Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: FNEKZt0L+cT0/WWrApLPhm5tgBy6EwIRxIHRsbI4cuM=
Subject key identifier: 8B:F4:53:2E:8B:B8:28:D6:EF:0F:8B:53:6C:1A:3A:56:06:B5:6E:03
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 611CAED52FAFE288D14FA338D8DBA06CF0A928C1
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS16509.roa
Signing time: Sat 09 Mar 2024 20:25:10 +0000
ROA not before: Sat 09 Mar 2024 20:20:10 +0000
ROA not after: Sat 08 Mar 2025 20:25:10 +0000
asID: 16509
IP address blocks: 141.11.12.0/22 maxlen: 24
141.11.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:1c:ae:d5:2f:af:e2:88:d1:4f:a3:38:d8:db:a0:6c:f0:a9:28:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Mar 9 20:20:10 2024 GMT
Not After : Mar 8 20:25:10 2025 GMT
Subject: CN=8BF4532E8BB828D6EF0F8B536C1A3A5606B56E03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2f:03:e1:e0:34:64:c8:f0:30:d3:ec:25:bf:
ee:09:3c:ae:f6:a2:a4:86:91:3e:f4:f6:94:32:9e:
39:5a:29:2b:a0:57:0a:b8:bb:a5:10:a1:12:e6:fb:
a0:92:cb:a6:05:2d:23:dd:d9:22:68:bf:fd:42:3f:
32:5c:28:e1:78:93:f4:c9:d3:aa:4f:17:95:92:e7:
71:11:21:d1:e1:91:52:31:09:a4:b3:e6:6d:ae:cd:
9b:6d:a7:86:98:81:e4:55:33:74:4b:ae:1b:f4:68:
c7:f3:4f:df:ed:0d:fb:b1:72:c1:98:e9:fa:5d:11:
5f:c7:d8:60:54:c3:a9:e0:98:63:70:16:e5:81:d7:
07:66:38:d5:71:de:a5:18:8b:7e:8d:a6:50:54:e2:
12:53:3e:eb:f5:a3:50:86:cb:f9:e2:8e:a7:57:7d:
34:c5:fc:8a:79:05:cb:4d:35:6f:76:d2:96:69:05:
31:8f:c2:07:b4:7b:53:8b:af:8a:ea:d0:26:a5:e9:
21:2a:8e:e3:06:6e:bc:db:ee:d4:00:2c:56:78:0a:
28:70:37:e1:be:89:3b:7a:51:30:94:54:a3:cd:7d:
87:7a:1e:66:14:0e:5d:21:db:b0:dc:4d:da:8f:d7:
7c:97:a2:ad:ec:85:20:93:e4:e0:0c:cf:c0:07:98:
8b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:F4:53:2E:8B:B8:28:D6:EF:0F:8B:53:6C:1A:3A:56:06:B5:6E:03
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.12.0/22
141.11.119.0/24
Signature Algorithm: sha256WithRSAEncryption
31:85:0a:35:33:3b:ee:58:4d:1e:9b:3f:b0:f3:68:ca:ff:73:
7a:d9:f1:27:b9:b7:bf:8e:5b:30:a0:8b:83:e8:82:09:73:82:
c0:3f:5c:3a:dc:48:46:f3:6e:7d:e2:a9:6a:5b:0b:52:50:fb:
bb:44:f6:d2:a5:2d:ce:81:56:87:ef:66:d5:04:79:0b:ed:fe:
2c:a0:a9:50:09:60:50:1a:ee:1c:da:3a:5e:62:11:81:2b:77:
e1:82:ad:c4:6a:4c:07:90:87:cd:92:b4:9f:0e:7e:73:70:4e:
39:f1:90:92:a3:7e:ec:90:b2:9f:a7:7c:a1:27:7a:bd:b1:85:
df:a3:66:ca:6d:63:b5:3c:be:d1:58:9c:9b:fd:68:ed:09:72:
8b:21:af:2c:60:dd:29:de:c2:73:b3:14:b1:b5:14:90:ac:00:
d8:84:1d:d3:dc:de:07:9e:b1:07:92:db:30:97:14:95:cc:07:
d5:45:55:9b:18:1f:39:d0:14:ec:03:62:d5:69:2b:aa:be:0d:
f8:18:2a:c8:1d:f7:aa:37:90:d9:5f:b1:f9:96:1f:80:88:e1:
2f:bd:e6:7c:3b:d0:9b:3e:c1:6b:b9:89:56:ee:fc:0a:03:4d:
e2:5f:9a:9b:40:5d:60:16:ec:89:c9:37:b4:d1:ab:c2:e0:df:
8d:76:c2:63
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUYRyu1S+v4ojRT6M42NugbPCpKMEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDAzMDkyMDIwMTBaFw0yNTAzMDgyMDI1MTBaMDMxMTAvBgNV
BAMTKDhCRjQ1MzJFOEJCODI4RDZFRjBGOEI1MzZDMUEzQTU2MDZCNTZFMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyLwPh4DRkyPAw0+wlv+4JPK72
oqSGkT709pQynjlaKSugVwq4u6UQoRLm+6CSy6YFLSPd2SJov/1CPzJcKOF4k/TJ
06pPF5WS53ERIdHhkVIxCaSz5m2uzZttp4aYgeRVM3RLrhv0aMfzT9/tDfuxcsGY
6fpdEV/H2GBUw6ngmGNwFuWB1wdmONVx3qUYi36NplBU4hJTPuv1o1CGy/nijqdX
fTTF/Ip5BctNNW920pZpBTGPwge0e1OLr4rq0Cal6SEqjuMGbrzb7tQALFZ4Cihw
N+G+iTt6UTCUVKPNfYd6HmYUDl0h27DcTdqP13yXoq3shSCT5OAMz8AHmIuZAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUi/RTLou4KNbvD4tTbBo6Vga1bgMwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAKNCwwD
BACNC3cwDQYJKoZIhvcNAQELBQADggEBADGFCjUzO+5YTR6bP7DzaMr/c3rZ8Se5
t7+OWzCgi4PogglzgsA/XDrcSEbzbn3iqWpbC1JQ+7tE9tKlLc6BVofvZtUEeQvt
/iygqVAJYFAa7hzaOl5iEYErd+GCrcRqTAeQh82StJ8OfnNwTjnxkJKjfuyQsp+n
fKEner2xhd+jZsptY7U8vtFYnJv9aO0Jcoshryxg3SnewnOzFLG1FJCsANiEHdPc
3geesQeS2zCXFJXMB9VFVZsYHznQFOwDYtVpK6q+DfgYKsgd96o3kNlfsfmWH4CI
4S+95nw70Js+wWu5iVbu/AoDTeJfmptAXWAW7InJN7TRq8Lg3412wmM=
-----END CERTIFICATE-----
Generated at Thu May 2 21:42:07 2024 by rpki-client on console-ams.rpki-client.org