Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS214016.roa
File: AS214016.roa (raw, json)
Hash identifier: 8QFs4OGg3cvW/e6rHuQyWxm4UBZCBrv9rcBy0x82tWU=
Subject key identifier: 92:D7:A9:48:91:7B:70:7D:7B:BC:A5:59:77:62:83:D7:58:D9:89:39
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 52F9A8022A96F6AE569632D02C6BE1C4865ADA7B
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS214016.roa
Signing time: Sat 29 Mar 2025 04:55:18 +0000
ROA not before: Sat 29 Mar 2025 04:50:18 +0000
ROA not after: Sat 28 Mar 2026 04:55:18 +0000
asID: 214016
IP address blocks: 141.11.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:f9:a8:02:2a:96:f6:ae:56:96:32:d0:2c:6b:e1:c4:86:5a:da:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Mar 29 04:50:18 2025 GMT
Not After : Mar 28 04:55:18 2026 GMT
Subject: CN=92D7A948917B707D7BBCA559776283D758D98939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:7f:e2:fc:17:50:30:d4:f7:3e:b0:d5:32:ca:
5e:38:f9:41:47:6b:e0:f6:84:06:ad:8f:d2:8a:4a:
b2:1b:50:8b:76:fc:ef:c7:53:e2:8d:1f:d4:f7:17:
bd:e8:14:69:80:27:ba:c2:e1:fd:9f:44:5f:25:52:
b8:dd:d5:98:03:ca:58:50:0b:f7:37:5a:65:62:4c:
9e:1a:3b:b9:b5:52:48:b3:4b:a1:67:81:8a:b3:eb:
53:f5:0d:14:af:05:4a:ef:f0:7f:57:da:73:d1:c7:
c4:dc:7a:35:52:14:d0:1b:9b:84:a7:09:cc:55:bd:
4a:27:66:3d:0b:4a:d8:8a:ed:9c:00:ed:93:b6:9d:
0d:cc:e0:ca:5e:18:e4:ac:55:1a:96:6e:10:7c:8d:
77:d1:d6:8d:09:f1:cd:1f:b8:e9:e6:bd:25:be:fb:
07:34:98:18:f6:17:6d:5f:8c:b5:78:03:f1:05:ea:
aa:c1:c2:35:70:4e:20:97:36:f3:1b:ab:9a:9b:42:
40:07:a4:b0:78:04:79:a3:4e:92:ea:4d:5b:81:24:
ec:8e:57:0b:53:b3:6c:e5:6b:07:ce:67:28:a1:6f:
62:53:df:a6:df:a4:88:4a:62:7a:3f:8a:f9:77:28:
57:cf:ad:3f:21:88:e1:26:79:01:0e:47:44:cb:a4:
3c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:D7:A9:48:91:7B:70:7D:7B:BC:A5:59:77:62:83:D7:58:D9:89:39
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS214016.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.205.0/24
Signature Algorithm: sha256WithRSAEncryption
92:69:01:75:3e:c4:47:f4:29:93:67:66:35:bd:0b:77:bb:36:
91:52:d1:bc:1e:22:a5:84:75:a1:36:3a:0c:a2:9b:22:bf:dc:
6c:5a:f3:b7:17:29:d6:2d:cb:62:b5:1b:ea:13:f1:d1:93:ee:
94:4c:5c:72:e3:c9:30:a7:b8:35:3d:9e:af:88:79:7b:b5:0b:
28:d1:fa:7a:ca:ec:79:14:93:cc:15:ca:ef:7a:b9:73:c2:e3:
b9:29:bd:ac:a0:27:15:65:5b:06:c3:84:2c:33:6a:30:ba:87:
a5:20:06:98:2d:40:58:ca:50:42:7c:9e:e7:63:82:a3:24:89:
05:f2:01:41:36:cb:ca:68:26:9f:66:46:ec:b6:d9:7c:cc:64:
16:e8:86:61:0d:b0:08:57:d8:dc:43:17:7b:f5:f4:1f:bd:15:
85:55:e5:6e:61:a0:b4:f9:6a:7d:54:ec:71:dc:32:76:95:99:
f1:ac:ea:01:a9:cf:c2:f7:37:b9:30:94:56:f8:e2:85:28:61:
b7:87:3d:0c:8f:f4:da:b9:15:aa:88:be:6b:ab:dd:87:aa:81:
b6:01:95:47:f0:a7:6f:b1:79:ab:1d:16:70:e3:94:22:30:34:
c7:7b:37:4d:dd:9c:05:25:92:e6:16:d1:6a:7e:6b:3c:2e:09:
57:9b:4b:9b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUUvmoAiqW9q5WljLQLGvhxIZa2nswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTAzMjkwNDUwMThaFw0yNjAzMjgwNDU1MThaMDMxMTAvBgNV
BAMTKDkyRDdBOTQ4OTE3QjcwN0Q3QkJDQTU1OTc3NjI4M0Q3NThEOTg5MzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEf+L8F1Aw1Pc+sNUyyl44+UFH
a+D2hAatj9KKSrIbUIt2/O/HU+KNH9T3F73oFGmAJ7rC4f2fRF8lUrjd1ZgDylhQ
C/c3WmViTJ4aO7m1UkizS6FngYqz61P1DRSvBUrv8H9X2nPRx8TcejVSFNAbm4Sn
CcxVvUonZj0LStiK7ZwA7ZO2nQ3M4MpeGOSsVRqWbhB8jXfR1o0J8c0fuOnmvSW+
+wc0mBj2F21fjLV4A/EF6qrBwjVwTiCXNvMbq5qbQkAHpLB4BHmjTpLqTVuBJOyO
VwtTs2zlawfOZyihb2JT36bfpIhKYno/ivl3KFfPrT8hiOEmeQEOR0TLpDyzAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUktepSJF7cH17vKVZd2KD11jZiTkwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjE0MDE2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjQvN
MA0GCSqGSIb3DQEBCwUAA4IBAQCSaQF1PsRH9CmTZ2Y1vQt3uzaRUtG8HiKlhHWh
NjoMopsiv9xsWvO3FynWLctitRvqE/HRk+6UTFxy48kwp7g1PZ6viHl7tQso0fp6
yux5FJPMFcrverlzwuO5Kb2soCcVZVsGw4QsM2owuoelIAaYLUBYylBCfJ7nY4Kj
JIkF8gFBNsvKaCafZkbsttl8zGQW6IZhDbAIV9jcQxd79fQfvRWFVeVuYaC0+Wp9
VOxx3DJ2lZnxrOoBqc/C9ze5MJRW+OKFKGG3hz0Mj/TauRWqiL5rq92HqoG2AZVH
8KdvsXmrHRZw45QiMDTHezdN3ZwFJZLmFtFqfms8LglXm0ub
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:30:19 2025 by rpki-client