Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS205220.roa
File: AS205220.roa (raw, json)
Hash identifier: uOuYloCloS6ektOdY187cET4+r0U02Q92xmIBVjEstc=
Subject key identifier: A8:B6:C4:72:6E:06:50:5D:0C:07:35:4D:A4:F1:0B:79:22:1E:EB:2C
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 7D7868511C33F8A05F190B0DB2D7E82A48F6D4FC
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS205220.roa
Signing time: Tue 28 Nov 2023 15:05:05 +0000
ROA not before: Tue 28 Nov 2023 15:00:05 +0000
ROA not after: Tue 26 Nov 2024 15:05:05 +0000
asID: 205220
IP address blocks: 141.11.88.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:78:68:51:1c:33:f8:a0:5f:19:0b:0d:b2:d7:e8:2a:48:f6:d4:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Nov 28 15:00:05 2023 GMT
Not After : Nov 26 15:05:05 2024 GMT
Subject: CN=A8B6C4726E06505D0C07354DA4F10B79221EEB2C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bd:f6:ec:c6:84:87:1a:cb:8a:c5:27:0f:80:
23:10:ee:2d:87:6e:4b:df:0f:5f:d8:b6:1e:21:c8:
27:f8:14:b1:01:eb:91:97:fa:ce:32:a1:55:ca:7f:
72:6e:0f:d7:1a:b7:53:a0:f7:32:4e:a5:ea:2b:ac:
61:90:5a:9c:8e:3e:82:0a:17:65:f7:8d:93:1a:3c:
1b:99:c8:3d:21:11:19:c7:73:a4:21:26:88:46:8f:
1b:c4:aa:ef:38:16:ee:a5:9f:76:57:d6:9a:de:36:
60:98:94:5d:72:7f:57:54:1f:2e:d2:ae:50:f4:32:
08:8f:59:50:fd:65:77:95:8f:e6:75:28:89:15:88:
76:b1:8c:4b:1f:89:2d:17:f9:f7:8f:0a:27:a5:71:
ef:41:64:b9:ea:cc:99:cc:a9:14:de:fe:42:c1:e1:
8c:3b:55:d1:a8:7e:48:75:29:72:2e:9f:53:4b:a2:
5f:8a:ca:c2:44:7e:16:9e:57:9f:7e:ee:1b:07:08:
12:5b:5b:79:bd:15:0c:85:a1:3a:46:97:e5:80:5b:
04:08:57:77:9a:dd:16:09:86:d8:9e:69:73:d9:fe:
92:62:70:d9:2d:30:e6:d0:73:ea:e5:49:a3:29:bf:
66:44:c5:d4:65:38:6e:cc:8b:fc:d9:09:18:b3:43:
9f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:B6:C4:72:6E:06:50:5D:0C:07:35:4D:A4:F1:0B:79:22:1E:EB:2C
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS205220.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.88.0/22
Signature Algorithm: sha256WithRSAEncryption
d0:ee:7e:6c:6d:97:70:0e:7b:f2:2c:11:15:db:f3:5a:55:7f:
25:9b:29:33:d6:c9:94:4e:96:29:6b:2b:ea:43:50:9a:51:02:
fa:4a:fb:ca:8a:13:54:24:bf:6a:35:a4:4e:7d:d9:98:70:6a:
1b:93:3d:a5:ee:3c:67:8a:89:c7:c0:a5:6e:29:f4:b9:81:1e:
67:c6:78:ef:61:da:2d:5e:0c:74:71:2d:e4:a7:f7:1f:dd:77:
76:e9:18:32:88:fa:aa:69:6b:56:97:b7:98:3e:b7:47:e7:b1:
59:08:11:3c:99:a2:6e:51:11:b0:e1:b8:bf:c9:57:bb:4b:e9:
5f:ed:bf:01:10:91:f9:77:be:ae:39:95:0e:09:b4:fb:bb:ce:
c5:b0:58:72:b1:f3:a4:9d:bf:db:1d:66:2e:19:5c:50:25:3a:
b4:70:dd:b1:52:a5:39:bd:38:62:31:08:6d:10:60:31:dc:87:
dc:54:29:4b:0e:63:0c:72:4a:aa:fa:9d:f6:4d:c6:fb:95:2d:
50:40:27:d6:7d:30:f2:0d:cd:33:49:27:77:7e:6a:39:dc:84:
2a:95:a9:fc:21:2a:a8:80:9a:74:9d:35:13:04:3c:5c:de:56:
f6:f1:0a:37:04:0d:02:77:d7:76:92:b7:28:2e:b7:0a:85:28:
d5:be:3c:af
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUfXhoURwz+KBfGQsNstfoKkj21PwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzExMjgxNTAwMDVaFw0yNDExMjYxNTA1MDVaMDMxMTAvBgNV
BAMTKEE4QjZDNDcyNkUwNjUwNUQwQzA3MzU0REE0RjEwQjc5MjIxRUVCMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnvfbsxoSHGsuKxScPgCMQ7i2H
bkvfD1/Yth4hyCf4FLEB65GX+s4yoVXKf3JuD9cat1Og9zJOpeorrGGQWpyOPoIK
F2X3jZMaPBuZyD0hERnHc6QhJohGjxvEqu84Fu6ln3ZX1preNmCYlF1yf1dUHy7S
rlD0MgiPWVD9ZXeVj+Z1KIkViHaxjEsfiS0X+fePCielce9BZLnqzJnMqRTe/kLB
4Yw7VdGofkh1KXIun1NLol+KysJEfhaeV59+7hsHCBJbW3m9FQyFoTpGl+WAWwQI
V3ea3RYJhtieaXPZ/pJicNktMObQc+rlSaMpv2ZExdRlOG7Mi/zZCRizQ5+hAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUqLbEcm4GUF0MBzVNpPELeSIe6ywwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjA1MjIwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCjQtY
MA0GCSqGSIb3DQEBCwUAA4IBAQDQ7n5sbZdwDnvyLBEV2/NaVX8lmykz1smUTpYp
ayvqQ1CaUQL6SvvKihNUJL9qNaROfdmYcGobkz2l7jxnionHwKVuKfS5gR5nxnjv
YdotXgx0cS3kp/cf3Xd26RgyiPqqaWtWl7eYPrdH57FZCBE8maJuURGw4bi/yVe7
S+lf7b8BEJH5d76uOZUOCbT7u87FsFhysfOknb/bHWYuGVxQJTq0cN2xUqU5vThi
MQhtEGAx3IfcVClLDmMMckqq+p32Tcb7lS1QQCfWfTDyDc0zSSd3fmo53IQqlan8
ISqogJp0nTUTBDxc3lb28Qo3BA0Cd9d2krcoLrcKhSjVvjyv
-----END CERTIFICATE-----
Generated at Sun May 5 14:38:07 2024 by rpki-client on console-ams.rpki-client.org