Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS400909.roa
File: AS400909.roa (raw, json)
Hash identifier: QAOjlV9sEk3yx0H5DNdbwTR4TL4B9uSjd/S7BcUw89A=
Subject key identifier: 51:72:B4:E2:40:96:24:CB:F0:02:AB:13:23:86:19:30:FF:9A:39:E4
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 6417F43DA5E4DF4F1D62B5AE973E38058C3A003E
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS400909.roa
Signing time: Mon 01 Jan 2024 16:39:32 +0000
ROA not before: Mon 01 Jan 2024 16:34:32 +0000
ROA not after: Mon 30 Dec 2024 16:39:32 +0000
asID: 400909
IP address blocks: 141.11.168.0/23 maxlen: 23
141.11.170.0/23 maxlen: 23
141.11.222.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:17:f4:3d:a5:e4:df:4f:1d:62:b5:ae:97:3e:38:05:8c:3a:00:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Jan 1 16:34:32 2024 GMT
Not After : Dec 30 16:39:32 2024 GMT
Subject: CN=5172B4E2409624CBF002AB1323861930FF9A39E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:37:fa:1d:d9:e4:e5:3a:51:38:c7:c4:92:2b:
4a:e1:a7:c8:fb:40:4b:10:04:31:67:a9:63:d7:bc:
4e:b5:80:0e:50:9e:10:0b:aa:a9:35:49:05:23:29:
d8:35:51:c1:e5:2b:0e:7b:bf:ce:1c:d8:3a:86:be:
35:1d:18:eb:71:25:35:d0:6a:4b:18:04:a2:bc:fb:
d8:0d:7d:cd:5a:46:e4:44:5a:40:bc:72:05:ad:bd:
e9:83:72:ae:56:2f:29:f0:83:51:e0:55:a6:20:f9:
6b:70:23:53:f1:a6:8b:6d:70:d9:30:7a:9b:0d:17:
d1:2d:e4:87:3b:30:4e:93:1d:4a:0f:c4:2a:34:d3:
1b:1d:22:d5:cb:70:e7:20:e8:06:32:48:e6:bf:93:
35:5c:af:1c:a9:f2:3f:ef:31:df:2d:05:d4:c6:30:
1f:0d:21:d7:86:f2:01:da:84:93:6d:0a:fd:c1:c5:
d0:be:3e:3e:28:14:c5:01:e1:6b:77:25:38:91:af:
2a:8d:0a:89:53:4e:78:6d:47:3d:eb:84:b8:ad:d9:
78:65:1d:80:ae:1a:37:23:d1:09:64:67:d3:11:ca:
e5:97:a9:cd:27:e2:69:b3:56:7c:82:70:88:04:2e:
a0:33:83:78:c6:ef:5a:05:4e:1d:3d:dc:1c:83:78:
88:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:72:B4:E2:40:96:24:CB:F0:02:AB:13:23:86:19:30:FF:9A:39:E4
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS400909.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.168.0/22
141.11.222.0/23
Signature Algorithm: sha256WithRSAEncryption
16:fe:62:39:2b:98:44:51:e9:5b:6b:26:fa:03:8d:5a:36:1c:
83:ba:7e:b6:f2:52:42:25:11:06:49:22:43:2f:33:ec:71:4c:
ac:52:3e:80:23:f3:2a:03:3e:23:98:31:9e:22:9d:e0:e7:f3:
81:e6:2a:61:55:71:a2:c1:60:c8:63:62:de:21:ea:9f:58:2c:
a2:65:49:f3:3b:61:57:1d:a3:47:4d:82:94:f0:83:6a:cb:14:
18:03:8a:91:a2:29:c8:90:00:e9:67:8e:90:f9:48:e9:8e:b7:
e7:da:be:72:73:02:b8:e2:9f:81:f0:d9:dc:ca:d6:f1:17:ad:
b1:de:3f:2a:ca:f2:e6:96:1f:64:76:fc:2e:be:f0:36:44:19:
47:55:59:a8:4a:9f:40:2d:da:11:cf:ba:38:11:23:b7:18:32:
d4:bc:32:07:c8:02:33:a7:4c:8d:66:14:11:00:1e:9a:fb:f9:
60:9a:82:11:a6:1e:b3:fe:32:46:68:17:d3:7d:bc:7b:11:ae:
7d:39:84:dd:a5:95:ca:3a:71:68:80:eb:40:41:9b:59:21:ea:
a7:19:4c:a2:1c:9f:cf:56:2b:c0:0c:41:70:be:e2:10:3b:dd:
98:df:c8:59:b4:00:c6:23:ba:55:e6:d1:b8:0e:a8:a3:86:80:
b3:20:0c:f4
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUZBf0PaXk308dYrWulz44BYw6AD4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDAxMDExNjM0MzJaFw0yNDEyMzAxNjM5MzJaMDMxMTAvBgNV
BAMTKDUxNzJCNEUyNDA5NjI0Q0JGMDAyQUIxMzIzODYxOTMwRkY5QTM5RTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPN/od2eTlOlE4x8SSK0rhp8j7
QEsQBDFnqWPXvE61gA5QnhALqqk1SQUjKdg1UcHlKw57v84c2DqGvjUdGOtxJTXQ
aksYBKK8+9gNfc1aRuREWkC8cgWtvemDcq5WLynwg1HgVaYg+WtwI1PxpottcNkw
epsNF9Et5Ic7ME6THUoPxCo00xsdItXLcOcg6AYySOa/kzVcrxyp8j/vMd8tBdTG
MB8NIdeG8gHahJNtCv3BxdC+Pj4oFMUB4Wt3JTiRryqNColTTnhtRz3rhLit2Xhl
HYCuGjcj0QlkZ9MRyuWXqc0n4mmzVnyCcIgELqAzg3jG71oFTh093ByDeIhxAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUUXK04kCWJMvwAqsTI4YZMP+aOeQwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNDAwOTA5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCjQuo
AwQBjQveMA0GCSqGSIb3DQEBCwUAA4IBAQAW/mI5K5hEUelbayb6A41aNhyDun62
8lJCJREGSSJDLzPscUysUj6AI/MqAz4jmDGeIp3g5/OB5iphVXGiwWDIY2LeIeqf
WCyiZUnzO2FXHaNHTYKU8INqyxQYA4qRoinIkADpZ46Q+Ujpjrfn2r5ycwK44p+B
8NncytbxF62x3j8qyvLmlh9kdvwuvvA2RBlHVVmoSp9ALdoRz7o4ESO3GDLUvDIH
yAIzp0yNZhQRAB6a+/lgmoIRph6z/jJGaBfTfbx7Ea59OYTdpZXKOnFogOtAQZtZ
IeqnGUyiHJ/PVivADEFwvuIQO92Y38hZtADGI7pV5tG4DqijhoCzIAz0
-----END CERTIFICATE-----
Generated at Sun May 5 14:38:07 2024 by rpki-client on console-ams.rpki-client.org