Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS205091.roa
File: AS205091.roa (raw, json)
Hash identifier: wnXz/fu1Q8IT/4mkYdGUFxZFAkpzv8ogm/iXUFgGrFw=
Subject key identifier: F6:41:40:60:DE:23:37:23:19:DC:BA:1F:6A:55:79:40:13:60:01:B0
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 07323734607C525A31F1124AFDAFEDEC18BD191C
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS205091.roa
Signing time: Tue 13 Aug 2024 09:08:10 +0000
ROA not before: Tue 13 Aug 2024 09:03:10 +0000
ROA not after: Tue 12 Aug 2025 09:08:10 +0000
asID: 205091
IP address blocks: 141.11.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:32:37:34:60:7c:52:5a:31:f1:12:4a:fd:af:ed:ec:18:bd:19:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Aug 13 09:03:10 2024 GMT
Not After : Aug 12 09:08:10 2025 GMT
Subject: CN=F6414060DE23372319DCBA1F6A557940136001B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:24:8f:1b:18:d1:35:2a:0a:80:b9:f2:56:8d:
d8:18:b0:dc:8c:e7:46:16:c3:72:95:f3:ac:14:75:
2a:b6:af:94:a2:f1:1e:42:c6:c6:c5:9c:8a:10:81:
fc:ac:43:90:2f:0f:aa:c5:36:d3:40:41:87:7e:f2:
8f:48:77:95:a1:69:23:a7:36:ba:d5:13:34:32:f1:
25:d9:cb:83:d7:62:a8:ed:ab:1d:27:9b:a2:e7:63:
0c:77:1d:66:09:14:55:ef:a3:a1:c6:05:4b:bf:2d:
f7:d1:61:cc:34:93:4f:0c:b1:8b:7d:be:95:42:3b:
ee:ba:6d:95:9a:0f:76:e3:d0:c3:5a:c6:ac:41:cc:
39:73:63:a7:6d:5c:e2:51:aa:ef:87:3a:e2:1e:29:
c5:dd:e4:b1:14:f6:5e:39:d9:37:be:45:6c:af:be:
60:3a:78:d1:c3:12:a0:b2:e2:e0:2e:c9:bc:0d:b3:
c2:c9:70:a6:39:5a:bf:fe:10:42:d7:49:40:e6:f9:
2f:23:52:07:1c:19:30:07:f9:84:d8:d4:2a:82:48:
1e:42:99:bd:bc:a0:61:20:45:2b:2c:a9:e8:12:dd:
8d:ff:e4:c5:a3:ce:ca:b8:3f:aa:9a:96:42:bf:2b:
79:1c:e8:aa:06:49:1b:a7:e7:55:e2:80:14:bc:ed:
84:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:41:40:60:DE:23:37:23:19:DC:BA:1F:6A:55:79:40:13:60:01:B0
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS205091.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.248.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:23:ac:80:bb:4b:74:bc:82:65:8e:92:51:4d:24:78:75:60:
6e:a9:5d:ae:fd:bb:a0:0c:09:a3:c5:81:d7:1d:f6:0d:3e:1f:
a4:f2:99:ea:4c:a2:5f:76:9c:09:0e:48:b1:08:70:0d:04:bc:
70:9c:33:80:c6:03:60:f9:e7:2d:84:e3:e7:c0:05:b6:9e:9f:
a0:41:36:e9:36:c6:f2:07:f4:36:ed:9a:cd:f4:64:16:17:a4:
79:ec:92:78:d1:7e:31:17:47:ac:16:e4:12:a2:97:d4:aa:24:
7f:01:41:af:ff:a8:7a:b4:c8:2f:d4:43:81:af:e9:35:e2:fd:
cf:c1:6c:b3:26:ac:27:90:65:b5:c3:df:2c:91:fd:a4:24:51:
f9:bc:a0:65:3e:50:44:46:92:9c:f7:35:04:2e:0e:bd:f0:1a:
ca:87:49:5b:73:84:8b:57:e0:d8:4a:01:da:d1:5e:04:22:30:
65:66:24:dc:67:03:a5:b5:2e:74:22:b2:0a:91:45:01:7c:2b:
08:91:ab:9d:3b:c7:d6:c9:e5:23:83:d1:29:fc:4d:f6:a7:60:
e7:7f:f0:88:cf:1d:b8:18:25:20:ed:a0:49:2d:c1:1b:f5:5f:
c4:90:cf:58:12:4b:5b:1a:9f:81:e7:4a:56:61:90:1b:a5:ff:
c0:3e:9d:2d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUBzI3NGB8Ulox8RJK/a/t7Bi9GRwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDA4MTMwOTAzMTBaFw0yNTA4MTIwOTA4MTBaMDMxMTAvBgNV
BAMTKEY2NDE0MDYwREUyMzM3MjMxOURDQkExRjZBNTU3OTQwMTM2MDAxQjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcJI8bGNE1KgqAufJWjdgYsNyM
50YWw3KV86wUdSq2r5Si8R5CxsbFnIoQgfysQ5AvD6rFNtNAQYd+8o9Id5WhaSOn
NrrVEzQy8SXZy4PXYqjtqx0nm6LnYwx3HWYJFFXvo6HGBUu/LffRYcw0k08MsYt9
vpVCO+66bZWaD3bj0MNaxqxBzDlzY6dtXOJRqu+HOuIeKcXd5LEU9l452Te+RWyv
vmA6eNHDEqCy4uAuybwNs8LJcKY5Wr/+EELXSUDm+S8jUgccGTAH+YTY1CqCSB5C
mb28oGEgRSssqegS3Y3/5MWjzsq4P6qalkK/K3kc6KoGSRun51XigBS87YQBAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU9kFAYN4jNyMZ3LofalV5QBNgAbAwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjA1MDkxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjQv4
MA0GCSqGSIb3DQEBCwUAA4IBAQCnI6yAu0t0vIJljpJRTSR4dWBuqV2u/bugDAmj
xYHXHfYNPh+k8pnqTKJfdpwJDkixCHANBLxwnDOAxgNg+ecthOPnwAW2np+gQTbp
NsbyB/Q27ZrN9GQWF6R57JJ40X4xF0esFuQSopfUqiR/AUGv/6h6tMgv1EOBr+k1
4v3PwWyzJqwnkGW1w98skf2kJFH5vKBlPlBERpKc9zUELg698BrKh0lbc4SLV+DY
SgHa0V4EIjBlZiTcZwOltS50IrIKkUUBfCsIkaudO8fWyeUjg9Ep/E32p2Dnf/CI
zx24GCUg7aBJLcEb9V/EkM9YEktbGp+B50pWYZAbpf/APp0t
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:37:20 2024 by rpki-client on console-fra.rpki-client.org