Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS399486.roa
File: AS399486.roa (raw, json)
Hash identifier: D9+ikc5HsLA2iyw5NT4fxyG2dDHbPQEr1kfC3EfF9Zg=
Subject key identifier: 7B:2E:A7:57:EC:58:53:7C:24:F1:47:81:36:88:41:C6:42:8A:0E:21
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 6141409838758F98BBC8DFCFEEAC6380C78EB096
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS399486.roa
Signing time: Sat 08 Feb 2025 14:53:53 +0000
ROA not before: Sat 08 Feb 2025 14:48:53 +0000
ROA not after: Sat 07 Feb 2026 14:53:53 +0000
asID: 399486
IP address blocks: 141.11.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:41:40:98:38:75:8f:98:bb:c8:df:cf:ee:ac:63:80:c7:8e:b0:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Feb 8 14:48:53 2025 GMT
Not After : Feb 7 14:53:53 2026 GMT
Subject: CN=7B2EA757EC58537C24F14781368841C6428A0E21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3e:86:c7:9b:70:af:a1:50:cb:06:b3:b2:c1:
1d:2a:af:a7:c0:e6:37:5e:8c:cf:0f:34:ef:12:8f:
d5:d9:1c:b4:d6:da:e0:26:97:b7:74:fc:58:69:6e:
ff:0b:93:ee:32:08:99:9c:46:d9:13:c6:f1:15:cd:
a5:06:ae:8b:21:cc:a8:b5:2a:be:58:0e:d4:25:00:
e8:74:79:db:b4:d2:2e:8d:3d:66:40:31:22:fa:33:
b5:a7:9c:cf:99:20:6a:52:04:0d:e1:d3:a6:d1:18:
e4:52:e0:6e:18:f1:f4:e5:c8:3a:da:ad:fb:a2:05:
08:06:2b:49:d4:49:01:41:b8:e3:83:1f:78:49:b2:
a0:21:56:a0:59:e5:5c:b2:af:e1:3f:e6:0a:bc:fb:
54:33:8f:d9:46:3a:94:91:05:a8:4a:22:a8:f1:69:
f8:80:2e:9a:b8:2a:fd:dd:3e:62:99:e5:27:b8:d7:
bd:1b:6d:6a:74:e0:c4:92:83:6a:54:68:39:2e:cb:
fd:65:d2:fb:32:30:ba:60:f0:5f:2b:b5:80:0e:41:
55:db:01:cf:e8:35:6a:37:07:2f:42:34:0f:d5:e8:
b8:4b:97:9c:23:a1:16:bf:4b:67:67:38:6d:49:61:
e0:7b:38:0c:8b:7a:e9:61:e8:85:02:9b:04:6e:d0:
a5:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:2E:A7:57:EC:58:53:7C:24:F1:47:81:36:88:41:C6:42:8A:0E:21
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS399486.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.117.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:32:b7:85:04:00:4c:21:ad:11:48:06:19:ce:bf:5d:e9:6a:
95:1e:86:d1:85:70:67:f5:3e:07:ba:89:85:6f:1b:f2:64:df:
76:5e:a7:ea:5a:8d:c1:c3:ef:84:af:c8:db:61:21:83:d9:67:
a6:1b:cb:71:ba:70:ac:fd:48:4d:4c:d7:f3:40:d5:bb:4b:0a:
f9:f9:ea:c4:56:fd:f8:0e:33:d6:d7:c2:83:e8:2f:10:19:8f:
85:58:69:09:82:e7:4f:52:9e:e2:43:0f:9f:84:98:2f:9f:01:
26:1e:6c:ed:8e:3f:45:2c:50:e4:e9:8a:bd:f2:27:f9:da:fe:
88:1d:a7:d1:4d:24:fb:fe:66:41:ee:ea:bb:73:b0:b7:89:55:
cc:91:ee:49:9b:cb:cd:65:5d:05:7a:11:37:37:37:c4:7e:a8:
bf:07:e3:de:3d:61:6a:2a:e2:2b:a9:fa:09:9e:37:bb:df:b2:
52:a3:72:da:55:f2:f9:ed:08:89:07:06:18:c0:d0:36:9b:cc:
18:c5:ec:b5:26:97:7c:0c:4f:8e:81:17:96:b8:67:7a:74:73:
3f:76:01:1e:7b:24:0e:29:ae:de:02:92:d0:49:a6:0c:e6:2c:
b3:38:a5:7b:29:dd:d4:2e:2f:2c:91:34:cb:3a:38:a2:cd:7d:
9a:14:dd:f0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUYUFAmDh1j5i7yN/P7qxjgMeOsJYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTAyMDgxNDQ4NTNaFw0yNjAyMDcxNDUzNTNaMDMxMTAvBgNV
BAMTKDdCMkVBNzU3RUM1ODUzN0MyNEYxNDc4MTM2ODg0MUM2NDI4QTBFMjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKPobHm3CvoVDLBrOywR0qr6fA
5jdejM8PNO8Sj9XZHLTW2uAml7d0/Fhpbv8Lk+4yCJmcRtkTxvEVzaUGroshzKi1
Kr5YDtQlAOh0edu00i6NPWZAMSL6M7WnnM+ZIGpSBA3h06bRGORS4G4Y8fTlyDra
rfuiBQgGK0nUSQFBuOODH3hJsqAhVqBZ5Vyyr+E/5gq8+1Qzj9lGOpSRBahKIqjx
afiALpq4Kv3dPmKZ5Se4170bbWp04MSSg2pUaDkuy/1l0vsyMLpg8F8rtYAOQVXb
Ac/oNWo3By9CNA/V6LhLl5wjoRa/S2dnOG1JYeB7OAyLeulh6IUCmwRu0KVfAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUey6nV+xYU3wk8UeBNohBxkKKDiEwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMzk5NDg2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjQt1
MA0GCSqGSIb3DQEBCwUAA4IBAQC/MreFBABMIa0RSAYZzr9d6WqVHobRhXBn9T4H
uomFbxvyZN92XqfqWo3Bw++Er8jbYSGD2WemG8txunCs/UhNTNfzQNW7Swr5+erE
Vv34DjPW18KD6C8QGY+FWGkJgudPUp7iQw+fhJgvnwEmHmztjj9FLFDk6Yq98if5
2v6IHafRTST7/mZB7uq7c7C3iVXMke5Jm8vNZV0FehE3NzfEfqi/B+PePWFqKuIr
qfoJnje737JSo3LaVfL57QiJBwYYwNA2m8wYxey1Jpd8DE+OgReWuGd6dHM/dgEe
eyQOKa7eApLQSaYM5iyzOKV7Kd3ULi8skTTLOjiizX2aFN3w
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:36:29 2025 by rpki-client