Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS216022.roa
File: AS216022.roa (raw, json)
Hash identifier: /TRjlzK9vntYWXML0XafKbeGyvpJ1NNg7DkfcWlZzCk=
Subject key identifier: F9:C6:24:A7:8C:91:10:95:7A:52:E6:0B:1A:D0:99:81:E3:B4:03:14
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 010D3624B53B124B937B54C41F3BA0AD0325DD31
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS216022.roa
Signing time: Mon 04 Nov 2024 14:34:33 +0000
ROA not before: Mon 04 Nov 2024 14:29:33 +0000
ROA not after: Mon 03 Nov 2025 14:34:33 +0000
asID: 216022
IP address blocks: 141.11.32.0/24 maxlen: 24
141.11.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:36:24:b5:3b:12:4b:93:7b:54:c4:1f:3b:a0:ad:03:25:dd:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Nov 4 14:29:33 2024 GMT
Not After : Nov 3 14:34:33 2025 GMT
Subject: CN=F9C624A78C9110957A52E60B1AD09981E3B40314
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:66:0e:3f:f2:ab:62:0a:d6:b2:86:cb:15:2f:
b3:cd:85:ed:6e:a0:d6:e5:c2:08:7a:0a:f5:e6:e7:
89:c5:50:c3:c5:e4:3a:ca:dd:5c:d4:ab:3e:6a:ef:
ca:f4:ad:75:d7:3e:99:1f:a7:32:56:1d:e7:42:05:
06:88:f3:66:c7:d1:9f:21:eb:a8:a6:52:c8:1a:9d:
06:c0:57:05:e5:f4:71:9f:e7:04:4f:c1:5c:06:c5:
e8:18:13:e2:46:58:52:d7:3b:52:1e:7e:6c:e4:4d:
7a:fd:07:02:ca:6a:59:fd:76:97:a7:c8:0d:44:9e:
bc:aa:44:d8:68:43:87:4c:d6:3f:22:f9:a0:d7:a5:
f1:76:75:df:e7:70:d4:37:ff:8f:f9:80:20:77:27:
e6:4e:93:a4:20:b0:b9:f5:59:e7:36:7f:cb:24:1a:
f1:e3:94:69:48:14:ee:33:c7:9c:66:f7:4b:7f:d2:
84:10:9e:86:f7:e9:7d:ba:c6:16:59:a4:12:bc:c8:
ab:50:4d:9b:be:16:10:d4:81:8b:c2:6a:a6:dc:98:
6c:7d:4b:3d:14:5b:bf:fb:a1:6c:e7:ef:31:96:65:
36:4d:8c:14:3b:75:b5:2a:f6:27:a7:9a:70:47:ef:
97:3e:0e:cd:b3:4e:04:6b:32:79:d7:2a:d6:ae:98:
39:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:C6:24:A7:8C:91:10:95:7A:52:E6:0B:1A:D0:99:81:E3:B4:03:14
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS216022.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.32.0/24
141.11.60.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:02:2c:a7:82:12:fb:e7:e5:7a:3d:05:75:1d:2b:58:e9:91:
b2:be:24:b4:f9:7c:e0:aa:67:1c:f2:21:63:33:55:41:13:16:
bb:74:53:8d:c4:9f:bd:de:90:a3:21:b1:f5:a0:d1:9c:69:26:
5c:3e:b8:e0:32:8b:d0:79:b9:75:07:4b:e5:9f:e2:68:91:2f:
ab:9e:82:5a:65:93:60:23:5b:02:a1:e8:03:e4:2c:8a:39:fa:
b4:a4:bf:2b:b4:b0:8d:7a:4d:b9:b1:56:b1:72:33:6b:7c:b2:
22:a7:0a:75:f0:04:67:1b:b5:72:2a:c1:35:4c:f7:2c:74:e0:
56:0c:a1:b7:b3:51:c2:25:ef:45:ab:50:ff:b7:f5:34:3a:da:
6f:68:7a:ec:7b:1b:1e:b6:d4:dd:eb:16:d4:ab:0b:9a:4f:bb:
ee:bf:cc:10:0e:78:04:da:99:3b:86:cf:51:c3:76:79:63:01:
c9:c5:20:14:5b:60:e5:33:90:da:11:d7:86:b3:b8:b9:e7:66:
ca:d7:46:58:2d:bc:bd:77:60:47:4a:41:d0:77:50:09:05:10:
8a:73:47:ec:fb:0f:5f:f8:6b:e4:f7:cc:44:a6:3c:61:6d:a9:
49:1d:ec:9c:a4:ed:65:4f:5e:ed:4c:fc:c9:e0:7e:fc:e6:1f:
1d:7b:54:f2
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUAQ02JLU7EkuTe1TEHzugrQMl3TEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDExMDQxNDI5MzNaFw0yNTExMDMxNDM0MzNaMDMxMTAvBgNV
BAMTKEY5QzYyNEE3OEM5MTEwOTU3QTUyRTYwQjFBRDA5OTgxRTNCNDAzMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyZg4/8qtiCtayhssVL7PNhe1u
oNblwgh6CvXm54nFUMPF5DrK3VzUqz5q78r0rXXXPpkfpzJWHedCBQaI82bH0Z8h
66imUsganQbAVwXl9HGf5wRPwVwGxegYE+JGWFLXO1IefmzkTXr9BwLKaln9dpen
yA1EnryqRNhoQ4dM1j8i+aDXpfF2dd/ncNQ3/4/5gCB3J+ZOk6QgsLn1Wec2f8sk
GvHjlGlIFO4zx5xm90t/0oQQnob36X26xhZZpBK8yKtQTZu+FhDUgYvCaqbcmGx9
Sz0UW7/7oWzn7zGWZTZNjBQ7dbUq9ienmnBH75c+Ds2zTgRrMnnXKtaumDnPAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQU+cYkp4yREJV6UuYLGtCZgeO0AxQwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjE2MDIyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjQsg
AwQAjQs8MA0GCSqGSIb3DQEBCwUAA4IBAQBuAiynghL75+V6PQV1HStY6ZGyviS0
+Xzgqmcc8iFjM1VBExa7dFONxJ+93pCjIbH1oNGcaSZcPrjgMovQebl1B0vln+Jo
kS+rnoJaZZNgI1sCoegD5CyKOfq0pL8rtLCNek25sVaxcjNrfLIipwp18ARnG7Vy
KsE1TPcsdOBWDKG3s1HCJe9Fq1D/t/U0OtpvaHrsexsettTd6xbUqwuaT7vuv8wQ
DngE2pk7hs9Rw3Z5YwHJxSAUW2DlM5DaEdeGs7i552bK10ZYLby9d2BHSkHQd1AJ
BRCKc0fs+w9f+Gvk98xEpjxhbalJHeycpO1lT17tTPzJ4H785h8de1Ty
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:59:16 2024 by rpki-client on console-ams.rpki-client.org