Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: l7R6wcL+4Mf9rBN6B9KLbuqBcHgsqB+1wbB5wELqbvg=
Subject key identifier: DB:26:F6:66:45:DD:09:14:0A:81:A1:71:56:52:65:74:E9:15:71:83
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 523EA5BAC37209FE8ACCCCF05C321BA322664074
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS212238.roa
Signing time: Tue 03 Sep 2024 00:00:23 +0000
ROA not before: Mon 02 Sep 2024 23:55:23 +0000
ROA not after: Tue 02 Sep 2025 00:00:23 +0000
asID: 212238
IP address blocks: 141.11.68.0/24 maxlen: 24
141.11.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:3e:a5:ba:c3:72:09:fe:8a:cc:cc:f0:5c:32:1b:a3:22:66:40:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Sep 2 23:55:23 2024 GMT
Not After : Sep 2 00:00:23 2025 GMT
Subject: CN=DB26F66645DD09140A81A17156526574E9157183
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:95:78:96:1f:d6:bb:55:b3:73:f0:d9:20:59:
36:89:50:fc:00:ae:8b:24:44:8a:c4:c7:15:e1:c4:
b7:e5:a1:86:ce:96:2b:5c:1f:4b:42:e1:08:67:2a:
3d:0f:d7:c8:30:24:bb:0b:d7:53:5d:f5:a8:14:b6:
f2:4e:a8:09:9e:d5:eb:37:f5:67:5a:93:b7:80:d1:
9b:43:16:f6:1d:4f:80:88:60:6e:70:3c:52:84:be:
46:40:b8:92:59:c6:4c:6f:8c:66:7a:9f:83:ea:a8:
9e:61:5d:39:3a:8c:df:6a:4d:b8:e6:ec:9f:47:3b:
b4:6f:3d:74:df:e4:b9:25:3d:3a:43:89:b3:82:67:
45:e5:34:fd:3f:70:6c:3b:7e:b2:a6:6b:e2:5b:71:
d0:b7:6c:cc:98:74:92:2f:b4:ae:0a:10:d7:7e:21:
05:93:3d:ff:b9:72:3a:e6:64:a9:f6:bf:4b:7b:76:
f3:38:d7:d3:59:46:6e:2c:ec:9d:7f:4c:26:fc:af:
5c:79:db:f6:d7:f9:1d:e9:83:bc:0a:34:3a:b6:4a:
c9:d5:7b:f3:4c:8d:85:66:9c:3a:d8:06:97:68:a8:
52:a7:36:40:22:a1:db:2e:0c:2c:04:6e:d6:3c:fb:
4e:03:c1:f7:ec:7f:4c:34:82:90:73:df:2c:d0:f3:
75:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:26:F6:66:45:DD:09:14:0A:81:A1:71:56:52:65:74:E9:15:71:83
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.68.0/24
141.11.244.0/24
Signature Algorithm: sha256WithRSAEncryption
35:89:b3:55:40:c1:54:aa:24:bb:7e:91:a7:41:dd:00:bf:98:
b1:ca:7e:d9:e3:98:c8:19:00:89:8c:b8:9d:e6:a3:40:7d:2c:
12:3f:86:a5:d0:b0:8a:c6:28:be:cf:73:6c:df:8b:3c:ef:09:
5b:08:73:28:c0:5a:a4:13:2f:6a:17:14:5a:ff:16:4f:7e:5b:
41:d9:85:ee:14:10:af:f6:5b:49:c2:bd:22:81:e7:5c:a8:b3:
77:e2:9d:65:cf:9c:aa:4b:9c:fc:69:f1:ba:15:a4:c5:5a:b7:
6e:a1:db:d6:b6:6c:3b:58:94:b8:72:dd:cc:d8:d6:c4:34:52:
f6:98:a6:9e:3d:a4:97:4a:bc:10:5b:e6:6d:92:48:54:aa:4c:
8b:26:31:fa:f9:c8:28:e6:c1:3a:9a:f4:a6:1b:ac:44:f0:de:
ac:3f:78:c5:b6:78:2d:1a:66:73:76:3b:7a:25:03:6f:a2:47:
18:4c:52:0c:d2:96:f5:d0:91:9d:7b:cc:60:4e:7a:2a:8f:95:
9a:7d:65:41:cb:d0:58:c5:8f:a6:e5:7f:93:fa:c7:37:a2:36:
80:02:1d:69:30:3f:5a:5c:29:e3:c9:fa:01:f8:2e:73:c5:70:
d4:2a:4c:60:38:4b:a7:7f:df:2f:d7:87:ce:8f:79:c5:fa:bd:
f2:80:c2:09
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUUj6lusNyCf6KzMzwXDIboyJmQHQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDA5MDIyMzU1MjNaFw0yNTA5MDIwMDAwMjNaMDMxMTAvBgNV
BAMTKERCMjZGNjY2NDVERDA5MTQwQTgxQTE3MTU2NTI2NTc0RTkxNTcxODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNlXiWH9a7VbNz8NkgWTaJUPwA
roskRIrExxXhxLfloYbOlitcH0tC4QhnKj0P18gwJLsL11Nd9agUtvJOqAme1es3
9Wdak7eA0ZtDFvYdT4CIYG5wPFKEvkZAuJJZxkxvjGZ6n4PqqJ5hXTk6jN9qTbjm
7J9HO7RvPXTf5LklPTpDibOCZ0XlNP0/cGw7frKma+JbcdC3bMyYdJIvtK4KENd+
IQWTPf+5cjrmZKn2v0t7dvM419NZRm4s7J1/TCb8r1x52/bX+R3pg7wKNDq2SsnV
e/NMjYVmnDrYBpdoqFKnNkAiodsuDCwEbtY8+04Dwffsf0w0gpBz3yzQ83XrAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQU2yb2ZkXdCRQKgaFxVlJldOkVcYMwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjQtE
AwQAjQv0MA0GCSqGSIb3DQEBCwUAA4IBAQA1ibNVQMFUqiS7fpGnQd0Av5ixyn7Z
45jIGQCJjLid5qNAfSwSP4al0LCKxii+z3Ns34s87wlbCHMowFqkEy9qFxRa/xZP
fltB2YXuFBCv9ltJwr0igedcqLN34p1lz5yqS5z8afG6FaTFWrduodvWtmw7WJS4
ct3M2NbENFL2mKaePaSXSrwQW+ZtkkhUqkyLJjH6+cgo5sE6mvSmG6xE8N6sP3jF
tngtGmZzdjt6JQNvokcYTFIM0pb10JGde8xgTnoqj5WafWVBy9BYxY+m5X+T+sc3
ojaAAh1pMD9aXCnjyfoB+C5zxXDUKkxgOEunf98v14fOj3nF+r3ygMIJ
-----END CERTIFICATE-----
Generated at Thu Nov 21 07:50:29 2024 by rpki-client on console-ams.rpki-client.org