Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS151490.roa
File: AS151490.roa (raw, json)
Hash identifier: nW1RybogtGcnTxxJMQ6Um9do/ClRWorn/X9FuamEy7U=
Subject key identifier: 6C:5D:61:EF:9E:A0:09:FD:44:71:CA:16:B1:7C:CF:99:A8:4E:55:E1
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 7DB005B91F16FCDD45A4FADAF3E1D5FA07D0DB20
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS151490.roa
Signing time: Fri 31 May 2024 09:52:04 +0000
ROA not before: Fri 31 May 2024 09:47:04 +0000
ROA not after: Fri 30 May 2025 09:52:04 +0000
asID: 151490
IP address blocks: 141.11.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:b0:05:b9:1f:16:fc:dd:45:a4:fa:da:f3:e1:d5:fa:07:d0:db:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: May 31 09:47:04 2024 GMT
Not After : May 30 09:52:04 2025 GMT
Subject: CN=6C5D61EF9EA009FD4471CA16B17CCF99A84E55E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b0:fc:52:fd:f0:90:c9:68:82:6a:e9:8c:66:
a7:c8:20:3c:1d:5b:1d:8b:70:61:58:c3:46:3e:27:
0f:fc:b7:a2:a9:de:9c:d9:11:50:f7:27:2b:e6:57:
05:e6:ec:01:e7:af:01:7d:c4:3c:2f:41:a9:74:73:
d1:d1:49:de:09:fa:13:a1:19:fc:e9:c3:03:83:b5:
3b:57:20:8a:5e:1d:a9:e4:7c:1b:36:7d:ba:86:87:
c5:a6:a9:84:19:30:69:69:0f:04:2b:4f:fc:6c:c9:
a8:3a:b8:6f:6b:88:f0:8c:64:aa:71:61:ad:ea:ee:
08:b4:49:6c:a6:f9:d2:00:5b:f2:dd:08:e7:36:0a:
ad:48:fd:44:f7:20:ea:2e:1d:72:03:4e:2c:15:ea:
f3:9c:99:88:f6:97:1b:d4:ea:36:fd:5d:b6:5f:09:
05:fb:ef:2e:2a:64:6e:91:df:db:65:64:78:8e:22:
cc:b9:3b:fd:b8:d9:f5:a7:31:d1:07:ce:cc:5a:7e:
47:9c:99:9f:c6:c8:4c:9b:df:d8:2b:54:86:4e:b1:
d1:cb:36:fa:9d:7f:87:7d:fc:98:bf:81:9a:30:3d:
c2:ff:ee:f7:22:31:ea:a7:10:6f:6b:ba:fa:78:c4:
5a:af:ac:f1:34:76:55:19:c4:1e:05:d7:21:b5:d5:
d6:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:5D:61:EF:9E:A0:09:FD:44:71:CA:16:B1:7C:CF:99:A8:4E:55:E1
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS151490.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.9.0/24
Signature Algorithm: sha256WithRSAEncryption
16:f8:17:88:e1:f8:25:e2:62:59:a5:30:c4:91:36:75:06:f2:
d3:88:fd:a8:f4:14:d7:c4:13:c7:5f:69:3b:82:20:1c:b5:44:
df:c0:26:9c:e8:e3:a5:71:9a:d3:48:4a:ad:75:fb:2e:76:01:
e8:28:da:b2:4c:92:fe:46:6e:97:26:32:ad:53:e9:01:b3:98:
52:ed:da:d2:9b:b0:8b:61:06:44:9e:17:2c:d8:e8:0d:b3:e3:
d6:21:d0:1c:6a:8d:3d:75:8e:14:06:0a:20:f4:95:b8:9b:cb:
c0:b7:85:c8:9c:bc:46:93:86:f6:a3:a4:a8:7e:1c:4d:d1:43:
5a:4a:a5:19:cc:a3:27:fe:e3:73:c4:e7:69:2e:92:06:5b:74:
4e:88:1e:07:6e:8a:49:15:60:e5:ff:d1:dc:3c:05:fd:9e:a5:
b1:ea:aa:d3:9c:31:14:fa:7a:a9:ed:ba:51:05:68:b8:10:d4:
f4:db:06:62:4b:40:af:0a:b6:b8:da:6d:1a:31:0e:b0:0b:df:
dc:f0:f4:1e:01:6b:ae:e0:7f:35:b5:b5:25:98:ad:35:73:e0:
3a:36:c6:19:c4:4c:8c:2c:18:1d:93:59:a6:d4:70:e4:e5:8c:
49:e2:15:58:45:50:17:06:5d:35:65:94:65:29:79:31:d4:18:
d1:e4:4f:ea
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUfbAFuR8W/N1FpPra8+HV+gfQ2yAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDA1MzEwOTQ3MDRaFw0yNTA1MzAwOTUyMDRaMDMxMTAvBgNV
BAMTKDZDNUQ2MUVGOUVBMDA5RkQ0NDcxQ0ExNkIxN0NDRjk5QTg0RTU1RTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1sPxS/fCQyWiCaumMZqfIIDwd
Wx2LcGFYw0Y+Jw/8t6Kp3pzZEVD3JyvmVwXm7AHnrwF9xDwvQal0c9HRSd4J+hOh
GfzpwwODtTtXIIpeHankfBs2fbqGh8WmqYQZMGlpDwQrT/xsyag6uG9riPCMZKpx
Ya3q7gi0SWym+dIAW/LdCOc2Cq1I/UT3IOouHXIDTiwV6vOcmYj2lxvU6jb9XbZf
CQX77y4qZG6R39tlZHiOIsy5O/242fWnMdEHzsxafkecmZ/GyEyb39grVIZOsdHL
Nvqdf4d9/Ji/gZowPcL/7vciMeqnEG9ruvp4xFqvrPE0dlUZxB4F1yG11dbBAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUbF1h756gCf1EccoWsXzPmahOVeEwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMTUxNDkwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjQsJ
MA0GCSqGSIb3DQEBCwUAA4IBAQAW+BeI4fgl4mJZpTDEkTZ1BvLTiP2o9BTXxBPH
X2k7giActUTfwCac6OOlcZrTSEqtdfsudgHoKNqyTJL+Rm6XJjKtU+kBs5hS7drS
m7CLYQZEnhcs2OgNs+PWIdAcao09dY4UBgog9JW4m8vAt4XInLxGk4b2o6SofhxN
0UNaSqUZzKMn/uNzxOdpLpIGW3ROiB4HbopJFWDl/9HcPAX9nqWx6qrTnDEU+nqp
7bpRBWi4ENT02wZiS0CvCra42m0aMQ6wC9/c8PQeAWuu4H81tbUlmK01c+A6NsYZ
xEyMLBgdk1mm1HDk5YxJ4hVYRVAXBl01ZZRlKXkx1BjR5E/q
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:37:20 2024 by rpki-client on console-fra.rpki-client.org