Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS212335.roa
File: AS212335.roa (raw, json)
Hash identifier: 6Q0xdaDUD1wLsR8z9UIcPmlEUEweknqyVa6h+V0nRf8=
Subject key identifier: A0:A8:32:B7:14:F8:EE:A6:58:70:76:73:36:45:8D:F6:62:AF:6C:7F
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 3D1C15B40B592C3094FC040AA91AD564067127B7
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS212335.roa
Signing time: Tue 28 Nov 2023 15:05:06 +0000
ROA not before: Tue 28 Nov 2023 15:00:06 +0000
ROA not after: Tue 26 Nov 2024 15:05:06 +0000
asID: 212335
IP address blocks: 141.11.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:1c:15:b4:0b:59:2c:30:94:fc:04:0a:a9:1a:d5:64:06:71:27:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Nov 28 15:00:06 2023 GMT
Not After : Nov 26 15:05:06 2024 GMT
Subject: CN=A0A832B714F8EEA65870767336458DF662AF6C7F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:7d:5b:90:6a:87:93:8a:a9:66:05:b2:64:3b:
92:8b:21:07:88:0f:fe:8e:af:e8:d0:b5:5c:4b:dc:
80:11:33:4e:ff:d9:3e:18:a6:05:db:9b:11:c5:9f:
8b:09:58:bf:0a:d6:ed:6d:44:0d:9e:ef:04:db:e3:
cf:72:bd:29:f4:4b:d1:2b:33:2a:8b:c5:4d:25:1c:
16:5f:fb:03:13:6c:41:98:a8:42:d5:7a:4b:6a:75:
20:61:6b:37:de:6e:1d:c5:85:63:67:c5:7e:38:9d:
4a:80:95:81:67:a3:29:30:df:83:94:62:c8:98:f8:
8b:02:b1:08:77:c4:f8:a1:a5:11:31:99:9b:1e:ce:
2a:11:36:e7:f6:53:09:87:60:c4:79:99:c9:26:66:
2d:2d:dc:c4:c9:4b:23:71:b9:d1:93:c4:97:21:29:
e5:03:c9:a2:4d:25:9c:12:48:3b:05:5a:e2:1a:d1:
45:1a:69:75:93:c6:e6:76:10:97:97:00:d0:12:06:
1a:04:cb:de:a9:22:6c:8c:35:1b:3e:21:ad:e0:be:
e0:bf:cd:07:0d:9b:c6:54:29:b5:6a:28:e9:81:bb:
b3:2d:2f:3c:a4:58:f5:48:e7:e8:17:69:07:2d:1a:
88:19:36:d5:c0:5d:10:be:17:c0:72:95:a1:11:3d:
0e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:A8:32:B7:14:F8:EE:A6:58:70:76:73:36:45:8D:F6:62:AF:6C:7F
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS212335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.126.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:79:a4:82:b3:b6:fc:e9:31:98:d1:2a:12:25:3e:cb:c9:22:
44:bc:3b:e9:d8:7c:8b:a6:f3:f8:9b:38:da:c6:3d:c2:a3:5e:
b1:94:19:af:80:3d:ef:af:c2:0b:2d:d5:ed:59:6c:4c:9a:ce:
a8:ad:d2:b0:a0:d7:5a:1c:47:c7:22:5a:07:63:de:77:8f:03:
cc:8e:0b:8b:3c:f8:d1:c8:0f:e4:43:70:6f:3f:d7:04:9a:b7:
e3:9c:58:7d:ea:fc:d6:68:dd:91:9d:88:b8:ae:d6:3e:43:ee:
e5:36:2d:44:ab:6c:1a:36:97:c4:7c:d7:b9:f4:df:c1:6c:d1:
c6:29:c9:ff:1d:3f:21:aa:6b:57:e3:9a:3c:a5:12:64:90:51:
ac:24:9d:93:47:26:d7:66:c2:dd:0e:6f:b0:06:e0:f1:2e:4f:
3d:60:89:53:b0:a8:9f:72:be:ef:75:de:50:4b:d6:0e:06:7a:
f9:33:c3:91:21:b6:c0:4c:fb:78:c1:af:15:06:f9:a9:e7:1a:
f2:21:78:79:87:60:f9:bf:17:35:50:01:96:40:2d:9d:58:54:
55:72:02:33:de:78:ea:4e:c3:92:34:d8:3c:ae:26:ff:9c:7a:
a3:c4:cf:13:3a:75:ed:7e:8c:50:6f:87:8d:58:8c:8d:c8:84:
82:23:7c:16
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUPRwVtAtZLDCU/AQKqRrVZAZxJ7cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzExMjgxNTAwMDZaFw0yNDExMjYxNTA1MDZaMDMxMTAvBgNV
BAMTKEEwQTgzMkI3MTRGOEVFQTY1ODcwNzY3MzM2NDU4REY2NjJBRjZDN0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlfVuQaoeTiqlmBbJkO5KLIQeI
D/6Or+jQtVxL3IARM07/2T4YpgXbmxHFn4sJWL8K1u1tRA2e7wTb489yvSn0S9Er
MyqLxU0lHBZf+wMTbEGYqELVektqdSBhazfebh3FhWNnxX44nUqAlYFnoykw34OU
YsiY+IsCsQh3xPihpRExmZsezioRNuf2UwmHYMR5mckmZi0t3MTJSyNxudGTxJch
KeUDyaJNJZwSSDsFWuIa0UUaaXWTxuZ2EJeXANASBhoEy96pImyMNRs+Ia3gvuC/
zQcNm8ZUKbVqKOmBu7MtLzykWPVI5+gXaQctGogZNtXAXRC+F8BylaERPQ6DAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUoKgytxT47qZYcHZzNkWN9mKvbH8wHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjEyMzM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjQt+
MA0GCSqGSIb3DQEBCwUAA4IBAQCpeaSCs7b86TGY0SoSJT7LySJEvDvp2HyLpvP4
mzjaxj3Co16xlBmvgD3vr8ILLdXtWWxMms6ordKwoNdaHEfHIloHY953jwPMjguL
PPjRyA/kQ3BvP9cEmrfjnFh96vzWaN2RnYi4rtY+Q+7lNi1Eq2waNpfEfNe59N/B
bNHGKcn/HT8hqmtX45o8pRJkkFGsJJ2TRybXZsLdDm+wBuDxLk89YIlTsKifcr7v
dd5QS9YOBnr5M8ORIbbATPt4wa8VBvmp5xryIXh5h2D5vxc1UAGWQC2dWFRVcgIz
3njqTsOSNNg8rib/nHqjxM8TOnXtfoxQb4eNWIyNyISCI3wW
-----END CERTIFICATE-----
Generated at Sun May 5 15:51:35 2024 by rpki-client on console-fra.rpki-client.org