Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS400039.roa
File: AS400039.roa (raw, json)
Hash identifier: x7q815A/IX3CIHDEZvG42TNddPDK6vCIA4BOAwbqoY4=
Subject key identifier: E0:8C:64:A0:3A:A9:89:C2:08:A9:01:BF:FB:77:93:98:F2:D6:58:B3
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 7FF845D0D177A80209811C31993A31438B1C327E
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS400039.roa
Signing time: Thu 07 Dec 2023 05:05:08 +0000
ROA not before: Thu 07 Dec 2023 05:00:08 +0000
ROA not after: Thu 05 Dec 2024 05:05:08 +0000
asID: 400039
IP address blocks: 141.11.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:f8:45:d0:d1:77:a8:02:09:81:1c:31:99:3a:31:43:8b:1c:32:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Dec 7 05:00:08 2023 GMT
Not After : Dec 5 05:05:08 2024 GMT
Subject: CN=E08C64A03AA989C208A901BFFB779398F2D658B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:67:eb:ab:7a:aa:34:9c:90:00:fc:9f:96:60:
74:f1:35:91:da:1a:2b:50:0e:bb:63:6d:b1:ab:05:
55:b4:d0:16:50:12:63:09:86:e4:cd:4f:42:60:5f:
89:38:94:7c:8b:db:a4:0a:79:5e:90:64:9b:f5:81:
fd:3a:e7:29:6b:70:18:1f:ef:6e:65:72:70:61:9a:
46:50:3d:23:ed:02:de:9f:6f:00:30:b0:d2:c0:8a:
53:fa:24:c3:c0:d3:50:1d:cf:b2:64:7f:e8:bf:47:
98:2d:10:38:6e:96:4e:e0:6f:bd:66:04:34:c3:45:
b8:65:d2:2e:bd:e3:8b:89:4a:0f:d7:e1:87:ad:73:
07:92:c6:22:c6:09:fb:7c:37:dd:dc:96:06:6e:0a:
38:2e:ac:77:2d:ca:93:fc:d8:37:7d:e2:d8:f3:28:
9a:78:31:ae:b2:f8:eb:fc:04:34:6b:51:bb:aa:4e:
7b:50:6f:ce:17:e5:4a:e2:49:db:2d:68:a2:f2:d4:
0f:91:d0:a3:88:fb:2b:5a:2c:77:6f:20:86:f4:8d:
35:70:48:6c:66:78:b1:5f:ba:ee:cf:6d:e3:0c:4b:
2c:66:4d:b3:6b:4d:f7:02:5c:ab:6d:b1:c5:9e:39:
e8:1c:3c:95:bc:4e:1e:d2:4e:69:4c:5d:15:5c:18:
cd:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:8C:64:A0:3A:A9:89:C2:08:A9:01:BF:FB:77:93:98:F2:D6:58:B3
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS400039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.4.0/24
Signature Algorithm: sha256WithRSAEncryption
98:39:cc:df:b3:9c:af:8d:c2:59:12:7f:98:6a:41:be:93:ea:
b1:8b:02:95:c0:a4:ee:48:70:f8:db:c2:fb:0f:32:39:f9:f0:
9f:a3:9d:b6:46:a9:a3:0b:a0:a4:72:12:c4:80:83:ed:7f:18:
32:93:35:51:55:31:09:5d:47:1c:95:49:a5:e8:68:f4:68:fa:
f2:1c:b5:11:f4:79:8a:8e:3e:30:54:52:6e:2a:10:25:d4:59:
84:df:b6:99:b4:25:bc:ed:96:60:65:6f:fc:a7:61:bd:5d:6e:
87:d9:aa:6b:8c:84:09:c0:4a:fc:67:ac:75:4e:b8:8c:1d:9d:
33:e6:ae:7e:4a:5c:e0:4f:99:1e:88:44:c6:68:05:95:ce:b3:
68:e4:20:2e:77:78:ba:cd:3d:35:4b:63:3a:80:14:04:c8:e4:
64:46:4f:d9:89:c7:a6:69:65:76:e4:3c:24:aa:85:55:b1:5f:
5f:d1:e2:64:bd:d0:fb:52:7c:8c:ba:06:96:c3:e2:08:d7:23:
69:07:8b:41:db:f5:56:bb:d0:ad:24:92:ae:77:bf:c4:a5:92:
b8:22:fd:09:c1:f1:1c:16:95:6a:ff:bb:30:e6:7f:27:55:3e:
a2:00:9e:73:8a:5b:da:85:3d:ae:cc:0f:60:07:09:5b:53:5d:
07:b8:85:c8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUf/hF0NF3qAIJgRwxmToxQ4scMn4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzEyMDcwNTAwMDhaFw0yNDEyMDUwNTA1MDhaMDMxMTAvBgNV
BAMTKEUwOEM2NEEwM0FBOTg5QzIwOEE5MDFCRkZCNzc5Mzk4RjJENjU4QjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIZ+ureqo0nJAA/J+WYHTxNZHa
GitQDrtjbbGrBVW00BZQEmMJhuTNT0JgX4k4lHyL26QKeV6QZJv1gf065ylrcBgf
725lcnBhmkZQPSPtAt6fbwAwsNLAilP6JMPA01Adz7Jkf+i/R5gtEDhulk7gb71m
BDTDRbhl0i6944uJSg/X4YetcweSxiLGCft8N93clgZuCjgurHctypP82Dd94tjz
KJp4Ma6y+Ov8BDRrUbuqTntQb84X5UriSdstaKLy1A+R0KOI+ytaLHdvIIb0jTVw
SGxmeLFfuu7PbeMMSyxmTbNrTfcCXKttscWeOegcPJW8Th7STmlMXRVcGM2pAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU4IxkoDqpicIIqQG/+3eTmPLWWLMwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNDAwMDM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjQsE
MA0GCSqGSIb3DQEBCwUAA4IBAQCYOczfs5yvjcJZEn+YakG+k+qxiwKVwKTuSHD4
28L7DzI5+fCfo522RqmjC6CkchLEgIPtfxgykzVRVTEJXUcclUml6Gj0aPryHLUR
9HmKjj4wVFJuKhAl1FmE37aZtCW87ZZgZW/8p2G9XW6H2aprjIQJwEr8Z6x1TriM
HZ0z5q5+SlzgT5keiETGaAWVzrNo5CAud3i6zT01S2M6gBQEyORkRk/ZicemaWV2
5DwkqoVVsV9f0eJkvdD7UnyMugaWw+II1yNpB4tB2/VWu9CtJJKud7/EpZK4Iv0J
wfEcFpVq/7sw5n8nVT6iAJ5zilvahT2uzA9gBwlbU10HuIXI
-----END CERTIFICATE-----
Generated at Sun May 5 15:51:35 2024 by rpki-client on console-fra.rpki-client.org