Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS32613.roa
File: AS32613.roa (raw, json)
Hash identifier: og29GyRZdcEs7TIHPwy9eAEqiaScIFHRq4LFDUoiG88=
Subject key identifier: 17:9D:A9:28:E6:2C:01:4D:0C:3D:4B:92:76:26:DD:A5:D0:43:16:7C
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 0BE5BB37E14FC52422BE4C3C35564F0FBD6BEFC1
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS32613.roa
Signing time: Thu 09 May 2024 17:57:05 +0000
ROA not before: Thu 09 May 2024 17:52:05 +0000
ROA not after: Thu 08 May 2025 17:57:05 +0000
asID: 32613
IP address blocks: 141.11.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:e5:bb:37:e1:4f:c5:24:22:be:4c:3c:35:56:4f:0f:bd:6b:ef:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: May 9 17:52:05 2024 GMT
Not After : May 8 17:57:05 2025 GMT
Subject: CN=179DA928E62C014D0C3D4B927626DDA5D043167C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:40:f2:01:84:6a:68:b8:8d:b8:32:84:82:80:
ed:64:57:19:0d:34:f3:a5:c3:32:24:ae:b3:1c:b9:
49:19:7d:a2:87:e9:cb:07:43:42:b1:05:b4:3b:95:
a2:23:51:7c:27:8a:b2:62:aa:d6:60:a1:22:65:71:
5e:a5:38:3a:9d:be:62:62:f5:d4:6a:3b:0e:ec:0e:
70:5f:99:57:5c:c4:3f:45:12:e0:00:cd:ac:2b:4f:
dd:9d:ff:ef:60:9a:c2:fa:03:5a:b3:3e:fe:68:d4:
6e:e2:9f:ce:3b:f6:ec:92:22:22:e2:a9:ba:70:0e:
77:9f:bf:01:6c:f4:d6:a5:01:e9:80:c4:86:a9:3e:
ae:8e:a9:c6:b1:35:80:b4:6d:f4:e9:6d:c4:23:20:
2c:f1:58:16:63:1f:61:03:d0:b2:cc:68:1b:2b:0f:
bb:d7:26:5a:d2:4a:55:e9:0a:db:11:71:9e:d7:66:
44:f9:7f:a3:fc:c0:18:70:c1:6a:7d:2b:94:05:ad:
90:5b:6e:fb:b4:08:a8:22:56:9a:5d:ff:b4:20:e2:
cb:03:71:32:43:d2:f5:05:4a:b9:ca:b3:1e:5b:05:
4f:8c:0e:c5:8c:17:ec:09:f2:d5:63:4a:be:68:37:
d5:de:66:47:55:45:11:ba:06:2e:2a:9b:be:e6:22:
70:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:9D:A9:28:E6:2C:01:4D:0C:3D:4B:92:76:26:DD:A5:D0:43:16:7C
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS32613.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.118.0/24
Signature Algorithm: sha256WithRSAEncryption
46:a9:4a:59:b1:e7:37:df:ad:2a:4b:ba:07:9f:39:e4:52:99:
a9:5d:bc:97:82:06:da:ef:64:bf:b2:96:51:13:51:25:64:66:
f7:b0:03:ed:12:3a:48:4f:4a:4f:29:c1:2d:a2:91:fb:6e:54:
08:ef:ed:9a:df:31:96:fd:8e:eb:fd:f3:f6:a0:37:ab:06:32:
ad:f4:a8:19:79:00:bc:a6:30:ed:bc:9b:07:02:d4:dc:44:5e:
ab:c1:80:ac:58:2a:3e:7e:00:8e:ed:f2:95:56:80:39:14:22:
a2:15:86:60:bd:bd:71:69:43:2f:d8:6b:31:fe:e5:a9:fd:e4:
9a:a7:af:06:c4:6d:b3:f6:70:f1:e1:eb:41:df:07:5b:bb:d8:
4a:4f:61:88:cd:fc:ee:5e:1f:61:1b:13:df:a6:ba:3a:8e:b4:
84:a3:dc:5f:48:1d:0a:5b:96:9d:61:73:04:1b:a6:17:78:97:
45:09:36:f3:6e:21:d2:dd:bd:84:cc:15:6d:53:e5:be:e2:92:
5a:90:7b:87:11:db:aa:15:81:b9:38:62:82:2a:c7:1f:02:f7:
70:33:c4:83:40:bb:95:02:e8:10:bd:38:be:8f:77:3f:cd:ac:
fc:85:03:77:e1:5d:73:b3:66:a3:c7:86:df:93:7d:8d:b2:ee:
26:d7:13:ea
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUC+W7N+FPxSQivkw8NVZPD71r78EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDA1MDkxNzUyMDVaFw0yNTA1MDgxNzU3MDVaMDMxMTAvBgNV
BAMTKDE3OURBOTI4RTYyQzAxNEQwQzNENEI5Mjc2MjZEREE1RDA0MzE2N0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHQPIBhGpouI24MoSCgO1kVxkN
NPOlwzIkrrMcuUkZfaKH6csHQ0KxBbQ7laIjUXwnirJiqtZgoSJlcV6lODqdvmJi
9dRqOw7sDnBfmVdcxD9FEuAAzawrT92d/+9gmsL6A1qzPv5o1G7in8479uySIiLi
qbpwDnefvwFs9NalAemAxIapPq6OqcaxNYC0bfTpbcQjICzxWBZjH2ED0LLMaBsr
D7vXJlrSSlXpCtsRcZ7XZkT5f6P8wBhwwWp9K5QFrZBbbvu0CKgiVppd/7Qg4ssD
cTJD0vUFSrnKsx5bBU+MDsWMF+wJ8tVjSr5oN9XeZkdVRRG6Bi4qm77mInArAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUF52pKOYsAU0MPUuSdibdpdBDFnwwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMzI2MTMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACNC3Yw
DQYJKoZIhvcNAQELBQADggEBAEapSlmx5zffrSpLugefOeRSmaldvJeCBtrvZL+y
llETUSVkZvewA+0SOkhPSk8pwS2ikftuVAjv7ZrfMZb9juv98/agN6sGMq30qBl5
ALymMO28mwcC1NxEXqvBgKxYKj5+AI7t8pVWgDkUIqIVhmC9vXFpQy/YazH+5an9
5JqnrwbEbbP2cPHh60HfB1u72EpPYYjN/O5eH2EbE9+mujqOtISj3F9IHQpblp1h
cwQbphd4l0UJNvNuIdLdvYTMFW1T5b7iklqQe4cR26oVgbk4YoIqxx8C93AzxINA
u5UC6BC9OL6Pdz/NrPyFA3fhXXOzZqPHht+TfY2y7ibXE+o=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:59:16 2024 by rpki-client on console-ams.rpki-client.org