Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: /AOdUAQifwhakoiLZKfJOBj8IrVAcSwoP7aPOl9QAxY=
Subject key identifier: BC:8C:24:6D:1B:B2:D8:68:9D:08:8D:A3:D6:80:B7:B9:7B:A8:52:54
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 3519F77F268491CB8404AED4F139A7E39CB6C04D
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS212238.roa
Signing time: Mon 25 Mar 2024 12:32:30 +0000
ROA not before: Mon 25 Mar 2024 12:27:30 +0000
ROA not after: Mon 24 Mar 2025 12:32:30 +0000
asID: 212238
IP address blocks: 141.11.32.0/24 maxlen: 24
141.11.68.0/24 maxlen: 24
141.11.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 02:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:19:f7:7f:26:84:91:cb:84:04:ae:d4:f1:39:a7:e3:9c:b6:c0:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Mar 25 12:27:30 2024 GMT
Not After : Mar 24 12:32:30 2025 GMT
Subject: CN=BC8C246D1BB2D8689D088DA3D680B7B97BA85254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:21:11:06:9d:16:31:59:6d:64:9c:d8:a6:c6:
fc:91:b6:01:9c:bf:b1:0f:74:31:a8:38:f7:99:84:
be:2e:8b:8b:63:e0:f3:1b:76:e7:2f:7d:ae:7a:1f:
f0:7b:c0:be:7a:0c:67:f9:c2:ae:72:01:5f:3a:cd:
8d:0c:4f:2c:96:9d:54:8e:69:d3:02:31:5b:f7:c1:
da:51:0e:5b:2e:1b:f9:56:49:48:c6:db:08:77:7e:
ec:04:f0:a1:b4:7b:1c:30:a0:3f:17:ce:8c:44:c0:
de:d3:ee:40:e7:af:ad:e2:bb:65:4a:c7:5d:56:3a:
1b:61:64:73:e8:8b:21:ea:35:2f:ae:15:bc:fc:0c:
f3:c4:a7:3a:c9:8e:34:8a:3b:35:43:1b:df:07:92:
44:a5:1d:cc:40:90:c3:e0:6e:85:1e:27:65:b5:99:
46:8e:aa:40:e1:5c:1d:eb:46:79:8c:e6:c1:11:48:
73:bd:84:df:67:7b:52:df:49:a8:e1:08:5a:c0:6b:
a8:86:88:ba:59:94:61:1f:3b:73:4f:5b:3d:73:0a:
42:b1:d9:25:1e:16:11:78:31:03:05:2d:78:ef:da:
40:1a:43:e7:e8:01:e8:cb:f0:7f:64:e7:e8:6a:a4:
90:45:f5:ea:15:69:08:14:0f:86:f3:3e:6c:49:4f:
e0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:8C:24:6D:1B:B2:D8:68:9D:08:8D:A3:D6:80:B7:B9:7B:A8:52:54
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.32.0/24
141.11.68.0/24
141.11.244.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:f7:9f:d2:46:f8:09:5a:25:97:bf:4f:6d:7b:71:24:a5:d2:
dd:76:26:9c:73:bd:85:e0:a6:92:fe:5c:3d:b9:06:71:bc:2e:
99:02:00:c6:f4:0e:39:eb:e9:14:f5:62:99:50:db:1f:e8:2b:
82:16:b7:f8:47:86:16:94:bb:32:92:17:ed:db:c7:d5:54:e4:
9d:a0:2c:2d:db:8c:b8:68:62:32:5d:82:d7:e4:8c:4c:ba:38:
73:e9:76:cf:8a:02:b7:6f:6e:bf:bd:3e:74:0d:12:83:32:86:
ed:eb:ef:29:93:d6:98:9f:34:11:fb:a1:45:d9:9f:c4:c2:f4:
07:ba:93:17:61:06:32:01:2e:27:09:af:75:cd:15:55:b8:13:
15:7a:c4:3c:c2:67:2e:13:04:26:1c:03:50:bf:77:d6:9a:bc:
06:1e:46:fa:30:97:fa:a5:ee:03:7b:14:c0:53:3b:bd:c4:8a:
8e:1c:62:b5:83:7e:e6:07:9f:19:c7:d0:82:ae:39:b9:8a:44:
fa:5e:31:ac:d0:1c:9f:b3:9d:43:29:41:3c:ae:ab:85:d4:50:
92:08:3d:b6:14:23:8d:36:34:b3:37:0a:de:77:da:f7:15:03:
51:5c:e4:59:11:a5:d8:a3:27:ce:50:78:79:b1:42:c0:53:6a:
a6:63:dc:98
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUNRn3fyaEkcuEBK7U8Tmn45y2wE0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDAzMjUxMjI3MzBaFw0yNTAzMjQxMjMyMzBaMDMxMTAvBgNV
BAMTKEJDOEMyNDZEMUJCMkQ4Njg5RDA4OERBM0Q2ODBCN0I5N0JBODUyNTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJIREGnRYxWW1knNimxvyRtgGc
v7EPdDGoOPeZhL4ui4tj4PMbducvfa56H/B7wL56DGf5wq5yAV86zY0MTyyWnVSO
adMCMVv3wdpRDlsuG/lWSUjG2wh3fuwE8KG0exwwoD8XzoxEwN7T7kDnr63iu2VK
x11WOhthZHPoiyHqNS+uFbz8DPPEpzrJjjSKOzVDG98HkkSlHcxAkMPgboUeJ2W1
mUaOqkDhXB3rRnmM5sERSHO9hN9ne1LfSajhCFrAa6iGiLpZlGEfO3NPWz1zCkKx
2SUeFhF4MQMFLXjv2kAaQ+foAejL8H9k5+hqpJBF9eoVaQgUD4bzPmxJT+BtAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUvIwkbRuy2GidCI2j1oC3uXuoUlQwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAjQsg
AwQAjQtEAwQAjQv0MA0GCSqGSIb3DQEBCwUAA4IBAQCc95/SRvgJWiWXv09te3Ek
pdLddiacc72F4KaS/lw9uQZxvC6ZAgDG9A456+kU9WKZUNsf6CuCFrf4R4YWlLsy
khft28fVVOSdoCwt24y4aGIyXYLX5IxMujhz6XbPigK3b26/vT50DRKDMobt6+8p
k9aYnzQR+6FF2Z/EwvQHupMXYQYyAS4nCa91zRVVuBMVesQ8wmcuEwQmHANQv3fW
mrwGHkb6MJf6pe4DexTAUzu9xIqOHGK1g37mB58Zx9CCrjm5ikT6XjGs0Byfs51D
KUE8rquF1FCSCD22FCONNjSzNwred9r3FQNRXORZEaXYoyfOUHh5sULAU2qmY9yY
-----END CERTIFICATE-----
Generated at Sat Apr 27 12:05:20 2024 by rpki-client on console-ams.rpki-client.org