Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS211440.roa
File: AS211440.roa (raw, json)
Hash identifier: ZgNI+bp0mCN0NwkDfZyYSGklt20SfK5ZZz/4WWphZLg=
Subject key identifier: 34:AD:DD:C0:73:EB:A4:49:DA:1D:66:D8:FF:B0:1E:E1:A4:97:66:BD
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 318C30754EFF916F4DD44529427326B22606F455
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS211440.roa
Signing time: Sat 12 Aug 2023 00:00:14 +0000
ROA not before: Fri 11 Aug 2023 23:55:14 +0000
ROA not after: Sat 10 Aug 2024 00:00:14 +0000
asID: 211440
IP address blocks: 141.11.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:8c:30:75:4e:ff:91:6f:4d:d4:45:29:42:73:26:b2:26:06:f4:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Aug 11 23:55:14 2023 GMT
Not After : Aug 10 00:00:14 2024 GMT
Subject: CN=34ADDDC073EBA449DA1D66D8FFB01EE1A49766BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c8:27:45:a1:fb:fd:f6:c3:1c:6a:21:49:78:
43:26:bc:7f:55:4b:c2:46:34:2f:55:95:e7:19:42:
be:7e:96:de:5e:1d:24:50:2c:f7:3c:24:da:b8:26:
a9:07:90:68:da:b9:e1:9c:5d:d7:16:0f:78:fe:74:
c5:4f:3f:c1:bb:ab:eb:41:88:16:df:d6:68:dc:cb:
c0:9e:c8:c4:77:5b:2a:a0:c2:b3:31:2a:37:af:f6:
43:42:be:45:a4:b6:ac:fa:4a:cd:08:06:0c:b1:4c:
36:87:13:b6:0f:ef:1f:2e:c0:01:d2:59:09:0f:96:
db:5b:5b:e5:78:c3:fd:66:4a:14:32:b0:27:7b:52:
ec:04:fa:f2:ea:b9:f6:6f:eb:ed:ee:07:3c:13:23:
7d:09:4c:32:03:af:42:a8:fa:d8:95:77:4c:d8:3b:
79:40:5a:7d:31:2a:cd:29:e0:a9:46:95:fc:03:00:
51:32:35:2a:ec:b8:e2:c6:92:ec:8a:cd:32:f6:2d:
fb:9e:d1:d9:5f:92:f0:dc:cc:59:82:82:0f:b5:82:
1f:69:68:ad:d2:4d:20:08:6a:f0:94:83:de:01:83:
e6:37:fc:6b:22:ec:51:80:c4:2f:16:f2:e3:5b:eb:
41:04:db:08:04:69:a5:5b:64:e7:f3:5f:93:29:f8:
00:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:AD:DD:C0:73:EB:A4:49:DA:1D:66:D8:FF:B0:1E:E1:A4:97:66:BD
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS211440.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.99.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:eb:b0:41:63:23:73:3a:2a:2b:79:6e:19:8e:ee:1d:ed:2a:
64:40:2e:47:91:4f:ab:7f:92:ec:62:ab:7b:83:eb:0e:de:e7:
d8:4e:b9:8f:aa:7f:0e:cb:09:3d:79:0b:0d:ad:c4:61:58:46:
43:ff:4f:d4:47:9a:8c:bb:ce:14:85:12:f6:d7:19:5b:2a:dc:
fa:5f:9a:28:44:73:0f:f2:f7:64:b1:54:20:e4:45:50:37:2d:
ed:a1:71:49:ec:f6:41:c0:ef:a6:34:c9:92:2a:96:f5:73:8d:
aa:a4:ee:e4:c3:82:03:a6:bf:bc:20:18:69:e9:89:6b:5d:8b:
f8:59:82:5d:63:2d:f2:1e:a9:72:aa:1e:a2:bf:de:58:a1:db:
5e:27:4d:77:71:3e:6e:42:25:24:22:36:c0:ee:9f:3b:9c:1d:
96:b6:d1:fc:a8:db:e6:9d:61:e3:8b:83:d1:87:0f:55:95:98:
49:b4:08:99:24:7c:eb:27:1b:1c:82:d6:6b:e5:1d:f2:dc:93:
ac:83:85:0b:d9:2b:55:93:5c:79:06:3b:56:47:8f:b8:27:76:
08:e1:21:92:00:a1:5e:64:47:02:ee:78:3d:ee:9e:08:38:97:
07:b4:09:d3:10:59:3d:a1:cd:b2:52:d3:a6:d0:be:b9:40:c3:
96:10:b6:30
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUMYwwdU7/kW9N1EUpQnMmsiYG9FUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzA4MTEyMzU1MTRaFw0yNDA4MTAwMDAwMTRaMDMxMTAvBgNV
BAMTKDM0QUREREMwNzNFQkE0NDlEQTFENjZEOEZGQjAxRUUxQTQ5NzY2QkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvyCdFofv99sMcaiFJeEMmvH9V
S8JGNC9VlecZQr5+lt5eHSRQLPc8JNq4JqkHkGjaueGcXdcWD3j+dMVPP8G7q+tB
iBbf1mjcy8CeyMR3WyqgwrMxKjev9kNCvkWktqz6Ss0IBgyxTDaHE7YP7x8uwAHS
WQkPlttbW+V4w/1mShQysCd7UuwE+vLqufZv6+3uBzwTI30JTDIDr0Ko+tiVd0zY
O3lAWn0xKs0p4KlGlfwDAFEyNSrsuOLGkuyKzTL2Lfue0dlfkvDczFmCgg+1gh9p
aK3STSAIavCUg94Bg+Y3/Gsi7FGAxC8W8uNb60EE2wgEaaVbZOfzX5Mp+AB9AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUNK3dwHPrpEnaHWbY/7Ae4aSXZr0wHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjExNDQwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjQtj
MA0GCSqGSIb3DQEBCwUAA4IBAQCL67BBYyNzOioreW4Zju4d7SpkQC5HkU+rf5Ls
Yqt7g+sO3ufYTrmPqn8Oywk9eQsNrcRhWEZD/0/UR5qMu84UhRL21xlbKtz6X5oo
RHMP8vdksVQg5EVQNy3toXFJ7PZBwO+mNMmSKpb1c42qpO7kw4IDpr+8IBhp6Ylr
XYv4WYJdYy3yHqlyqh6iv95YodteJ013cT5uQiUkIjbA7p87nB2WttH8qNvmnWHj
i4PRhw9VlZhJtAiZJHzrJxscgtZr5R3y3JOsg4UL2StVk1x5BjtWR4+4J3YI4SGS
AKFeZEcC7ng97p4IOJcHtAnTEFk9oc2yUtOm0L65QMOWELYw
-----END CERTIFICATE-----
Generated at Sun May 5 15:51:35 2024 by rpki-client on console-fra.rpki-client.org