Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS205220.roa
File: AS205220.roa (raw, json)
Hash identifier: phioTWQsENJGbo1MQxHVGLtGoJqSV0rL4lAiblI0jaA=
Subject key identifier: 03:61:82:56:95:B7:EF:BA:31:10:8B:B1:63:E2:7C:F7:18:CA:D8:A9
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 7770750359CEF95AEA08D1CCCEC2AE131C597040
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS205220.roa
Signing time: Tue 29 Oct 2024 15:43:25 +0000
ROA not before: Tue 29 Oct 2024 15:38:25 +0000
ROA not after: Tue 28 Oct 2025 15:43:25 +0000
asID: 205220
IP address blocks: 141.11.88.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Dec 2024 16:33:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:70:75:03:59:ce:f9:5a:ea:08:d1:cc:ce:c2:ae:13:1c:59:70:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Oct 29 15:38:25 2024 GMT
Not After : Oct 28 15:43:25 2025 GMT
Subject: CN=0361825695B7EFBA31108BB163E27CF718CAD8A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fa:e7:76:60:38:a0:a4:ae:9a:b0:00:a5:af:
1e:d9:49:27:ac:65:45:7e:0a:8e:eb:cc:02:37:9d:
83:9d:c6:11:7d:38:f1:f4:7e:87:18:03:b3:75:fc:
9b:66:08:16:82:0c:21:35:ed:d7:de:1c:ff:0b:2a:
23:f1:3d:b2:0e:53:6a:c7:16:73:71:6a:04:13:b6:
e3:5d:b0:08:c1:ea:2b:fb:ee:ec:6f:60:c5:fa:ca:
e5:36:40:ae:e5:eb:d5:50:c6:77:50:3d:c9:dd:69:
3c:6b:72:6d:b6:aa:50:64:ba:88:7a:29:8a:44:4a:
c5:9b:a7:0a:b3:0e:64:7c:49:96:93:c3:93:bb:bf:
0e:c3:87:6b:09:12:bc:0f:4b:0d:fa:00:b6:c6:d7:
d2:11:0c:dc:fa:06:a0:09:23:d3:e4:c7:4d:82:4a:
01:0c:f5:1e:0a:99:dd:b4:55:ce:f8:20:b8:9a:9b:
11:b1:5d:d5:c2:56:35:25:1d:45:97:37:b3:72:27:
88:49:cc:b3:18:a2:51:23:0d:e7:f3:c5:0a:5d:83:
06:e5:cd:f8:cc:46:b3:7a:f8:35:64:52:26:c0:ac:
3f:6a:7f:f9:43:3a:71:35:83:d2:b7:9d:91:5b:bc:
48:52:f8:c4:6c:f4:0d:27:8f:3f:aa:a0:60:84:e4:
55:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:61:82:56:95:B7:EF:BA:31:10:8B:B1:63:E2:7C:F7:18:CA:D8:A9
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS205220.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.88.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:9f:25:54:48:76:b6:08:8c:01:4d:83:ef:e7:04:7f:54:6c:
67:fa:d4:3d:a9:fb:a5:3b:9b:2c:c7:e7:58:f6:5d:06:0b:07:
02:a8:b6:9d:a9:5b:b8:5f:4f:28:f7:76:35:ff:90:82:fd:9d:
a6:b0:74:ac:94:20:95:e8:83:d7:e1:34:ca:65:ae:50:e5:fe:
68:42:28:8f:10:db:69:54:97:8f:6a:4d:6e:01:f8:ee:bf:75:
c3:cb:ac:be:a3:e2:2a:9c:da:ac:51:98:16:7f:03:86:b2:2c:
b6:fa:84:59:33:02:6c:46:71:39:30:2b:5c:4b:1c:16:95:81:
6a:4b:92:98:99:8a:a9:f1:e0:6f:ad:ab:df:75:f8:a8:6f:e6:
b8:9b:da:d9:1f:02:9b:df:93:f9:28:cf:e2:f6:35:da:af:91:
29:69:43:bc:0e:83:eb:59:a1:ee:c6:d4:c6:e1:e8:59:eb:aa:
4b:c0:68:26:9e:4e:d3:b4:59:d0:3d:67:f5:b6:27:d6:3d:55:
41:d5:25:0a:f5:08:60:15:a7:b2:ce:a0:4b:7b:19:e2:ed:7b:
5f:c7:58:21:a0:40:1f:85:37:b3:01:1e:99:4f:19:e1:4a:64:
13:9d:13:2c:6e:82:04:d8:3c:d6:53:0d:e2:ce:22:c7:da:b0:
77:30:00:96
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUd3B1A1nO+VrqCNHMzsKuExxZcEAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDEwMjkxNTM4MjVaFw0yNTEwMjgxNTQzMjVaMDMxMTAvBgNV
BAMTKDAzNjE4MjU2OTVCN0VGQkEzMTEwOEJCMTYzRTI3Q0Y3MThDQUQ4QTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCh+ud2YDigpK6asAClrx7ZSSes
ZUV+Co7rzAI3nYOdxhF9OPH0focYA7N1/JtmCBaCDCE17dfeHP8LKiPxPbIOU2rH
FnNxagQTtuNdsAjB6iv77uxvYMX6yuU2QK7l69VQxndQPcndaTxrcm22qlBkuoh6
KYpESsWbpwqzDmR8SZaTw5O7vw7Dh2sJErwPSw36ALbG19IRDNz6BqAJI9Pkx02C
SgEM9R4Kmd20Vc74ILiamxGxXdXCVjUlHUWXN7NyJ4hJzLMYolEjDefzxQpdgwbl
zfjMRrN6+DVkUibArD9qf/lDOnE1g9K3nZFbvEhS+MRs9A0njz+qoGCE5FVbAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUA2GCVpW377oxEIuxY+J89xjK2KkwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjA1MjIwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCjQtY
MA0GCSqGSIb3DQEBCwUAA4IBAQCKnyVUSHa2CIwBTYPv5wR/VGxn+tQ9qfulO5ss
x+dY9l0GCwcCqLadqVu4X08o93Y1/5CC/Z2msHSslCCV6IPX4TTKZa5Q5f5oQiiP
ENtpVJePak1uAfjuv3XDy6y+o+IqnNqsUZgWfwOGsiy2+oRZMwJsRnE5MCtcSxwW
lYFqS5KYmYqp8eBvravfdfiob+a4m9rZHwKb35P5KM/i9jXar5EpaUO8DoPrWaHu
xtTG4ehZ66pLwGgmnk7TtFnQPWf1tifWPVVB1SUK9QhgFaeyzqBLexni7Xtfx1gh
oEAfhTezAR6ZTxnhSmQTnRMsboIE2DzWUw3iziLH2rB3MACW
-----END CERTIFICATE-----
Generated at Tue Dec 10 20:35:58 2024 by rpki-client on console-ams.rpki-client.org