Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS211975.roa
File: AS211975.roa (raw, json)
Hash identifier: IH4StDG8sojhLSC3thGUnVcg160H7Vrl6/9lQfkmhHg=
Subject key identifier: DF:9E:E9:45:EC:87:9B:D0:19:41:E0:69:55:32:6B:AE:54:E4:8E:7F
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 3F30DF6CD57E6C00A266AFCF8B724383B50FD79E
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS211975.roa
Signing time: Tue 24 Oct 2023 15:12:15 +0000
ROA not before: Tue 24 Oct 2023 15:07:15 +0000
ROA not after: Tue 22 Oct 2024 15:12:15 +0000
asID: 211975
IP address blocks: 141.11.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:30:df:6c:d5:7e:6c:00:a2:66:af:cf:8b:72:43:83:b5:0f:d7:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Oct 24 15:07:15 2023 GMT
Not After : Oct 22 15:12:15 2024 GMT
Subject: CN=DF9EE945EC879BD01941E06955326BAE54E48E7F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:9d:e4:c1:6b:fa:db:97:e3:2d:e9:34:4c:d9:
31:0d:2a:f1:7f:e5:48:6e:a9:44:b4:e5:9a:dd:bb:
bb:d5:9e:93:68:23:d3:4f:c7:96:46:96:55:19:83:
67:ff:f1:b1:6e:6a:c7:ed:98:fe:de:f4:e1:b3:8c:
a6:a7:ed:7d:2f:8b:bb:dc:85:7c:66:ea:05:47:21:
7e:b3:6f:3f:a1:b9:e7:ee:46:f7:71:8c:61:e1:f9:
49:17:a7:8c:c4:b1:4c:e1:58:77:f9:33:1e:9c:94:
c2:6f:22:5b:c4:20:a6:43:20:ad:06:82:f7:e5:f3:
eb:0d:31:1f:92:8d:37:51:5b:b8:01:d7:ae:1f:10:
e0:e9:62:a9:f6:40:a2:3e:c6:cf:35:6c:28:de:94:
29:eb:a7:19:5d:b9:68:a4:f8:bf:f0:58:70:9d:e6:
b5:65:e2:d8:fb:18:a9:08:76:94:ba:3a:2c:fd:30:
22:eb:ce:09:a0:39:76:f9:ea:ea:0f:5e:93:e9:47:
6e:f2:4b:09:7e:d9:b5:d1:94:5b:a3:ef:37:eb:fb:
fa:c8:e9:dc:d9:ca:1a:8f:1a:dc:3f:4b:a5:e3:ba:
04:6f:82:b4:51:c4:b2:35:f5:14:eb:ae:a8:25:75:
85:e0:d0:fc:89:86:6d:4f:ff:e1:e3:c7:81:eb:8e:
b0:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:9E:E9:45:EC:87:9B:D0:19:41:E0:69:55:32:6B:AE:54:E4:8E:7F
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS211975.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.124.0/24
Signature Algorithm: sha256WithRSAEncryption
77:3d:59:55:77:01:49:f5:0d:22:91:42:cd:77:71:f3:9a:4d:
f5:11:2d:16:0b:e3:60:ac:6e:24:43:b9:9d:cc:84:cd:f6:a5:
6e:6e:2f:be:c1:ee:3b:0b:29:07:03:45:ba:7d:76:9b:ec:03:
72:96:81:5c:7c:c7:83:d6:32:54:7e:d7:11:b2:39:82:68:6e:
be:f7:f5:16:d5:68:08:8e:df:34:f8:fc:ce:41:3a:b0:e8:0b:
a9:d9:fc:3a:f0:11:ed:b2:1a:67:41:f1:a6:74:4b:05:24:47:
26:d1:77:d6:42:3c:77:7c:d7:2d:d1:24:5b:97:73:c5:5b:4f:
ed:13:5f:d8:e2:d7:7f:48:e8:ca:95:f3:0a:b0:38:4b:8c:57:
0b:17:97:30:4c:87:3f:e1:0f:83:bb:93:ae:4b:7f:ad:d1:6e:
1a:68:19:5d:f7:43:2e:91:40:d8:e9:94:b6:71:b9:70:31:ad:
1e:6e:1c:f0:b1:e0:87:11:9f:5a:a4:17:a4:c5:9b:3a:8c:6b:
b3:41:b2:33:63:16:3b:e3:0e:6b:5d:cf:19:fc:50:2f:c1:77:
04:f6:ea:51:bf:86:db:7d:e3:91:57:24:4b:c4:3d:0e:47:4d:
cd:af:84:95:a4:03:dd:73:53:5c:10:3a:8f:7c:54:98:c8:b5:
3a:aa:81:22
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUPzDfbNV+bACiZq/Pi3JDg7UP154wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzEwMjQxNTA3MTVaFw0yNDEwMjIxNTEyMTVaMDMxMTAvBgNV
BAMTKERGOUVFOTQ1RUM4NzlCRDAxOTQxRTA2OTU1MzI2QkFFNTRFNDhFN0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD4neTBa/rbl+Mt6TRM2TENKvF/
5UhuqUS05Zrdu7vVnpNoI9NPx5ZGllUZg2f/8bFuasftmP7e9OGzjKan7X0vi7vc
hXxm6gVHIX6zbz+huefuRvdxjGHh+UkXp4zEsUzhWHf5Mx6clMJvIlvEIKZDIK0G
gvfl8+sNMR+SjTdRW7gB164fEODpYqn2QKI+xs81bCjelCnrpxlduWik+L/wWHCd
5rVl4tj7GKkIdpS6Oiz9MCLrzgmgOXb56uoPXpPpR27ySwl+2bXRlFuj7zfr+/rI
6dzZyhqPGtw/S6XjugRvgrRRxLI19RTrrqgldYXg0PyJhm1P/+Hjx4HrjrB9AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU357pReyHm9AZQeBpVTJrrlTkjn8wHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjExOTc1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjQt8
MA0GCSqGSIb3DQEBCwUAA4IBAQB3PVlVdwFJ9Q0ikULNd3Hzmk31ES0WC+NgrG4k
Q7mdzITN9qVubi++we47CykHA0W6fXab7ANyloFcfMeD1jJUftcRsjmCaG6+9/UW
1WgIjt80+PzOQTqw6Aup2fw68BHtshpnQfGmdEsFJEcm0XfWQjx3fNct0SRbl3PF
W0/tE1/Y4td/SOjKlfMKsDhLjFcLF5cwTIc/4Q+Du5OuS3+t0W4aaBld90MukUDY
6ZS2cblwMa0ebhzwseCHEZ9apBekxZs6jGuzQbIzYxY74w5rXc8Z/FAvwXcE9upR
v4bbfeORVyRLxD0OR03Nr4SVpAPdc1NcEDqPfFSYyLU6qoEi
-----END CERTIFICATE-----
Generated at Sun May 5 14:38:07 2024 by rpki-client on console-ams.rpki-client.org