Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS139648.roa
File: AS139648.roa (raw, json)
Hash identifier: ZIu7nPPeFhZlqE40ztJWx32aF381nxbGdH+8MDzmXBw=
Subject key identifier: D4:5C:2B:08:AD:D8:EE:26:63:4D:71:26:14:96:69:72:6A:0A:4E:49
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 214DEADF97671D96C4760E663E281CABBE21D867
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS139648.roa
Signing time: Sun 17 Dec 2023 21:05:08 +0000
ROA not before: Sun 17 Dec 2023 21:00:08 +0000
ROA not after: Sun 15 Dec 2024 21:05:08 +0000
asID: 139648
IP address blocks: 141.11.194.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:4d:ea:df:97:67:1d:96:c4:76:0e:66:3e:28:1c:ab:be:21:d8:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Dec 17 21:00:08 2023 GMT
Not After : Dec 15 21:05:08 2024 GMT
Subject: CN=D45C2B08ADD8EE26634D7126149669726A0A4E49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3f:03:16:08:dd:5c:e6:a1:87:b5:b9:94:28:
f0:f0:47:4d:03:10:ea:0e:0c:a0:d1:8e:4e:bf:8c:
ca:5a:38:e9:e0:50:2a:76:5c:dc:82:c5:0a:fe:82:
0b:50:5e:22:20:ec:9a:cd:fd:71:bd:66:93:e3:78:
88:a8:1b:62:ae:fd:c6:d8:fc:fc:c5:fe:41:21:b1:
71:d6:44:73:6f:56:02:b6:27:35:50:ba:b5:6f:f0:
87:cb:e7:f0:81:ea:5f:e3:a1:be:ee:52:37:50:fb:
91:9b:1f:df:3f:d8:8f:90:23:13:c4:ee:8c:3e:22:
0b:c0:d5:05:4f:42:fd:a2:1f:b6:f1:8e:81:35:71:
4e:61:8d:cc:57:1b:b4:e9:3f:be:18:40:13:16:11:
2d:b2:0f:8f:eb:b6:83:fa:5d:06:d3:42:d8:65:33:
59:57:9a:b4:de:69:4e:28:37:c4:6b:e9:c2:f4:31:
30:24:2c:19:28:9e:83:de:7f:ba:f0:2d:56:ee:e2:
39:ec:24:61:81:cd:64:95:63:56:89:29:27:49:10:
93:91:46:21:53:f8:ed:08:94:15:f7:68:a7:9c:a1:
dd:d1:ce:d9:ce:89:98:5f:ba:19:e1:1b:f7:8a:88:
a4:8f:dc:66:d5:81:7e:13:dc:a9:3a:8d:35:c1:30:
62:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:5C:2B:08:AD:D8:EE:26:63:4D:71:26:14:96:69:72:6A:0A:4E:49
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS139648.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.194.0/23
Signature Algorithm: sha256WithRSAEncryption
32:da:4f:33:4f:e1:7a:a3:28:6e:38:4a:07:8e:d7:a9:3c:8e:
e5:f3:dd:88:a6:07:3f:a4:41:12:4f:f1:99:4e:67:b6:25:0c:
19:2e:9d:21:d4:f2:98:05:1b:8a:7a:4f:c5:3a:7b:d5:0e:3d:
11:5a:f8:40:db:33:ae:6c:89:25:ed:c2:f0:f9:54:78:bb:a2:
b9:8b:f6:0f:d3:90:8f:1a:98:a4:ba:0a:1b:cb:bd:19:4f:98:
00:bb:61:a4:0c:e5:79:20:47:7b:00:3d:70:73:fb:8b:21:34:
a5:0c:54:54:6e:d6:97:13:dd:dc:78:bf:ef:05:d2:6f:0d:61:
72:e9:9c:e5:58:3d:92:dd:cf:f1:2d:d5:cf:4e:cf:0c:84:61:
cf:34:f8:43:58:6f:f9:09:73:5a:73:0e:f1:4c:7e:29:f8:1f:
b4:38:63:3d:fb:1d:5a:06:49:d0:a6:af:6d:f7:61:b7:38:37:
73:c2:90:89:95:1b:8b:76:c3:99:99:18:b8:8c:aa:ba:bd:09:
48:7d:bf:6c:4c:3a:2c:94:23:be:ef:f4:06:3d:c9:9f:8c:9c:
c9:ce:b2:ab:76:7f:b1:e9:41:ce:8a:86:40:d1:9f:5c:f8:a0:
d6:6b:98:df:d0:8d:9f:01:e5:48:53:e5:72:d7:7b:5c:d4:ae:
7c:d0:13:3e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUIU3q35dnHZbEdg5mPigcq74h2GcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzEyMTcyMTAwMDhaFw0yNDEyMTUyMTA1MDhaMDMxMTAvBgNV
BAMTKEQ0NUMyQjA4QUREOEVFMjY2MzRENzEyNjE0OTY2OTcyNkEwQTRFNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyPwMWCN1c5qGHtbmUKPDwR00D
EOoODKDRjk6/jMpaOOngUCp2XNyCxQr+ggtQXiIg7JrN/XG9ZpPjeIioG2Ku/cbY
/PzF/kEhsXHWRHNvVgK2JzVQurVv8IfL5/CB6l/job7uUjdQ+5GbH98/2I+QIxPE
7ow+IgvA1QVPQv2iH7bxjoE1cU5hjcxXG7TpP74YQBMWES2yD4/rtoP6XQbTQthl
M1lXmrTeaU4oN8Rr6cL0MTAkLBkonoPef7rwLVbu4jnsJGGBzWSVY1aJKSdJEJOR
RiFT+O0IlBX3aKecod3RztnOiZhfuhnhG/eKiKSP3GbVgX4T3Kk6jTXBMGJZAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU1FwrCK3Y7iZjTXEmFJZpcmoKTkkwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMTM5NjQ4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBjQvC
MA0GCSqGSIb3DQEBCwUAA4IBAQAy2k8zT+F6oyhuOEoHjtepPI7l892Ipgc/pEES
T/GZTme2JQwZLp0h1PKYBRuKek/FOnvVDj0RWvhA2zOubIkl7cLw+VR4u6K5i/YP
05CPGpikugoby70ZT5gAu2GkDOV5IEd7AD1wc/uLITSlDFRUbtaXE93ceL/vBdJv
DWFy6ZzlWD2S3c/xLdXPTs8MhGHPNPhDWG/5CXNacw7xTH4p+B+0OGM9+x1aBknQ
pq9t92G3ODdzwpCJlRuLdsOZmRi4jKq6vQlIfb9sTDoslCO+7/QGPcmfjJzJzrKr
dn+x6UHOioZA0Z9c+KDWa5jf0I2fAeVIU+Vy13tc1K580BM+
-----END CERTIFICATE-----
Generated at Sun May 5 14:38:07 2024 by rpki-client on console-ams.rpki-client.org