue 28 Nov 2023 15:05:05 +0000
ROA not before: Tue 28 Nov 2023 15:00:05 +0000
ROA not after: Tue 26 Nov 2024 15:05:05 +0000
asID: 8888
IP address blocks: 141.11.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:5f:51:ce:ec:96:ad:95:8d:db:61:de:1f:4a:19:94:e8:1a:f8:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Nov 28 15:00:05 2023 GMT
Not After : Nov 26 15:05:05 2024 GMT
Subject: CN=7089AD8FE66E9EFAB71B5AD496027F161EE927B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c7:4e:6d:cd:aa:59:c8:c9:f3:03:12:31:af:
b2:31:b4:b7:cb:c0:43:62:7c:d4:7a:db:61:c6:c8:
48:99:f5:08:57:1e:69:7c:fd:25:4a:ef:30:89:91:
0a:05:58:c1:69:39:7a:52:52:6e:b9:74:fb:75:e7:
59:9b:4d:fa:e4:c3:b6:3c:24:0f:dc:16:e9:fc:3c:
fa:db:0e:42:4f:2a:95:98:69:5c:ed:56:ac:90:62:
8c:e2:5b:4f:ef:41:15:44:28:3b:15:c8:83:7f:f7:
72:0c:aa:1d:32:c8:96:1d:bb:6f:cf:33:f7:3c:a6:
1b:2c:b3:5a:5c:9a:fd:b9:95:35:1b:53:16:a6:7c:
94:2f:01:20:2f:da:35:ac:7a:2a:c9:ce:80:05:59:
88:2c:63:63:b5:e2:68:f6:6c:98:e3:f9:7a:64:45:
7e:ed:1a:2d:ca:a6:75:c5:64:80:a8:8c:db:c6:2b:
f6:2b:47:fc:d8:d6:53:13:91:f7:43:af:e7:e2:d5:
a0:73:20:94:a6:78:5b:ae:25:12:f5:6c:22:94:7a:
54:73:25:8a:52:70:f9:4b:01:9e:55:64:ca:e8:2b:
d8:0c:78:50:1d:c9:54:32:f5:a5:48:70:15:a1:62:
04:2f:d6:d5:c1:1c:f5:b7:63:3b:df:5f:f9:f7:23:
67:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:89:AD:8F:E6:6E:9E:FA:B7:1B:5A:D4:96:02:7F:16:1E:E9:27:B6
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS8888.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.111.0/24
Signature Algorithm: sha256WithRSAEncryption
72:d9:bd:cd:6d:e4:9e:12:20:df:41:7d:a6:bf:fa:94:3d:d4:
29:f2:70:99:50:1a:22:4c:24:ce:e4:58:03:7b:ad:b2:e6:6a:
48:19:1a:f9:c1:a6:67:7c:4a:83:40:83:19:eb:d9:4e:70:ee:
60:8f:88:16:ca:ec:a0:d7:66:8a:ed:e0:09:7d:f4:04:ac:85:
a7:b5:af:06:6a:56:4c:fd:4c:8b:cf:c9:cf:3c:1b:45:51:3e:
5e:34:2d:f6:8e:67:94:38:5b:55:68:1e:77:d3:81:0e:27:7d:
6b:ec:7b:19:96:70:ca:45:67:c1:ca:e4:a7:d3:e4:e8:b2:de:
e9:3b:89:40:4c:13:15:b1:d3:ff:8a:f2:07:ce:d8:6c:00:52:
61:e5:23:92:84:14:41:74:22:ca:77:03:6e:5b:46:d0:ee:42:
59:59:6a:d5:9c:9c:99:5e:8f:65:b2:9a:06:98:36:e5:2a:db:
f6:8e:d8:5c:28:8a:ff:c7:c7:d1:e9:dc:b2:72:cf:e4:48:f3:
af:bc:e9:55:66:db:4f:83:b8:81:b7:60:ad:7c:0e:bd:50:3b:
37:9c:84:08:8d:5e:3a:4c:2e:c2:da:bc:a1:f6:1c:ad:4f:2f:
37:53:d1:30:ef:6a:a5:1b:87:9c:43:e0:cb:16:f8:1a:01:4e:
11:90:0e:fe
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIUV19RzuyWrZWN22HeH0oZlOga+L4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzExMjgxNTAwMDVaFw0yNDExMjYxNTA1MDVaMDMxMTAvBgNV
BAMTKDcwODlBRDhGRTY2RTlFRkFCNzFCNUFENDk2MDI3RjE2MUVFOTI3QjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTx05tzapZyMnzAxIxr7IxtLfL
wENifNR622HGyEiZ9QhXHml8/SVK7zCJkQoFWMFpOXpSUm65dPt151mbTfrkw7Y8
JA/cFun8PPrbDkJPKpWYaVztVqyQYoziW0/vQRVEKDsVyIN/93IMqh0yyJYdu2/P
M/c8phsss1pcmv25lTUbUxamfJQvASAv2jWseirJzoAFWYgsY2O14mj2bJjj+Xpk
RX7tGi3KpnXFZICojNvGK/YrR/zY1lMTkfdDr+fi1aBzIJSmeFuuJRL1bCKUelRz
JYpScPlLAZ5VZMroK9gMeFAdyVQy9aVIcBWhYgQv1tXBHPW3YzvfX/n3I2dnAgMB
AAGjggIIMIICBDAdBgNVHQ4EFgQUcImtj+Zunvq3G1rUlgJ/Fh7pJ7YwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTODg4OC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAI0LbzAN
BgkqhkiG9w0BAQsFAAOCAQEActm9zW3knhIg30F9pr/6lD3UKfJwmVAaIkwkzuRY
A3utsuZqSBka+cGmZ3xKg0CDGevZTnDuYI+IFsrsoNdmiu3gCX30BKyFp7WvBmpW
TP1Mi8/JzzwbRVE+XjQt9o5nlDhbVWged9OBDid9a+x7GZZwykVnwcrkp9Pk6LLe
6TuJQEwTFbHT/4ryB87YbABSYeUjkoQUQXQiyncDbltG0O5CWVlq1ZycmV6PZbKa
Bpg25Srb9o7YXCiK/8fH0encsnLP5Ejzr7zpVWbbT4O4gbdgrXwOvVA7N5yECI1e
Okwuwtq8ofYcrU8vN1PRMO9qpRuHnEPgyxb4GgFOEZAO/g==
-----END CERTIFICATE-----
Generated at Tue Jun 25 12:07:54 2024 by rpki-client on console-fra.rpki-client.org