Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS397630.roa
File: AS397630.roa (raw, json)
Hash identifier: v0aXI64qYG1JleNS3ILB5AknAWXfDrWcelsPPAP+AMg=
Subject key identifier: 63:54:CE:65:86:30:EB:73:86:BD:21:82:C7:16:53:9C:B5:FB:70:BE
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 7A365795C20472C594E114E711A24D954EE3AF2E
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS397630.roa
Signing time: Wed 14 Feb 2024 06:25:19 +0000
ROA not before: Wed 14 Feb 2024 06:20:19 +0000
ROA not after: Wed 12 Feb 2025 06:25:19 +0000
asID: 397630
IP address blocks: 141.11.84.0/23 maxlen: 24
141.11.172.0/23 maxlen: 24
141.11.220.0/23 maxlen: 24
141.11.226.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:36:57:95:c2:04:72:c5:94:e1:14:e7:11:a2:4d:95:4e:e3:af:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Feb 14 06:20:19 2024 GMT
Not After : Feb 12 06:25:19 2025 GMT
Subject: CN=6354CE658630EB7386BD2182C716539CB5FB70BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9e:62:c2:da:b7:a5:e1:9f:11:20:b8:0c:e0:
40:22:95:59:55:a2:ed:86:88:27:aa:1b:37:d7:7a:
e7:cf:a9:77:b0:14:88:ba:c3:a8:2e:4b:a9:ad:aa:
1d:3b:3f:50:c8:63:f2:bc:9c:4c:c2:a4:5c:9a:2f:
c1:0d:db:48:d0:40:f1:65:a8:26:90:ad:1a:9e:fb:
8a:8f:3c:67:e7:6e:36:0f:b0:24:1f:3e:a6:77:05:
58:44:ad:e6:df:bb:a0:7a:de:66:94:9b:af:a9:f4:
77:21:47:19:71:36:a8:db:5b:66:e9:12:90:98:c9:
4b:19:f1:16:05:83:82:a6:81:87:e3:89:3c:2d:17:
09:8d:fb:be:0d:f8:00:1f:f2:2f:b5:22:63:39:bd:
fb:7b:de:75:3c:99:b1:05:ea:e9:58:2f:cc:f1:e5:
4e:8c:38:77:60:bd:b5:2d:7a:7c:87:c6:74:52:45:
62:a0:4b:f8:84:7e:be:60:43:90:00:08:db:10:94:
70:57:2a:c7:44:cd:84:68:71:b5:36:94:12:6d:b8:
31:ec:f9:8e:c5:5f:e5:07:67:59:c5:71:77:2b:59:
3b:9e:1d:e4:48:b9:f3:6a:09:7f:95:a3:13:63:f9:
b0:fe:72:e3:98:0c:8c:6c:6a:32:67:5e:1b:7d:ee:
60:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:54:CE:65:86:30:EB:73:86:BD:21:82:C7:16:53:9C:B5:FB:70:BE
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS397630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.84.0/23
141.11.172.0/23
141.11.220.0/23
141.11.226.0/23
Signature Algorithm: sha256WithRSAEncryption
d8:5c:6d:86:fd:83:a6:b3:1d:69:39:8d:b8:a9:ca:ae:ea:91:
70:4b:90:8d:25:2b:fb:a9:95:07:48:40:6f:92:f7:9e:65:24:
b4:4d:49:09:83:32:f6:e2:9b:82:7b:89:19:2f:1e:c4:a2:8d:
f7:5f:5e:0b:c9:d1:66:a5:68:fe:db:c2:8f:c5:be:d4:85:d4:
35:08:1b:47:2e:95:43:fb:ae:7a:57:61:f2:91:55:b4:fd:46:
61:d9:6e:a1:67:b2:5c:a5:15:22:54:8d:7e:f6:43:82:f7:e8:
6d:dc:ea:6d:b1:91:3a:85:9d:06:78:aa:29:6b:27:cf:6c:f1:
91:f7:46:89:7a:83:b2:e3:ac:df:b9:3d:65:d0:1f:f2:db:27:
df:24:09:6c:ac:dd:9b:e9:a7:64:be:f6:18:25:e5:fe:32:6c:
e2:19:d4:47:ec:09:ff:9a:3f:f3:b0:ea:bd:56:57:c8:39:bb:
2a:47:df:07:52:ab:84:ce:34:f3:c5:ff:90:73:ca:8c:e0:59:
9a:da:06:fb:4d:86:c9:1b:52:47:6a:9c:5e:b3:9c:9e:81:8c:
f5:17:66:11:76:fb:ea:33:24:33:db:38:7c:b1:e5:4a:b9:72:
51:ef:08:38:fd:e6:e3:99:70:12:92:d3:9b:97:05:9b:2b:ae:
27:aa:bc:1f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUejZXlcIEcsWU4RTnEaJNlU7jry4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDAyMTQwNjIwMTlaFw0yNTAyMTIwNjI1MTlaMDMxMTAvBgNV
BAMTKDYzNTRDRTY1ODYzMEVCNzM4NkJEMjE4MkM3MTY1MzlDQjVGQjcwQkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2nmLC2rel4Z8RILgM4EAilVlV
ou2GiCeqGzfXeufPqXewFIi6w6guS6mtqh07P1DIY/K8nEzCpFyaL8EN20jQQPFl
qCaQrRqe+4qPPGfnbjYPsCQfPqZ3BVhErebfu6B63maUm6+p9HchRxlxNqjbW2bp
EpCYyUsZ8RYFg4KmgYfjiTwtFwmN+74N+AAf8i+1ImM5vft73nU8mbEF6ulYL8zx
5U6MOHdgvbUtenyHxnRSRWKgS/iEfr5gQ5AACNsQlHBXKsdEzYRocbU2lBJtuDHs
+Y7FX+UHZ1nFcXcrWTueHeRIufNqCX+VoxNj+bD+cuOYDIxsajJnXht97mB7AgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUY1TOZYYw63OGvSGCxxZTnLX7cL4wHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMzk3NjMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBjQtU
AwQBjQusAwQBjQvcAwQBjQviMA0GCSqGSIb3DQEBCwUAA4IBAQDYXG2G/YOmsx1p
OY24qcqu6pFwS5CNJSv7qZUHSEBvkveeZSS0TUkJgzL24puCe4kZLx7Eoo33X14L
ydFmpWj+28KPxb7UhdQ1CBtHLpVD+656V2HykVW0/UZh2W6hZ7JcpRUiVI1+9kOC
9+ht3OptsZE6hZ0GeKopayfPbPGR90aJeoOy46zfuT1l0B/y2yffJAlsrN2b6adk
vvYYJeX+MmziGdRH7An/mj/zsOq9VlfIObsqR98HUquEzjTzxf+Qc8qM4Fma2gb7
TYbJG1JHapxes5yegYz1F2YRdvvqMyQz2zh8seVKuXJR7wg4/ebjmXASktOblwWb
K64nqrwf
-----END CERTIFICATE-----
Generated at Sun May 5 15:51:35 2024 by rpki-client on console-fra.rpki-client.org