Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS212477.roa
File: AS212477.roa (raw, json)
Hash identifier: DvelHMYXG3rikVT3Z7n+i1TR+e3YqJ+nGI7ZYVyqitY=
Subject key identifier: 79:A8:54:05:38:71:A6:AF:61:01:D7:F1:95:60:06:8E:C3:6C:EC:0D
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 4AB8F236AA661F2BCF5743985567A5CAE90D9943
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS212477.roa
Signing time: Thu 08 Aug 2024 16:05:19 +0000
ROA not before: Thu 08 Aug 2024 16:00:19 +0000
ROA not after: Thu 07 Aug 2025 16:05:19 +0000
asID: 212477
IP address blocks: 141.11.88.0/23 maxlen: 24
141.11.192.0/23 maxlen: 24
141.11.212.0/23 maxlen: 24
141.11.228.0/23 maxlen: 24
141.11.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:b8:f2:36:aa:66:1f:2b:cf:57:43:98:55:67:a5:ca:e9:0d:99:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Aug 8 16:00:19 2024 GMT
Not After : Aug 7 16:05:19 2025 GMT
Subject: CN=79A854053871A6AF6101D7F19560068EC36CEC0D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:09:28:f8:67:3e:3f:11:61:1c:a2:f7:4f:45:
e1:35:34:3b:f8:c6:58:40:34:6d:60:ca:62:0c:76:
e8:7c:67:21:13:a1:7f:5c:cb:35:fb:51:d0:f6:f2:
cb:ed:f2:70:7e:40:d8:07:63:5d:93:32:9a:43:17:
49:eb:34:52:0d:a9:ba:3b:5f:09:e2:2b:0d:34:3e:
08:7b:08:32:a5:38:77:00:bf:ee:87:16:84:63:97:
2b:13:1b:32:76:4e:0f:97:a7:f4:4e:bc:2f:9c:16:
7b:a2:f3:73:31:14:0f:d1:63:c4:4f:6c:fe:34:2c:
8c:a7:fe:a5:f5:03:f8:57:2c:ca:69:9d:5c:96:58:
fe:0c:80:eb:70:94:3c:b4:e7:d1:f3:de:32:3f:0b:
58:03:fa:a9:7d:47:ae:98:79:b5:83:55:04:12:35:
bc:be:fd:42:b0:4a:74:9b:a2:29:de:69:01:49:09:
ee:bc:67:00:32:97:0d:d2:55:7a:56:d4:21:50:29:
b6:64:02:13:aa:cc:e0:22:bb:2a:81:9c:0f:da:e7:
b9:85:48:af:57:e0:16:2a:3b:d1:78:95:e7:fa:52:
38:f9:77:b7:80:72:92:57:61:fa:cd:d4:a5:ba:0c:
96:a0:6e:59:af:15:5d:d2:37:f5:9b:62:70:07:9e:
e0:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:A8:54:05:38:71:A6:AF:61:01:D7:F1:95:60:06:8E:C3:6C:EC:0D
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS212477.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.88.0/23
141.11.192.0/23
141.11.212.0/23
141.11.228.0/23
141.11.234.0/23
Signature Algorithm: sha256WithRSAEncryption
73:63:82:ce:9e:cd:8f:df:1e:38:2a:95:ed:ef:75:67:8f:af:
db:6b:4e:23:e4:e5:41:ac:87:b9:41:ba:81:46:d9:05:00:2b:
90:83:e1:61:01:b4:b5:81:3e:a1:b3:cd:c1:be:47:88:07:fc:
5f:06:0e:16:4e:bb:d7:f8:b6:14:a1:dd:04:9a:c3:49:50:81:
9f:46:f6:77:75:32:43:9c:db:38:87:f0:02:bf:0b:35:aa:dc:
9f:5b:34:3a:c2:bc:3d:02:85:20:05:47:ec:d4:97:72:8e:0f:
7c:bf:b6:27:66:e2:c1:af:f3:e1:de:04:2f:3a:50:b5:cc:29:
c2:5c:cf:e0:fb:5f:ca:c4:76:20:29:70:e2:48:2d:6d:f7:a8:
35:b2:41:df:e0:4f:7a:36:5e:78:bd:f3:7d:b8:43:78:59:80:
18:75:a4:32:b2:87:18:5c:18:4b:1d:a2:86:7f:03:e4:5b:22:
0f:af:d7:33:57:75:f0:7d:a6:e5:8b:2b:ca:f4:04:3d:a3:7c:
34:6f:0c:b4:bc:a7:3b:df:62:e1:13:9b:b6:e8:5a:36:46:d7:
43:c5:c7:22:6c:35:54:ec:29:96:41:e4:6b:eb:be:a4:ee:2b:
a1:f6:90:3b:f8:c3:5c:03:7c:b1:9f:46:16:6e:ce:1a:fc:e3:
c9:6c:80:6a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUSrjyNqpmHyvPV0OYVWelyukNmUMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDA4MDgxNjAwMTlaFw0yNTA4MDcxNjA1MTlaMDMxMTAvBgNV
BAMTKDc5QTg1NDA1Mzg3MUE2QUY2MTAxRDdGMTk1NjAwNjhFQzM2Q0VDMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+CSj4Zz4/EWEcovdPReE1NDv4
xlhANG1gymIMduh8ZyEToX9cyzX7UdD28svt8nB+QNgHY12TMppDF0nrNFINqbo7
XwniKw00Pgh7CDKlOHcAv+6HFoRjlysTGzJ2Tg+Xp/ROvC+cFnui83MxFA/RY8RP
bP40LIyn/qX1A/hXLMppnVyWWP4MgOtwlDy059Hz3jI/C1gD+ql9R66YebWDVQQS
Nby+/UKwSnSboineaQFJCe68ZwAylw3SVXpW1CFQKbZkAhOqzOAiuyqBnA/a57mF
SK9X4BYqO9F4lef6Ujj5d7eAcpJXYfrN1KW6DJagblmvFV3SN/WbYnAHnuCbAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUeahUBThxpq9hAdfxlWAGjsNs7A0wHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjEyNDc3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBjQtY
AwQBjQvAAwQBjQvUAwQBjQvkAwQBjQvqMA0GCSqGSIb3DQEBCwUAA4IBAQBzY4LO
ns2P3x44KpXt73Vnj6/ba04j5OVBrIe5QbqBRtkFACuQg+FhAbS1gT6hs83BvkeI
B/xfBg4WTrvX+LYUod0EmsNJUIGfRvZ3dTJDnNs4h/ACvws1qtyfWzQ6wrw9AoUg
BUfs1Jdyjg98v7YnZuLBr/Ph3gQvOlC1zCnCXM/g+1/KxHYgKXDiSC1t96g1skHf
4E96Nl54vfN9uEN4WYAYdaQysocYXBhLHaKGfwPkWyIPr9czV3XwfabliyvK9AQ9
o3w0bwy0vKc732LhE5u26Fo2RtdDxccibDVU7CmWQeRr676k7iuh9pA7+MNcA3yx
n0YWbs4a/OPJbIBq
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:37:21 2024 by rpki-client on console-fra.rpki-client.org