Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: TwHZOPWiZnxKzIylFt0XqP2fV6OhVwebCu5Jg9nxTtk=
Subject key identifier: BE:E5:55:DD:C6:D1:04:21:FB:B7:C6:DB:E0:0E:FE:7C:11:FB:AB:F0
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 5156CE835E922810D4355C489F692BEABB97DBF1
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS20473.roa
Signing time: Tue 18 Jun 2024 10:04:09 +0000
ROA not before: Tue 18 Jun 2024 09:59:09 +0000
ROA not after: Tue 17 Jun 2025 10:04:09 +0000
asID: 20473
IP address blocks: 141.11.9.0/24 maxlen: 24
141.11.70.0/24 maxlen: 24
141.11.154.0/23 maxlen: 24
141.11.236.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Jul 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:56:ce:83:5e:92:28:10:d4:35:5c:48:9f:69:2b:ea:bb:97:db:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Jun 18 09:59:09 2024 GMT
Not After : Jun 17 10:04:09 2025 GMT
Subject: CN=BEE555DDC6D10421FBB7C6DBE00EFE7C11FBABF0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:27:3d:c0:f3:8a:c5:d4:30:bb:6e:f5:52:61:
16:00:92:d7:d1:f1:0f:1e:11:40:ed:8a:14:94:4f:
cd:79:4d:f6:9f:3c:1e:c1:5b:81:0c:3a:a5:60:e9:
7b:97:e2:be:95:41:b7:a5:8a:c3:aa:40:a6:60:94:
e4:43:5e:74:5f:13:50:5b:06:00:d3:db:75:5b:22:
3f:8a:47:1d:a5:d5:18:8a:0c:4d:22:c2:02:e2:4c:
9f:a5:1d:34:38:b9:c0:15:af:55:6e:35:59:f6:13:
d7:95:85:73:3a:60:b5:2f:04:06:28:a2:90:c9:ff:
ac:f6:b6:f8:d2:1f:50:ac:af:18:71:c6:c4:fa:a5:
0d:a1:3c:a8:ea:d9:ef:f0:31:54:95:75:2b:1e:65:
7c:08:57:08:47:e8:8e:8c:5e:79:ee:c9:97:a9:b1:
6d:16:a5:89:a4:6b:ca:7c:11:3b:7c:c6:3f:aa:76:
6d:43:27:dd:02:c6:59:52:98:0b:f1:4e:cd:c4:10:
16:3b:e6:60:c6:08:2d:df:47:10:1f:58:45:9a:ac:
b6:f8:6e:01:dc:20:ed:73:4c:07:6a:28:45:28:de:
4e:b8:05:95:3b:01:05:31:f1:bf:75:7a:65:36:61:
cc:e8:d8:af:99:dc:97:38:de:41:c7:6d:52:83:8b:
98:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:E5:55:DD:C6:D1:04:21:FB:B7:C6:DB:E0:0E:FE:7C:11:FB:AB:F0
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.9.0/24
141.11.70.0/24
141.11.154.0/23
141.11.236.0/23
Signature Algorithm: sha256WithRSAEncryption
ce:de:e7:5f:5b:a0:93:8e:f8:7f:f1:e3:fd:80:56:96:a6:2e:
d6:c7:9c:f2:da:35:8e:ee:cf:b2:f4:ac:e1:ba:b6:c1:8d:62:
13:3e:98:ce:6b:cb:56:f1:e6:ab:31:6a:8f:f1:94:b6:8a:e8:
b1:7f:66:8a:9e:65:11:9b:43:45:ee:19:29:32:8d:1a:f9:a2:
4d:01:d4:3d:7a:60:7f:52:46:83:5c:2d:a6:06:96:6c:3d:35:
ab:21:6c:d6:94:a9:6e:bb:94:bd:38:3f:12:98:3f:63:ee:4b:
6d:46:f3:46:c7:22:a6:c1:be:95:86:e7:a8:c7:67:0a:a9:9a:
74:d6:87:88:27:83:bd:18:38:3e:d1:8a:14:66:ba:8b:27:01:
34:d5:aa:c2:21:b8:40:73:d0:2d:2a:1c:70:98:db:2e:eb:97:
3c:f8:63:c5:68:54:8f:2c:d0:89:b1:c6:38:ff:48:82:12:0a:
9a:11:9a:26:45:16:d8:a0:26:c4:65:dc:62:07:87:6a:04:99:
37:f1:f3:e3:43:8d:fb:2d:cd:a1:c1:89:c9:7e:2c:a7:11:3a:
0b:bb:17:2f:22:5a:ee:a2:88:88:cc:74:13:d4:ca:67:71:0f:
aa:ed:8b:49:16:1c:75:c6:a8:0d:1b:0a:ce:1b:2a:99:0b:e3:
3c:2c:a5:86
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUUVbOg16SKBDUNVxIn2kr6ruX2/EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDA2MTgwOTU5MDlaFw0yNTA2MTcxMDA0MDlaMDMxMTAvBgNV
BAMTKEJFRTU1NUREQzZEMTA0MjFGQkI3QzZEQkUwMEVGRTdDMTFGQkFCRjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzJz3A84rF1DC7bvVSYRYAktfR
8Q8eEUDtihSUT815TfafPB7BW4EMOqVg6XuX4r6VQbelisOqQKZglORDXnRfE1Bb
BgDT23VbIj+KRx2l1RiKDE0iwgLiTJ+lHTQ4ucAVr1VuNVn2E9eVhXM6YLUvBAYo
opDJ/6z2tvjSH1CsrxhxxsT6pQ2hPKjq2e/wMVSVdSseZXwIVwhH6I6MXnnuyZep
sW0WpYmka8p8ETt8xj+qdm1DJ90CxllSmAvxTs3EEBY75mDGCC3fRxAfWEWarLb4
bgHcIO1zTAdqKEUo3k64BZU7AQUx8b91emU2Yczo2K+Z3Jc43kHHbVKDi5hbAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUvuVV3cbRBCH7t8bb4A7+fBH7q/AwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACNCwkD
BACNC0YDBAGNC5oDBAGNC+wwDQYJKoZIhvcNAQELBQADggEBAM7e519boJOO+H/x
4/2AVpamLtbHnPLaNY7uz7L0rOG6tsGNYhM+mM5ry1bx5qsxao/xlLaK6LF/Zoqe
ZRGbQ0XuGSkyjRr5ok0B1D16YH9SRoNcLaYGlmw9NashbNaUqW67lL04PxKYP2Pu
S21G80bHIqbBvpWG56jHZwqpmnTWh4gng70YOD7RihRmuosnATTVqsIhuEBz0C0q
HHCY2y7rlzz4Y8VoVI8s0Imxxjj/SIISCpoRmiZFFtigJsRl3GIHh2oEmTfx8+ND
jfstzaHBicl+LKcROgu7Fy8iWu6iiIjMdBPUymdxD6rti0kWHHXGqA0bCs4bKpkL
4zwspYY=
-----END CERTIFICATE-----
Generated at Fri Jul 26 18:15:44 2024 by rpki-client on console-fra.rpki-client.org