Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS40994.roa
File: AS40994.roa (raw, json)
Hash identifier: H492nDUqug2aMrJ9V7eAhX4FN3l3EAsL8fcyhpanhnE=
Subject key identifier: EB:0D:C5:FE:14:D2:FF:3A:D4:C6:22:2B:0A:B9:85:7D:65:22:A9:82
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 5E0E0D4E01D02389772BD72423E03A1BDA57C4BE
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS40994.roa
Signing time: Tue 28 Nov 2023 15:05:06 +0000
ROA not before: Tue 28 Nov 2023 15:00:06 +0000
ROA not after: Tue 26 Nov 2024 15:05:06 +0000
asID: 40994
IP address blocks: 141.11.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:0e:0d:4e:01:d0:23:89:77:2b:d7:24:23:e0:3a:1b:da:57:c4:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Nov 28 15:00:06 2023 GMT
Not After : Nov 26 15:05:06 2024 GMT
Subject: CN=EB0DC5FE14D2FF3AD4C6222B0AB9857D6522A982
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fc:3c:a0:02:bf:1f:31:8b:cb:4b:a1:45:76:
e0:cf:1d:d5:1e:ae:d6:2d:01:71:de:68:48:e2:dd:
08:e1:c6:86:ae:09:22:2e:0b:67:49:6a:1e:fb:af:
cb:d1:0f:ae:48:0a:4f:db:45:92:6e:c3:fd:27:5a:
96:7f:bd:fb:85:b0:31:4a:5e:5c:78:8f:d7:c8:68:
59:c3:09:cb:34:b2:b5:8e:24:fd:c9:8e:61:41:6c:
25:14:b9:f8:2d:4f:b3:84:6d:dd:ff:40:c5:da:7f:
c5:d2:f2:b2:e7:8a:72:ac:fd:6c:fb:ae:0e:1d:72:
fb:24:ce:6c:b4:45:74:82:32:44:b7:e7:82:cb:9d:
0b:d8:a6:68:b6:93:8f:ab:39:36:47:d8:3f:91:25:
af:14:5e:c9:04:e7:25:33:89:4e:c8:f2:a2:e8:6d:
1c:7b:39:ac:2f:d6:10:06:31:0c:c2:b2:6b:b0:df:
26:fa:37:5d:9b:36:f2:c7:f1:0c:a8:0e:0d:7a:14:
45:eb:b1:30:89:f2:83:d7:d7:b0:43:db:9c:87:1c:
c2:73:ed:cf:7a:d2:71:04:fa:89:c2:47:6d:5d:d8:
c2:e4:b5:6f:2a:fd:58:de:e4:2b:69:ba:e5:06:f9:
4f:e8:4d:3b:ce:9f:0e:ab:d8:84:c4:7d:52:b0:f7:
36:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:0D:C5:FE:14:D2:FF:3A:D4:C6:22:2B:0A:B9:85:7D:65:22:A9:82
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS40994.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.7.0/24
Signature Algorithm: sha256WithRSAEncryption
93:71:3e:00:92:98:1d:ce:3f:ed:95:a5:c2:5c:ec:31:66:67:
f8:ef:e7:00:87:7c:3e:05:91:86:4b:84:8b:93:18:69:d8:e1:
e3:bb:10:62:99:e9:88:9d:18:7d:50:33:4a:c1:17:70:56:ca:
be:7d:4a:1c:69:64:6a:f0:13:cb:d5:cc:e8:41:ea:03:47:2c:
71:0d:64:c8:42:aa:26:ab:29:98:01:c6:29:58:f0:94:db:c2:
8f:de:dc:f8:1e:d2:bf:1c:b2:6c:f0:f7:dd:22:6a:06:da:0b:
5f:43:bf:aa:78:11:10:dc:f1:37:2e:7d:29:ae:0e:96:1f:86:
5d:de:cf:f1:1b:97:8d:f5:87:35:f2:3d:e8:2d:98:83:a0:c4:
24:31:30:9c:5b:2e:53:8f:1f:04:26:98:6f:90:35:0c:72:79:
97:35:e1:19:48:32:ec:c2:1d:dc:df:f2:25:6b:d6:f8:f5:bb:
df:16:10:1e:f0:39:20:41:67:6d:ed:3d:3b:7a:0c:90:b8:62:
d3:aa:7e:bd:f7:c3:3d:15:d4:b6:9b:a0:09:99:97:77:c5:2c:
e4:41:f1:58:cd:03:f2:c5:95:68:b6:02:8e:08:ae:68:f2:54:
c3:ba:ac:28:81:f8:b0:fb:8b:3a:7b:19:fb:3c:3a:e7:b7:cd:
26:ba:af:e0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUXg4NTgHQI4l3K9ckI+A6G9pXxL4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzExMjgxNTAwMDZaFw0yNDExMjYxNTA1MDZaMDMxMTAvBgNV
BAMTKEVCMERDNUZFMTREMkZGM0FENEM2MjIyQjBBQjk4NTdENjUyMkE5ODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3/DygAr8fMYvLS6FFduDPHdUe
rtYtAXHeaEji3QjhxoauCSIuC2dJah77r8vRD65ICk/bRZJuw/0nWpZ/vfuFsDFK
Xlx4j9fIaFnDCcs0srWOJP3JjmFBbCUUufgtT7OEbd3/QMXaf8XS8rLninKs/Wz7
rg4dcvskzmy0RXSCMkS354LLnQvYpmi2k4+rOTZH2D+RJa8UXskE5yUziU7I8qLo
bRx7Oawv1hAGMQzCsmuw3yb6N12bNvLH8QyoDg16FEXrsTCJ8oPX17BD25yHHMJz
7c960nEE+onCR21d2MLktW8q/Vje5CtpuuUG+U/oTTvOnw6r2ITEfVKw9zYVAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU6w3F/hTS/zrUxiIrCrmFfWUiqYIwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNDA5OTQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACNCwcw
DQYJKoZIhvcNAQELBQADggEBAJNxPgCSmB3OP+2VpcJc7DFmZ/jv5wCHfD4FkYZL
hIuTGGnY4eO7EGKZ6YidGH1QM0rBF3BWyr59ShxpZGrwE8vVzOhB6gNHLHENZMhC
qiarKZgBxilY8JTbwo/e3Pge0r8csmzw990iagbaC19Dv6p4ERDc8TcufSmuDpYf
hl3ez/Ebl431hzXyPegtmIOgxCQxMJxbLlOPHwQmmG+QNQxyeZc14RlIMuzCHdzf
8iVr1vj1u98WEB7wOSBBZ23tPTt6DJC4YtOqfr33wz0V1LaboAmZl3fFLORB8VjN
A/LFlWi2Ao4IrmjyVMO6rCiB+LD7izp7Gfs8Oue3zSa6r+A=
-----END CERTIFICATE-----
Generated at Sun May 5 14:38:07 2024 by rpki-client on console-ams.rpki-client.org