Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS214025.roa
File: AS214025.roa (raw, json)
Hash identifier: hb5Q6MKbcBjGj66gyyGxyZgt/fFcPseKv/AKz4lLqf4=
Subject key identifier: 2C:55:25:CC:12:E8:C9:11:CB:A2:64:04:B2:A1:6A:E4:2D:DB:79:B7
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 603BFEE35BAAEEAE55D2B2F25AC85F94581C7E09
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS214025.roa
Signing time: Mon 28 Oct 2024 11:30:40 +0000
ROA not before: Mon 28 Oct 2024 11:25:40 +0000
ROA not after: Mon 27 Oct 2025 11:30:40 +0000
asID: 214025
IP address blocks: 141.11.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:3b:fe:e3:5b:aa:ee:ae:55:d2:b2:f2:5a:c8:5f:94:58:1c:7e:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Oct 28 11:25:40 2024 GMT
Not After : Oct 27 11:30:40 2025 GMT
Subject: CN=2C5525CC12E8C911CBA26404B2A16AE42DDB79B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:1d:39:7b:cb:0c:ef:e2:bb:ff:70:a8:af:f2:
37:4d:7a:c9:da:03:db:9b:93:c8:3c:b8:ab:30:ec:
85:3b:12:d4:d6:42:69:99:16:bc:a5:53:ff:2f:d7:
7d:6f:4f:bb:d6:dc:e3:f4:a4:2c:2f:82:c9:f2:1b:
6e:7f:54:f7:e7:85:18:65:31:60:bc:bd:9f:98:ad:
2c:97:b6:04:56:69:5d:e2:05:64:ae:e3:cf:d9:0e:
64:74:57:86:4d:c0:13:ea:95:c0:68:d3:5c:54:9d:
2e:a3:4a:34:19:24:9e:77:ae:ee:76:c6:97:bf:b1:
2c:eb:35:be:cd:ee:8d:a8:05:fc:ea:03:64:7a:5a:
1b:20:6d:c1:b2:ae:c5:b5:69:0b:6f:09:71:49:d5:
5f:69:99:aa:6e:5d:0a:dd:69:6d:08:18:97:5d:84:
c1:53:da:4f:92:2e:84:82:a9:ac:ac:17:e4:e6:fc:
7c:22:60:8d:c8:53:7d:8b:e6:a8:a0:10:71:9b:d5:
ea:f5:cc:68:dc:cc:61:14:6a:ab:24:3a:0f:79:b5:
73:8c:82:fb:80:c3:e7:a2:b0:3b:2c:c5:29:9e:48:
7f:27:ed:ca:c0:b3:e3:83:50:ba:10:3f:cc:cd:16:
d8:69:a8:c5:79:9d:29:36:37:f2:0c:df:b9:fa:92:
73:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:55:25:CC:12:E8:C9:11:CB:A2:64:04:B2:A1:6A:E4:2D:DB:79:B7
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS214025.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.245.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:0c:59:40:01:29:3f:7a:83:7b:6f:a1:7d:44:e2:ef:27:79:
ff:76:7e:a4:8d:4e:c2:e0:2c:48:2a:c0:52:65:45:be:60:dc:
d3:25:69:40:fd:b4:35:1b:60:8d:26:6c:4e:29:09:4f:41:81:
01:8e:43:d7:74:98:1d:33:ff:30:2e:c1:33:7e:72:3f:e3:22:
c5:c7:02:5b:26:0f:78:d3:b9:0b:5f:e6:36:25:77:b8:57:0c:
06:11:d3:c6:9d:a3:60:0a:0d:94:23:01:1a:d3:de:83:86:8c:
35:6a:21:77:cc:56:61:4f:c5:49:89:0f:90:b4:88:cf:9e:4f:
ee:49:7c:4a:3d:83:56:8a:ab:e5:7b:3e:23:8c:3f:d4:5b:be:
b8:2c:43:8a:fb:76:ef:c3:6a:b5:23:b0:80:22:c3:e8:a7:cc:
05:ba:1b:a9:45:eb:18:c6:9a:72:0b:69:78:0c:f0:05:a3:01:
3e:7e:1d:08:4f:a8:59:9b:3e:b5:45:a1:bb:1c:b8:20:d1:de:
02:a5:77:13:dc:6a:8e:aa:a9:55:c4:6d:26:15:da:46:e7:70:
17:ee:45:9e:1e:98:fe:5f:4b:a8:d4:a5:b9:6e:54:da:01:54:
b2:01:e7:56:b0:ca:7c:93:f4:7e:c6:b3:2d:88:01:61:5c:bc:
ba:2a:79:f6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUYDv+41uq7q5V0rLyWshflFgcfgkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDEwMjgxMTI1NDBaFw0yNTEwMjcxMTMwNDBaMDMxMTAvBgNV
BAMTKDJDNTUyNUNDMTJFOEM5MTFDQkEyNjQwNEIyQTE2QUU0MkREQjc5QjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKHTl7ywzv4rv/cKiv8jdNesna
A9ubk8g8uKsw7IU7EtTWQmmZFrylU/8v131vT7vW3OP0pCwvgsnyG25/VPfnhRhl
MWC8vZ+YrSyXtgRWaV3iBWSu48/ZDmR0V4ZNwBPqlcBo01xUnS6jSjQZJJ53ru52
xpe/sSzrNb7N7o2oBfzqA2R6WhsgbcGyrsW1aQtvCXFJ1V9pmapuXQrdaW0IGJdd
hMFT2k+SLoSCqaysF+Tm/HwiYI3IU32L5qigEHGb1er1zGjczGEUaqskOg95tXOM
gvuAw+eisDssxSmeSH8n7crAs+ODULoQP8zNFthpqMV5nSk2N/IM37n6knPVAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQULFUlzBLoyRHLomQEsqFq5C3bebcwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjQv1
MA0GCSqGSIb3DQEBCwUAA4IBAQCwDFlAASk/eoN7b6F9ROLvJ3n/dn6kjU7C4CxI
KsBSZUW+YNzTJWlA/bQ1G2CNJmxOKQlPQYEBjkPXdJgdM/8wLsEzfnI/4yLFxwJb
Jg9407kLX+Y2JXe4VwwGEdPGnaNgCg2UIwEa096Dhow1aiF3zFZhT8VJiQ+QtIjP
nk/uSXxKPYNWiqvlez4jjD/UW764LEOK+3bvw2q1I7CAIsPop8wFuhupResYxppy
C2l4DPAFowE+fh0IT6hZmz61RaG7HLgg0d4CpXcT3GqOqqlVxG0mFdpG53AX7kWe
Hpj+X0uo1KW5blTaAVSyAedWsMp8k/R+xrMtiAFhXLy6Knn2
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:14:40 2024 by rpki-client on console-ams.rpki-client.org