Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS30823.roa
File: AS30823.roa (raw, json)
Hash identifier: lYckd0EH0SYti6OF37n77O4uPL4YXXtnMsn+hXReTb0=
Subject key identifier: 13:E5:26:B0:A4:D7:17:42:0C:11:5E:C3:A2:64:A7:6B:A2:B4:9C:DA
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 4293D9A403E34974F3EDEF6AF2E266E9A7C11F2D
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS30823.roa
Signing time: Wed 05 Jun 2024 14:43:34 +0000
ROA not before: Wed 05 Jun 2024 14:38:34 +0000
ROA not after: Wed 04 Jun 2025 14:43:34 +0000
asID: 30823
IP address blocks: 141.11.62.0/23 maxlen: 24
141.11.164.0/22 maxlen: 24
141.11.180.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:93:d9:a4:03:e3:49:74:f3:ed:ef:6a:f2:e2:66:e9:a7:c1:1f:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Jun 5 14:38:34 2024 GMT
Not After : Jun 4 14:43:34 2025 GMT
Subject: CN=13E526B0A4D717420C115EC3A264A76BA2B49CDA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e6:c6:f6:35:3c:f3:d7:b5:56:8c:5b:73:8f:
d6:e7:28:c7:19:31:6c:a5:f9:e7:de:03:32:f9:76:
a7:90:25:7d:57:76:bb:90:34:79:92:04:86:c9:49:
8d:bd:02:1c:e1:e8:0a:89:ba:29:1b:e1:31:cc:4a:
cb:c1:12:36:e4:0b:b7:55:01:bd:79:d1:89:78:d7:
59:9b:dd:84:f8:34:5c:29:9f:00:c6:56:d9:ae:86:
03:3a:51:c7:97:ea:33:94:41:89:3b:a4:2c:d2:42:
bf:98:07:10:ca:15:85:d1:5a:33:c6:5b:8e:63:fc:
41:6f:b5:cc:0a:db:17:0d:f5:33:48:39:47:86:cf:
ff:8a:c8:b9:a1:17:14:24:5f:82:c9:cb:fc:1a:f9:
41:06:ef:6c:bd:80:70:12:99:6b:8c:73:41:62:b8:
22:25:87:d0:38:c1:fc:f4:54:73:51:1d:d2:ba:c8:
35:0b:0a:60:8d:05:a2:bb:89:f1:c4:e3:ea:46:12:
41:c9:52:02:6f:31:1d:91:f6:3e:d0:f6:98:b6:50:
8e:4e:04:d3:30:29:02:23:35:94:57:f3:5c:57:a1:
c4:c8:d1:34:08:f7:8d:8a:78:b0:0d:ef:7f:50:c8:
5d:7d:00:0b:c5:ea:d4:21:5c:2a:66:ed:6e:57:de:
93:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:E5:26:B0:A4:D7:17:42:0C:11:5E:C3:A2:64:A7:6B:A2:B4:9C:DA
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS30823.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.62.0/23
141.11.164.0/22
141.11.180.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:90:4b:72:20:88:1e:87:95:10:f9:79:62:ae:cf:10:2c:98:
15:13:d2:6d:0c:f1:26:1b:05:d7:46:35:ec:de:6e:f7:71:38:
1d:22:d1:21:22:e8:b4:0c:d6:d1:97:7c:19:e7:9a:07:e7:5b:
21:99:2f:bc:a9:84:66:58:78:2e:4e:32:da:f6:fe:57:18:08:
f1:b1:a2:f7:c6:d1:5f:ea:66:00:93:c5:90:2a:05:ed:c8:20:
03:35:75:50:17:08:5f:d6:32:d1:c9:ac:52:59:59:dc:8c:2c:
7f:a5:c4:04:a7:39:c6:2a:f4:18:30:2a:2a:8a:74:78:1e:44:
61:72:78:d4:85:a4:e3:7f:33:fa:b8:54:56:48:dd:cc:f4:b6:
c5:08:d9:39:b0:0f:d9:bb:a4:ec:44:58:71:9b:e8:34:ac:2a:
d6:2c:3d:16:28:06:ba:40:e4:11:5b:27:db:de:3c:8d:85:a5:
3f:bc:e0:f0:e7:16:b2:e7:b0:ea:79:43:c0:e0:c9:74:d4:1c:
4f:c0:e4:31:1a:d9:f5:24:bc:42:32:c4:b8:3a:df:b0:fc:15:
fb:22:17:1e:1f:e5:ea:af:60:08:06:43:41:93:52:00:43:10:
61:47:0c:a4:c8:22:e4:30:72:49:ae:66:38:95:08:8d:5d:b6:
02:59:30:db
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUQpPZpAPjSXTz7e9q8uJm6afBHy0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDA2MDUxNDM4MzRaFw0yNTA2MDQxNDQzMzRaMDMxMTAvBgNV
BAMTKDEzRTUyNkIwQTRENzE3NDIwQzExNUVDM0EyNjRBNzZCQTJCNDlDREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe5sb2NTzz17VWjFtzj9bnKMcZ
MWyl+efeAzL5dqeQJX1XdruQNHmSBIbJSY29Ahzh6AqJuikb4THMSsvBEjbkC7dV
Ab150Yl411mb3YT4NFwpnwDGVtmuhgM6UceX6jOUQYk7pCzSQr+YBxDKFYXRWjPG
W45j/EFvtcwK2xcN9TNIOUeGz/+KyLmhFxQkX4LJy/wa+UEG72y9gHASmWuMc0Fi
uCIlh9A4wfz0VHNRHdK6yDULCmCNBaK7ifHE4+pGEkHJUgJvMR2R9j7Q9pi2UI5O
BNMwKQIjNZRX81xXocTI0TQI942KeLAN739QyF19AAvF6tQhXCpm7W5X3pMTAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUE+UmsKTXF0IMEV7DomSna6K0nNowHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMzA4MjMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAGNCz4D
BAKNC6QDBAGNC7QwDQYJKoZIhvcNAQELBQADggEBAK6QS3IgiB6HlRD5eWKuzxAs
mBUT0m0M8SYbBddGNezebvdxOB0i0SEi6LQM1tGXfBnnmgfnWyGZL7yphGZYeC5O
Mtr2/lcYCPGxovfG0V/qZgCTxZAqBe3IIAM1dVAXCF/WMtHJrFJZWdyMLH+lxASn
OcYq9BgwKiqKdHgeRGFyeNSFpON/M/q4VFZI3cz0tsUI2TmwD9m7pOxEWHGb6DSs
KtYsPRYoBrpA5BFbJ9vePI2FpT+84PDnFrLnsOp5Q8DgyXTUHE/A5DEa2fUkvEIy
xLg637D8FfsiFx4f5eqvYAgGQ0GTUgBDEGFHDKTIIuQwckmuZjiVCI1dtgJZMNs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:59:16 2024 by rpki-client on console-ams.rpki-client.org