Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS215304.roa
File: AS215304.roa (raw, json)
Hash identifier: 2J+OyfuxGUhy/fPMKLFpF+vA+YDE+tq0A6oXTxMBDFY=
Subject key identifier: D4:5A:8D:8B:91:1C:65:3F:79:5F:CE:CA:07:FA:8A:4C:62:A8:0D:29
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 7C277DDC6523A4D434D152185C26276144FEABE2
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS215304.roa
Signing time: Mon 28 Oct 2024 11:30:40 +0000
ROA not before: Mon 28 Oct 2024 11:25:40 +0000
ROA not after: Mon 27 Oct 2025 11:30:40 +0000
asID: 215304
IP address blocks: 141.11.240.0/24 maxlen: 24
141.11.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:27:7d:dc:65:23:a4:d4:34:d1:52:18:5c:26:27:61:44:fe:ab:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Oct 28 11:25:40 2024 GMT
Not After : Oct 27 11:30:40 2025 GMT
Subject: CN=D45A8D8B911C653F795FCECA07FA8A4C62A80D29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1e:5e:93:0c:5c:f8:b1:15:62:26:3a:46:e6:
fa:8d:93:d8:f0:ca:b7:4c:f5:7c:17:2e:56:ad:27:
68:d7:ae:6f:81:5e:3e:fd:08:42:d2:93:fa:90:95:
0c:70:f9:cf:e0:fa:93:51:f8:10:05:d6:aa:05:bf:
9d:2e:3b:35:32:86:3f:36:cf:cd:a4:09:dd:5c:5a:
c8:5d:b8:0a:84:47:db:0b:bd:7b:ed:fa:d3:25:f0:
59:ca:dc:dc:fa:c5:29:e4:ec:be:29:3c:52:e0:af:
f8:d1:f3:08:72:60:35:89:67:d6:de:fa:1c:6f:42:
88:68:c8:7c:e2:bf:b8:64:1f:82:23:cf:87:c7:ff:
c1:20:ff:7e:ad:20:26:1f:22:44:d4:24:e2:24:0a:
93:9b:35:8e:d6:ae:fc:da:7e:cf:69:36:68:88:1b:
ff:2a:91:f0:44:29:44:65:47:f2:bd:ac:62:6b:d5:
ed:f1:d8:d8:a7:8b:f2:07:eb:07:d0:be:6f:70:79:
a5:0c:46:ea:7f:e3:3b:e4:aa:bf:0c:b1:e9:46:71:
37:51:cb:a6:82:4c:70:cd:69:fd:8a:29:18:29:3d:
b6:ca:a0:d1:09:62:99:a7:dc:4f:5c:1b:ef:6d:07:
b6:99:6a:20:3a:5e:35:2a:41:be:b3:0c:0f:6c:2c:
9b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:5A:8D:8B:91:1C:65:3F:79:5F:CE:CA:07:FA:8A:4C:62:A8:0D:29
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS215304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.240.0/24
141.11.245.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:f5:2d:54:ec:b3:5a:be:f4:fe:5f:7b:c6:b1:13:7a:e0:62:
b5:40:89:d3:8c:02:8e:fc:10:2e:ba:aa:59:be:59:ab:44:9c:
f0:81:e9:30:94:ef:69:f6:b1:0b:08:0b:da:d1:0d:ab:aa:bd:
ba:3b:1c:83:63:31:da:ea:09:20:7d:bd:46:f3:91:16:28:73:
7d:7f:91:58:ee:0d:3f:dd:b8:6d:a1:03:38:cc:65:a0:c7:3e:
e3:56:14:40:3b:98:45:5a:91:df:4a:fd:c6:b7:89:07:67:d7:
8c:c5:71:ee:2e:1c:87:74:a3:1d:06:16:04:df:fa:3e:3f:fa:
8b:07:d6:1d:5e:85:3d:1b:81:9a:d9:4f:af:7d:25:30:3e:dc:
89:08:25:bd:b4:38:f4:6b:3a:a2:2b:e6:41:13:d1:9b:16:fc:
68:0a:4c:f3:f9:f1:88:84:07:e1:d3:13:f8:0d:9c:6b:e5:07:
d3:97:ce:b5:7f:bc:bc:f8:2d:ff:4f:f0:e5:b6:11:a7:d1:b5:
d9:52:1e:ff:2d:fa:ce:b8:da:0e:04:6b:75:5b:33:e7:ba:36:
d3:c0:29:86:26:33:10:3c:7f:e0:e1:92:e9:00:8e:87:e7:55:
33:d6:e6:d2:d0:db:e2:8c:f5:11:4b:9b:05:5a:43:e7:32:73:
bb:cc:ec:e4
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUfCd93GUjpNQ00VIYXCYnYUT+q+IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDEwMjgxMTI1NDBaFw0yNTEwMjcxMTMwNDBaMDMxMTAvBgNV
BAMTKEQ0NUE4RDhCOTExQzY1M0Y3OTVGQ0VDQTA3RkE4QTRDNjJBODBEMjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVHl6TDFz4sRViJjpG5vqNk9jw
yrdM9XwXLlatJ2jXrm+BXj79CELSk/qQlQxw+c/g+pNR+BAF1qoFv50uOzUyhj82
z82kCd1cWshduAqER9sLvXvt+tMl8FnK3Nz6xSnk7L4pPFLgr/jR8whyYDWJZ9be
+hxvQohoyHziv7hkH4Ijz4fH/8Eg/36tICYfIkTUJOIkCpObNY7Wrvzafs9pNmiI
G/8qkfBEKURlR/K9rGJr1e3x2Nini/IH6wfQvm9weaUMRup/4zvkqr8MselGcTdR
y6aCTHDNaf2KKRgpPbbKoNEJYpmn3E9cG+9tB7aZaiA6XjUqQb6zDA9sLJsvAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQU1FqNi5EcZT95X87KB/qKTGKoDSkwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjE1MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjQvw
AwQAjQv1MA0GCSqGSIb3DQEBCwUAA4IBAQAM9S1U7LNavvT+X3vGsRN64GK1QInT
jAKO/BAuuqpZvlmrRJzwgekwlO9p9rELCAva0Q2rqr26OxyDYzHa6gkgfb1G85EW
KHN9f5FY7g0/3bhtoQM4zGWgxz7jVhRAO5hFWpHfSv3Gt4kHZ9eMxXHuLhyHdKMd
BhYE3/o+P/qLB9YdXoU9G4Ga2U+vfSUwPtyJCCW9tDj0azqiK+ZBE9GbFvxoCkzz
+fGIhAfh0xP4DZxr5QfTl861f7y8+C3/T/DlthGn0bXZUh7/LfrOuNoOBGt1WzPn
ujbTwCmGJjMQPH/g4ZLpAI6H51Uz1ubS0NvijPURS5sFWkPnMnO7zOzk
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:37:21 2024 by rpki-client on console-fra.rpki-client.org