Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS198831.roa
File: AS198831.roa (raw, json)
Hash identifier: BXDakMtD5XY8b2XS5jTUo2A2w7Q2lRaKn6LoEg6o0N8=
Subject key identifier: E2:D1:57:41:66:BA:26:44:4F:B3:83:A0:83:FA:93:54:71:34:2D:69
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 7E43EAA8BBCC6F4ECC778E06F5DF5853BE37EB8D
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS198831.roa
Signing time: Mon 24 Feb 2025 11:26:38 +0000
ROA not before: Mon 24 Feb 2025 11:21:38 +0000
ROA not after: Mon 23 Feb 2026 11:26:38 +0000
asID: 198831
IP address blocks: 141.11.113.0/24 maxlen: 24
141.11.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:43:ea:a8:bb:cc:6f:4e:cc:77:8e:06:f5:df:58:53:be:37:eb:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Feb 24 11:21:38 2025 GMT
Not After : Feb 23 11:26:38 2026 GMT
Subject: CN=E2D1574166BA26444FB383A083FA935471342D69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c8:b1:40:54:55:75:e6:f1:cf:23:89:c4:36:
e5:8e:93:0c:85:e3:7a:73:fa:77:ed:af:d3:1b:13:
d0:cd:27:89:8f:37:e6:38:77:ef:4f:d1:72:8e:f7:
28:11:1a:83:a8:2f:7a:52:21:8b:38:1e:e8:38:ad:
8c:c1:a0:4f:a9:6c:42:de:8d:c0:ad:5d:13:7c:27:
c2:e6:82:11:fd:47:c8:64:f8:c0:09:9a:71:e4:10:
45:a7:ce:1d:08:ce:5e:82:fa:e2:7e:c1:34:f1:aa:
ca:d6:e0:e3:87:75:4f:06:73:13:7f:5a:ba:21:bc:
da:56:d3:e9:52:ee:18:2c:58:ba:0b:c5:5a:a2:f3:
f4:7d:fb:21:8a:0f:55:f5:1c:be:db:69:0b:8f:4e:
9d:f9:d9:51:ac:b5:f7:e4:37:f5:ff:9b:c7:cd:54:
de:73:70:26:2f:82:c5:6c:e6:35:28:cf:0e:07:b4:
33:4d:6a:c8:10:b9:44:be:d8:f8:cc:f4:0d:aa:7e:
4a:fb:36:04:ac:45:5d:9c:26:87:a5:1e:d7:be:2c:
42:c0:2f:25:b7:f2:99:12:0e:e7:69:fd:b3:ec:08:
42:6f:e5:67:02:66:c9:7a:c7:e9:77:3e:ff:50:3f:
86:5d:76:ef:d1:21:4e:86:dd:c9:35:f7:f8:3e:e9:
3b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:D1:57:41:66:BA:26:44:4F:B3:83:A0:83:FA:93:54:71:34:2D:69
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS198831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.113.0/24
141.11.120.0/24
Signature Algorithm: sha256WithRSAEncryption
68:ad:a3:b7:07:92:96:2a:22:ad:e8:58:8d:df:8e:3a:b8:0b:
b6:91:1a:cb:eb:20:0c:ea:dc:5c:94:db:cf:01:f2:e4:cd:87:
80:67:72:ce:70:43:e1:bf:17:76:a5:3f:c4:03:cf:f1:6a:16:
36:c2:95:81:68:2b:0a:56:65:5e:56:ad:1c:f7:ec:33:cd:b4:
ad:3f:35:bf:e9:3f:d9:a4:68:08:db:29:10:bd:03:56:fa:1f:
79:f1:e8:aa:ae:16:d9:ee:07:01:b2:0f:fc:4a:fa:3e:6f:33:
41:95:8c:47:61:f9:ac:62:ba:7b:20:f5:b7:8f:23:b7:e6:69:
1e:63:3a:7c:d8:89:a5:5b:ad:96:aa:7b:78:15:66:f0:ab:1f:
41:9f:12:d6:68:40:08:d4:3f:3e:bf:81:93:2c:c4:73:fe:ea:
95:eb:84:e1:70:01:1e:e8:30:85:ab:2d:a6:4a:98:82:18:b4:
48:9e:ee:c9:76:68:e0:2b:8a:2f:97:12:93:b7:82:d1:92:2b:
e7:94:c8:bb:4e:c8:3e:38:36:9a:13:2b:64:04:67:6d:e9:88:
92:e5:4a:fb:b2:26:ae:2e:6d:ee:35:55:8c:80:94:4a:a2:ae:
4c:1d:80:5b:30:43:0f:de:c8:37:bb:7e:47:22:4b:43:b1:6e:
19:e1:f1:85
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUfkPqqLvMb07Md44G9d9YU743640wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTAyMjQxMTIxMzhaFw0yNjAyMjMxMTI2MzhaMDMxMTAvBgNV
BAMTKEUyRDE1NzQxNjZCQTI2NDQ0RkIzODNBMDgzRkE5MzU0NzEzNDJENjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQyLFAVFV15vHPI4nENuWOkwyF
43pz+nftr9MbE9DNJ4mPN+Y4d+9P0XKO9ygRGoOoL3pSIYs4Hug4rYzBoE+pbELe
jcCtXRN8J8LmghH9R8hk+MAJmnHkEEWnzh0Izl6C+uJ+wTTxqsrW4OOHdU8GcxN/
WrohvNpW0+lS7hgsWLoLxVqi8/R9+yGKD1X1HL7baQuPTp352VGstffkN/X/m8fN
VN5zcCYvgsVs5jUozw4HtDNNasgQuUS+2PjM9A2qfkr7NgSsRV2cJoelHte+LELA
LyW38pkSDudp/bPsCEJv5WcCZsl6x+l3Pv9QP4Zddu/RIU6G3ck19/g+6TubAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQU4tFXQWa6JkRPs4Ogg/qTVHE0LWkwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMTk4ODMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjQtx
AwQAjQt4MA0GCSqGSIb3DQEBCwUAA4IBAQBoraO3B5KWKiKt6FiN3446uAu2kRrL
6yAM6txclNvPAfLkzYeAZ3LOcEPhvxd2pT/EA8/xahY2wpWBaCsKVmVeVq0c9+wz
zbStPzW/6T/ZpGgI2ykQvQNW+h958eiqrhbZ7gcBsg/8Svo+bzNBlYxHYfmsYrp7
IPW3jyO35mkeYzp82ImlW62Wqnt4FWbwqx9BnxLWaEAI1D8+v4GTLMRz/uqV64Th
cAEe6DCFqy2mSpiCGLRInu7JdmjgK4ovlxKTt4LRkivnlMi7Tsg+ODaaEytkBGdt
6YiS5Ur7siauLm3uNVWMgJRKoq5MHYBbMEMP3sg3u35HIktDsW4Z4fGF
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:52 2025 by rpki-client