Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS206092.roa
File: AS206092.roa (raw, json)
Hash identifier: HOFmIXS29jbNoDGb87Lt6FDjiD6GhlmbJSz1tsFeors=
Subject key identifier: A0:DB:7B:C8:6E:79:47:46:03:7A:49:D6:4E:03:EE:B4:66:4F:86:6B
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 5651EC9564E6E7FD1BE398B7723100CB9B1FFF2A
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS206092.roa
Signing time: Tue 28 Nov 2023 15:05:06 +0000
ROA not before: Tue 28 Nov 2023 15:00:06 +0000
ROA not after: Tue 26 Nov 2024 15:05:06 +0000
asID: 206092
IP address blocks: 141.11.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:51:ec:95:64:e6:e7:fd:1b:e3:98:b7:72:31:00:cb:9b:1f:ff:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Nov 28 15:00:06 2023 GMT
Not After : Nov 26 15:05:06 2024 GMT
Subject: CN=A0DB7BC86E794746037A49D64E03EEB4664F866B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a0:d7:e4:ef:9b:0f:fe:42:08:6c:21:d9:4f:
a3:f1:ac:b0:d4:c4:e3:0f:f5:5a:e8:2e:48:09:92:
67:8d:00:75:2c:2b:93:fb:69:7d:69:e7:69:02:be:
cf:f6:16:ed:1b:a6:30:78:c2:11:ca:28:1b:81:44:
1e:41:38:02:6e:de:e0:52:d2:2b:a5:4e:b3:3e:22:
68:fc:40:57:62:7c:e7:01:58:50:38:79:cd:df:0f:
94:82:31:40:90:22:9d:e3:cc:22:bf:1a:e3:a7:e4:
fb:4a:2e:6e:2d:52:21:00:20:db:28:c4:a8:4e:8d:
ba:bb:a9:8f:0b:3f:1b:eb:de:98:48:9f:4c:27:fe:
4d:ed:8c:8c:67:24:10:9d:68:eb:54:4e:ac:fc:c0:
bf:ac:cf:fe:ca:24:d7:2e:2b:d9:52:20:7a:be:44:
d6:7b:d3:4e:16:be:84:fe:48:38:bb:8f:0d:1f:b3:
1d:9b:e9:93:74:a1:bb:ba:28:1a:0a:80:1c:80:64:
13:45:f4:6c:7c:72:d7:b3:8d:fc:73:b5:90:bd:d5:
b3:9d:8e:f5:c0:ca:14:00:27:00:5c:a7:b2:0e:84:
d7:f7:33:1d:32:1e:2a:f5:f0:5e:58:5e:db:64:c4:
88:9c:e3:88:c7:12:2b:7a:49:dc:91:1b:db:e2:ba:
e8:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:DB:7B:C8:6E:79:47:46:03:7A:49:D6:4E:03:EE:B4:66:4F:86:6B
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS206092.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.98.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:ea:00:4b:dc:a7:07:29:77:db:f4:65:cb:94:77:2f:a7:dc:
66:3b:0b:02:59:60:f8:41:90:d2:58:8f:bf:27:f3:31:fb:3f:
cd:2f:31:b1:c8:db:f9:7d:c6:8d:7f:65:49:da:17:8f:ea:33:
66:47:ec:cd:a9:da:e2:12:1e:13:31:98:df:98:3b:8d:d7:28:
a8:34:ef:18:b8:21:0b:63:81:e6:18:34:89:a5:57:99:bd:31:
38:da:4d:5d:26:6f:b4:3b:66:bf:c1:eb:04:be:65:b9:d5:89:
22:ba:b3:fd:89:59:53:1d:77:5c:2b:c2:e0:6e:37:d6:c6:89:
0d:90:68:a7:10:d2:bc:16:e2:41:07:43:9d:ec:da:e0:3d:b9:
fe:32:6a:0f:e3:f3:f6:72:cf:ba:19:47:36:c1:52:e8:a6:d9:
af:40:c5:e1:41:8b:e8:a8:2a:49:55:50:b9:52:f7:60:1d:b8:
45:0d:88:e9:cb:24:58:c2:55:37:1d:2f:5e:4a:97:04:c4:22:
8d:4a:c3:6e:c6:1c:5a:03:22:ed:88:86:86:8a:3a:89:68:95:
0a:b7:3b:7e:23:09:0a:a4:c5:5d:4a:b2:1d:ef:c6:50:bc:1f:
04:62:26:a0:a7:b6:02:e9:3c:48:13:01:fe:da:6f:5c:ce:dc:
1c:ba:aa:2b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUVlHslWTm5/0b45i3cjEAy5sf/yowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzExMjgxNTAwMDZaFw0yNDExMjYxNTA1MDZaMDMxMTAvBgNV
BAMTKEEwREI3QkM4NkU3OTQ3NDYwMzdBNDlENjRFMDNFRUI0NjY0Rjg2NkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3oNfk75sP/kIIbCHZT6PxrLDU
xOMP9VroLkgJkmeNAHUsK5P7aX1p52kCvs/2Fu0bpjB4whHKKBuBRB5BOAJu3uBS
0iulTrM+Imj8QFdifOcBWFA4ec3fD5SCMUCQIp3jzCK/GuOn5PtKLm4tUiEAINso
xKhOjbq7qY8LPxvr3phIn0wn/k3tjIxnJBCdaOtUTqz8wL+sz/7KJNcuK9lSIHq+
RNZ7004WvoT+SDi7jw0fsx2b6ZN0obu6KBoKgByAZBNF9Gx8ctezjfxztZC91bOd
jvXAyhQAJwBcp7IOhNf3Mx0yHir18F5YXttkxIic44jHEit6SdyRG9viuugdAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUoNt7yG55R0YDeknWTgPutGZPhmswHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjA2MDkyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjQti
MA0GCSqGSIb3DQEBCwUAA4IBAQA+6gBL3KcHKXfb9GXLlHcvp9xmOwsCWWD4QZDS
WI+/J/Mx+z/NLzGxyNv5fcaNf2VJ2heP6jNmR+zNqdriEh4TMZjfmDuN1yioNO8Y
uCELY4HmGDSJpVeZvTE42k1dJm+0O2a/wesEvmW51YkiurP9iVlTHXdcK8LgbjfW
xokNkGinENK8FuJBB0Od7NrgPbn+MmoP4/P2cs+6GUc2wVLoptmvQMXhQYvoqCpJ
VVC5UvdgHbhFDYjpyyRYwlU3HS9eSpcExCKNSsNuxhxaAyLtiIaGijqJaJUKtzt+
IwkKpMVdSrId78ZQvB8EYiagp7YC6TxIEwH+2m9cztwcuqor
-----END CERTIFICATE-----
Generated at Sun May 5 14:38:07 2024 by rpki-client on console-ams.rpki-client.org