Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS214154.roa
File: AS214154.roa (raw, json)
Hash identifier: ZyEtfCKW94mQScMiEoTMV/sj0kINlE3Xg3cR/yXIBjs=
Subject key identifier: 06:7B:BE:EA:33:E7:CE:B4:7D:72:AD:B4:E1:32:4C:CC:4D:49:E7:68
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 3ECBFC768FD397456E7F6ACF171CDB8CB85E577C
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS214154.roa
Signing time: Thu 26 Sep 2024 14:06:02 +0000
ROA not before: Thu 26 Sep 2024 14:01:02 +0000
ROA not after: Thu 25 Sep 2025 14:06:02 +0000
asID: 214154
IP address blocks: 141.11.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:cb:fc:76:8f:d3:97:45:6e:7f:6a:cf:17:1c:db:8c:b8:5e:57:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Sep 26 14:01:02 2024 GMT
Not After : Sep 25 14:06:02 2025 GMT
Subject: CN=067BBEEA33E7CEB47D72ADB4E1324CCC4D49E768
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:50:98:dd:c8:92:3c:12:04:c2:fd:36:2c:63:
53:90:0d:44:e1:f4:86:eb:60:b6:f6:68:c0:6d:a2:
a2:7b:b6:6a:7b:4f:87:34:67:6c:7b:3e:7f:b6:aa:
73:84:43:68:0a:ce:6f:46:f2:d4:b2:a6:89:5f:6e:
78:ba:43:64:5a:0d:77:5c:fc:34:ed:a8:a0:19:cf:
ed:27:5b:91:67:87:29:19:79:5a:01:dd:7b:5a:0a:
c5:6b:b2:6e:2a:40:c0:ab:5a:df:6b:85:89:dd:d8:
c0:ef:e7:62:3b:c1:f6:46:b4:4b:6b:df:3a:b5:b5:
11:8f:f6:2e:f0:ac:62:53:e0:75:56:d1:16:77:6b:
38:c3:94:cd:27:f0:e6:98:f5:26:e7:e7:50:9a:c9:
fe:a9:cb:5d:47:5e:f4:ba:c5:8d:2d:d7:c3:aa:5e:
8d:cb:ba:02:54:11:cf:dc:a5:40:10:4d:06:ed:cf:
a7:43:e7:62:40:47:5c:58:09:57:37:92:7f:86:e0:
e2:8b:2f:8c:eb:32:d8:ee:11:1e:9e:c3:25:72:7c:
49:50:9b:d1:84:91:6d:9d:ea:f5:33:12:9a:70:84:
d8:2a:b8:46:c8:f9:6c:9a:dd:3b:53:4b:25:2c:f1:
45:3f:6b:84:92:0c:9e:0e:5b:f7:ec:65:17:2b:71:
89:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:7B:BE:EA:33:E7:CE:B4:7D:72:AD:B4:E1:32:4C:CC:4D:49:E7:68
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS214154.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.114.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:ab:e4:e7:8e:90:d7:e5:61:53:d0:d1:aa:b2:1d:9a:2d:45:
38:15:2f:5b:ce:2b:25:8d:3b:22:15:52:6e:28:0f:12:84:0f:
a6:30:25:0e:88:94:e5:02:79:68:91:23:83:14:04:1e:b1:99:
2f:f5:c2:bf:af:0f:40:4d:b5:ed:1a:ea:f5:71:72:b4:3e:87:
f8:19:89:d0:fd:86:2d:1f:1c:e9:7c:16:7f:34:84:1a:15:ca:
b1:e2:59:e4:63:33:67:76:d7:10:9f:4b:cd:31:57:47:bc:a2:
2a:90:2e:12:f1:21:84:5e:c9:ab:0b:f1:44:b4:ef:d3:ef:fc:
c2:be:a4:76:77:6a:80:09:1d:f7:4d:63:9e:0a:a3:db:d8:e2:
33:72:2b:22:f1:14:15:50:4b:4b:e1:4a:66:c4:2a:66:b0:8e:
e2:64:30:ed:8b:6a:ff:82:a8:55:17:e4:a2:40:01:ad:22:ad:
64:e5:94:fb:fd:47:b4:11:eb:7e:fd:ab:4c:08:51:65:88:95:
73:ea:a1:3e:b0:95:02:86:d0:06:ae:a0:a3:05:61:15:d8:d5:
b5:8a:b0:03:d3:ca:d6:a6:3d:23:57:18:7f:f0:92:e5:d9:29:
af:3d:1c:59:4d:4d:95:78:d6:71:8e:9d:8d:e5:cd:2c:1f:cc:
af:95:dc:ac
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUPsv8do/Tl0Vuf2rPFxzbjLheV3wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDA5MjYxNDAxMDJaFw0yNTA5MjUxNDA2MDJaMDMxMTAvBgNV
BAMTKDA2N0JCRUVBMzNFN0NFQjQ3RDcyQURCNEUxMzI0Q0NDNEQ0OUU3NjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUUJjdyJI8EgTC/TYsY1OQDUTh
9IbrYLb2aMBtoqJ7tmp7T4c0Z2x7Pn+2qnOEQ2gKzm9G8tSypolfbni6Q2RaDXdc
/DTtqKAZz+0nW5FnhykZeVoB3XtaCsVrsm4qQMCrWt9rhYnd2MDv52I7wfZGtEtr
3zq1tRGP9i7wrGJT4HVW0RZ3azjDlM0n8OaY9Sbn51Cayf6py11HXvS6xY0t18Oq
Xo3LugJUEc/cpUAQTQbtz6dD52JAR1xYCVc3kn+G4OKLL4zrMtjuER6ewyVyfElQ
m9GEkW2d6vUzEppwhNgquEbI+Wya3TtTSyUs8UU/a4SSDJ4OW/fsZRcrcYkpAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUBnu+6jPnzrR9cq204TJMzE1J52gwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjE0MTU0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjQty
MA0GCSqGSIb3DQEBCwUAA4IBAQCLq+TnjpDX5WFT0NGqsh2aLUU4FS9bzisljTsi
FVJuKA8ShA+mMCUOiJTlAnlokSODFAQesZkv9cK/rw9ATbXtGur1cXK0Pof4GYnQ
/YYtHxzpfBZ/NIQaFcqx4lnkYzNndtcQn0vNMVdHvKIqkC4S8SGEXsmrC/FEtO/T
7/zCvqR2d2qACR33TWOeCqPb2OIzcisi8RQVUEtL4UpmxCpmsI7iZDDti2r/gqhV
F+SiQAGtIq1k5ZT7/Ue0Eet+/atMCFFliJVz6qE+sJUChtAGrqCjBWEV2NW1irAD
08rWpj0jVxh/8JLl2SmvPRxZTU2VeNZxjp2N5c0sH8yvldys
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:16:54 2025 by rpki-client