Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS29208.roa
File: AS29208.roa (raw, json)
Hash identifier: FEHaBVYj4H27fVQlsdp7d9T+sgFDaLsBUn47UhUvBhg=
Subject key identifier: 1B:0D:46:8D:C2:77:02:46:1A:2E:DA:B5:72:52:0C:BC:0D:5F:D5:FD
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 102C2A9E4E0AF0C57533BEFBDC1575E49DB6D47E
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS29208.roa
Signing time: Wed 27 Sep 2023 10:08:45 +0000
ROA not before: Wed 27 Sep 2023 10:03:45 +0000
ROA not after: Wed 25 Sep 2024 10:08:45 +0000
asID: 29208
IP address blocks: 141.11.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:2c:2a:9e:4e:0a:f0:c5:75:33:be:fb:dc:15:75:e4:9d:b6:d4:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Sep 27 10:03:45 2023 GMT
Not After : Sep 25 10:08:45 2024 GMT
Subject: CN=1B0D468DC27702461A2EDAB572520CBC0D5FD5FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:95:6f:2e:b7:ac:9e:ff:59:96:97:44:59:43:
4e:ed:0b:ca:52:e0:ca:d7:49:c4:2e:a5:d0:1b:aa:
44:84:a9:83:e6:67:82:cd:3b:f1:f1:74:01:5a:10:
c8:21:2b:7b:99:56:40:00:e9:09:9f:c4:93:2a:38:
3d:3f:b4:80:cd:14:21:c8:e0:e5:96:36:1e:d8:e8:
6c:61:17:db:7c:ce:31:d9:64:40:1d:06:4c:7d:b4:
4d:c9:ca:aa:95:03:66:30:80:26:b5:59:f4:35:c1:
bf:3b:10:70:cd:49:a0:6b:a3:3a:f3:ae:d6:e6:fa:
36:93:06:5b:bc:9f:dc:b0:68:30:49:e5:f3:82:a3:
be:20:74:f0:8c:9e:42:bd:0a:6e:4c:7a:56:e7:79:
05:fe:8d:c4:c1:bb:ef:5c:8f:b6:7a:f3:0b:49:e2:
66:00:5c:9f:46:84:3e:47:be:29:85:84:82:6b:00:
3b:e9:ea:a2:df:b0:b2:95:60:97:db:7f:31:dd:4b:
63:85:e3:37:a6:c4:14:aa:13:58:29:d5:a1:b8:c3:
f5:58:c9:9a:3e:85:1e:be:83:02:13:4e:34:87:10:
55:cb:b6:3f:ef:63:a4:dc:41:8a:7c:39:46:1d:0d:
b8:37:f1:6b:d1:7b:2d:c3:22:d6:42:03:f6:aa:3a:
6b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:0D:46:8D:C2:77:02:46:1A:2E:DA:B5:72:52:0C:BC:0D:5F:D5:FD
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS29208.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.179.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:f8:4c:58:37:31:80:31:1a:fd:ac:fb:b6:75:1c:94:b4:29:
03:c8:d3:74:f3:fa:67:5e:92:1e:03:0b:83:77:5d:be:be:2c:
74:8c:76:4e:2a:99:02:b0:15:bd:f6:86:ae:9b:5e:5b:97:18:
25:9e:ce:be:9d:8f:be:f8:7d:74:2c:3a:9e:43:68:13:58:96:
ee:d1:ed:35:86:05:5e:56:97:8c:86:85:f8:25:8e:1b:a0:9b:
da:08:4c:d1:f3:9e:ae:bf:27:b1:99:2e:10:fe:87:f3:cb:92:
40:68:fb:15:a0:a1:46:07:5d:74:bb:a8:32:de:73:f1:25:73:
24:b9:55:34:20:01:7c:bf:2e:ba:63:2d:ac:ed:38:ee:b2:d3:
64:95:d2:fb:ea:48:e7:de:f2:4b:2b:8f:91:6d:8e:78:f2:07:
7f:1b:0c:1c:6a:0b:ae:d1:2f:f0:e8:ea:85:15:e9:72:2d:f7:
8c:7f:cd:73:ed:a6:1d:c2:a0:8e:9d:4e:92:97:43:a4:4a:8e:
4c:09:33:53:fd:d7:82:c1:a9:9e:9a:69:2c:7e:ac:5d:55:dd:
4d:22:6a:4a:b3:61:13:35:93:5f:1d:1b:4c:09:ef:7c:0f:09:
9e:06:ff:46:e0:71:46:57:f5:63:bf:45:f1:3c:10:ba:e5:15:
15:e7:38:0a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUECwqnk4K8MV1M7773BV15J221H4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzA5MjcxMDAzNDVaFw0yNDA5MjUxMDA4NDVaMDMxMTAvBgNV
BAMTKDFCMEQ0NjhEQzI3NzAyNDYxQTJFREFCNTcyNTIwQ0JDMEQ1RkQ1RkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGlW8ut6ye/1mWl0RZQ07tC8pS
4MrXScQupdAbqkSEqYPmZ4LNO/HxdAFaEMghK3uZVkAA6QmfxJMqOD0/tIDNFCHI
4OWWNh7Y6GxhF9t8zjHZZEAdBkx9tE3JyqqVA2YwgCa1WfQ1wb87EHDNSaBrozrz
rtbm+jaTBlu8n9ywaDBJ5fOCo74gdPCMnkK9Cm5MelbneQX+jcTBu+9cj7Z68wtJ
4mYAXJ9GhD5HvimFhIJrADvp6qLfsLKVYJfbfzHdS2OF4zemxBSqE1gp1aG4w/VY
yZo+hR6+gwITTjSHEFXLtj/vY6TcQYp8OUYdDbg38WvRey3DItZCA/aqOmv7AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUGw1GjcJ3AkYaLtq1clIMvA1f1f0wHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjkyMDgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACNC7Mw
DQYJKoZIhvcNAQELBQADggEBALP4TFg3MYAxGv2s+7Z1HJS0KQPI03Tz+mdekh4D
C4N3Xb6+LHSMdk4qmQKwFb32hq6bXluXGCWezr6dj774fXQsOp5DaBNYlu7R7TWG
BV5Wl4yGhfgljhugm9oITNHznq6/J7GZLhD+h/PLkkBo+xWgoUYHXXS7qDLec/El
cyS5VTQgAXy/LrpjLaztOO6y02SV0vvqSOfe8ksrj5FtjnjyB38bDBxqC67RL/Do
6oUV6XIt94x/zXPtph3CoI6dTpKXQ6RKjkwJM1P914LBqZ6aaSx+rF1V3U0iakqz
YRM1k18dG0wJ73wPCZ4G/0bgcUZX9WO/RfE8ELrlFRXnOAo=
-----END CERTIFICATE-----
Generated at Sun May 5 14:38:07 2024 by rpki-client on console-ams.rpki-client.org