Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS29066.roa
File: AS29066.roa (raw, json)
Hash identifier: KjbSmFNPmvb3jo8KvfmwG+C88F/VsjGlDxnVltV1kpw=
Subject key identifier: 06:9F:51:EA:1B:62:80:96:34:2A:5E:DD:DD:3E:77:29:9E:2F:3E:62
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 4C880DDF66FA93058A0351FEAFD0453B23F6EE66
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS29066.roa
Signing time: Wed 05 Jun 2024 08:11:26 +0000
ROA not before: Wed 05 Jun 2024 08:06:26 +0000
ROA not after: Wed 04 Jun 2025 08:11:26 +0000
asID: 29066
IP address blocks: 141.11.54.0/23 maxlen: 23
141.11.162.0/23 maxlen: 23
141.11.206.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:88:0d:df:66:fa:93:05:8a:03:51:fe:af:d0:45:3b:23:f6:ee:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Jun 5 08:06:26 2024 GMT
Not After : Jun 4 08:11:26 2025 GMT
Subject: CN=069F51EA1B628096342A5EDDDD3E77299E2F3E62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f0:0b:4f:7a:62:20:61:c2:40:43:17:15:92:
b8:3f:58:9f:7f:38:6c:a5:ee:47:5c:1d:af:c6:4d:
14:08:03:32:51:1b:a6:b2:33:34:98:ed:0f:71:24:
56:0d:4a:1e:80:22:16:22:89:82:75:f2:5c:14:ba:
76:ca:b8:fe:9a:5a:25:22:6b:37:84:22:ca:1d:89:
19:96:5b:b7:7e:27:32:05:d2:1e:3a:db:4d:5e:31:
70:e4:5c:32:b7:0a:49:d4:75:4a:11:d8:c0:c2:95:
0d:aa:91:8a:c4:65:53:84:7b:08:4f:dc:8b:46:1c:
af:90:bc:28:7e:63:6e:35:ff:03:8c:d1:f8:32:3e:
e7:c1:2d:97:a0:7b:c3:27:f3:d7:82:7f:b7:ef:c2:
41:a4:67:6d:53:9a:7e:dd:60:c5:f8:dc:90:e9:ad:
1a:53:58:67:89:67:fb:28:64:08:01:db:db:3c:09:
dc:93:b8:cf:20:9f:62:07:f6:89:40:45:be:8b:ff:
f7:cc:38:58:f3:f8:af:c6:3a:82:af:1b:89:d1:1d:
51:5f:5e:db:9b:c9:20:21:54:b6:24:f4:a6:41:8e:
62:68:e0:ef:0a:7a:68:41:3c:8b:6e:20:1f:63:28:
47:7a:0f:c8:09:88:ed:60:87:5a:44:85:03:28:a7:
15:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:9F:51:EA:1B:62:80:96:34:2A:5E:DD:DD:3E:77:29:9E:2F:3E:62
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS29066.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.54.0/23
141.11.162.0/23
141.11.206.0/23
Signature Algorithm: sha256WithRSAEncryption
38:aa:59:af:96:17:e3:c0:df:75:af:2c:2c:73:e4:bf:c9:5c:
a2:48:c8:25:8a:53:d7:1a:ce:1c:6b:c9:73:e1:c6:34:5a:67:
33:2b:d0:50:e4:a3:b2:f1:af:ff:2f:d3:38:5e:ec:3a:aa:f6:
13:45:62:af:f4:a0:c6:d9:3e:0a:0e:a8:17:d6:8d:88:bd:15:
14:aa:e6:d8:86:b5:37:3a:69:94:67:f8:c7:30:0a:7e:57:9c:
19:0f:8c:b3:fa:2a:cb:14:96:b3:5b:13:f4:fa:33:88:a6:bc:
f8:5d:b3:43:b7:dc:42:be:35:69:5b:a6:4c:c1:d3:54:eb:bc:
27:16:a3:91:b8:07:3b:ef:09:bb:49:aa:52:c1:5a:43:8a:45:
21:ab:b8:25:41:f2:4e:57:bb:e7:bb:4b:b9:f2:95:9b:b6:51:
af:f1:d5:9c:85:5a:4a:3b:c3:80:7e:77:a0:31:bd:4f:f6:bf:
10:82:2e:ae:f8:b6:02:46:fb:3a:81:3c:9b:02:57:33:5d:29:
51:ba:5e:15:c6:66:76:e6:e3:40:44:03:11:e8:c9:4a:46:18:
c2:06:1c:4f:a4:c6:44:66:08:5b:25:52:ae:47:87:c0:8f:ea:
d9:11:8f:ac:95:d7:6d:98:3a:16:9d:83:53:54:92:57:4d:de:
3a:f1:d5:8d
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUTIgN32b6kwWKA1H+r9BFOyP27mYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDA2MDUwODA2MjZaFw0yNTA2MDQwODExMjZaMDMxMTAvBgNV
BAMTKDA2OUY1MUVBMUI2MjgwOTYzNDJBNUVEREREM0U3NzI5OUUyRjNFNjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe8AtPemIgYcJAQxcVkrg/WJ9/
OGyl7kdcHa/GTRQIAzJRG6ayMzSY7Q9xJFYNSh6AIhYiiYJ18lwUunbKuP6aWiUi
azeEIsodiRmWW7d+JzIF0h46201eMXDkXDK3CknUdUoR2MDClQ2qkYrEZVOEewhP
3ItGHK+QvCh+Y241/wOM0fgyPufBLZege8Mn89eCf7fvwkGkZ21Tmn7dYMX43JDp
rRpTWGeJZ/soZAgB29s8CdyTuM8gn2IH9olARb6L//fMOFjz+K/GOoKvG4nRHVFf
XtubySAhVLYk9KZBjmJo4O8KemhBPItuIB9jKEd6D8gJiO1gh1pEhQMopxUTAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUBp9R6htigJY0Kl7d3T53KZ4vPmIwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjkwNjYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAGNCzYD
BAGNC6IDBAGNC84wDQYJKoZIhvcNAQELBQADggEBADiqWa+WF+PA33WvLCxz5L/J
XKJIyCWKU9cazhxryXPhxjRaZzMr0FDko7Lxr/8v0zhe7Dqq9hNFYq/0oMbZPgoO
qBfWjYi9FRSq5tiGtTc6aZRn+McwCn5XnBkPjLP6KssUlrNbE/T6M4imvPhds0O3
3EK+NWlbpkzB01TrvCcWo5G4BzvvCbtJqlLBWkOKRSGruCVB8k5Xu+e7S7nylZu2
Ua/x1ZyFWko7w4B+d6AxvU/2vxCCLq74tgJG+zqBPJsCVzNdKVG6XhXGZnbm40BE
AxHoyUpGGMIGHE+kxkRmCFslUq5Hh8CP6tkRj6yV122YOhadg1NUkldN3jrx1Y0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:37:21 2024 by rpki-client on console-fra.rpki-client.org