Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS43350.roa
File: AS43350.roa (raw, json)
Hash identifier: HAEa/iKcl9ApyxWqmxwhq9YOoFmX9bH0dgr/mMrtOJI=
Subject key identifier: C1:46:EF:28:21:D9:79:19:E7:54:8C:FE:FE:CC:4A:39:8A:35:32:60
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 68E5669D804DBF9D7DF950D52264A84C0B3F2A3D
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS43350.roa
Signing time: Wed 15 May 2024 13:08:58 +0000
ROA not before: Wed 15 May 2024 13:03:58 +0000
ROA not after: Wed 14 May 2025 13:08:58 +0000
asID: 43350
IP address blocks: 141.11.1.0/24 maxlen: 24
141.11.21.0/24 maxlen: 24
141.11.37.0/24 maxlen: 24
141.11.45.0/24 maxlen: 24
141.11.103.0/24 maxlen: 24
141.11.107.0/24 maxlen: 24
141.11.123.0/24 maxlen: 24
141.11.182.0/24 maxlen: 24
141.11.184.0/24 maxlen: 24
141.11.187.0/24 maxlen: 24
141.11.246.0/24 maxlen: 24
141.11.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:e5:66:9d:80:4d:bf:9d:7d:f9:50:d5:22:64:a8:4c:0b:3f:2a:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: May 15 13:03:58 2024 GMT
Not After : May 14 13:08:58 2025 GMT
Subject: CN=C146EF2821D97919E7548CFEFECC4A398A353260
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f2:81:ee:82:7e:9a:72:a5:c2:ff:03:db:7f:
17:08:18:43:af:61:66:27:21:a8:2a:57:23:a4:28:
f2:45:0d:cc:02:be:1b:ce:b9:f6:f3:13:b4:3f:d9:
3d:8a:bd:30:0d:3c:95:76:b9:fd:99:5e:f9:d7:60:
0e:4f:68:63:bf:a2:09:1f:e9:8c:52:ff:84:b8:ca:
17:a2:a9:ee:32:ba:07:88:fc:4b:90:cd:a8:d5:82:
ee:ac:6b:06:be:b2:af:c4:1c:0d:68:dc:f8:e3:18:
90:db:75:8c:90:4c:2c:7b:1b:c2:3e:04:fa:f2:8b:
72:7b:05:4a:b5:8d:a6:7f:36:67:cc:b6:52:6f:72:
8a:95:26:70:75:c8:9d:6d:2c:91:59:ba:be:9a:c2:
e5:84:b7:a9:7f:84:e1:c8:34:db:3c:70:45:36:af:
4e:f0:19:d8:b1:2b:db:dd:76:20:41:42:5b:e1:50:
5e:38:3c:7a:39:49:e8:2b:ac:05:d1:f1:eb:e6:dc:
27:0f:6f:6c:64:88:73:43:fb:14:cb:2c:43:d4:b4:
3d:50:df:f5:60:ca:80:4e:21:f9:86:19:41:e4:21:
80:88:15:09:ad:49:8c:52:41:a3:ec:de:77:f9:c4:
b7:b1:83:69:90:89:4b:0c:29:5b:9e:c2:0a:6d:c1:
f7:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:46:EF:28:21:D9:79:19:E7:54:8C:FE:FE:CC:4A:39:8A:35:32:60
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS43350.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.1.0/24
141.11.21.0/24
141.11.37.0/24
141.11.45.0/24
141.11.103.0/24
141.11.107.0/24
141.11.123.0/24
141.11.182.0/24
141.11.184.0/24
141.11.187.0/24
141.11.246.0/24
141.11.250.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:52:0b:fa:df:4d:3d:13:dc:8f:fd:ef:b4:1b:d1:fd:57:b6:
27:fb:25:df:9c:76:21:a8:43:59:ab:fc:d8:a0:b1:f0:54:42:
bb:41:d6:16:b7:f0:bc:95:d2:61:f5:30:05:4a:86:27:f8:fd:
9a:44:53:7b:8b:04:12:d7:54:d2:c2:1a:2e:54:50:5d:6b:fa:
60:43:fe:20:85:2a:0c:7b:7c:05:c9:8b:85:8d:c0:a2:e6:23:
ee:59:13:55:97:bd:3d:21:62:a0:b4:2a:a7:5e:90:ea:67:49:
ea:94:eb:7e:34:79:c1:fb:15:b9:2b:c5:52:ab:45:c6:98:a6:
8c:c6:d8:f4:60:28:60:06:62:d4:fe:6a:de:55:f1:f5:f2:03:
42:cc:39:12:bf:b1:fb:eb:3c:ee:2a:04:0f:a3:a2:a8:80:45:
33:b0:5e:fa:b6:84:01:21:1b:76:d0:20:c5:e1:ff:3a:b3:dd:
dd:e0:5a:0b:1d:32:2b:22:c9:27:3c:bb:4d:54:fc:a6:10:3e:
07:12:a9:bc:b9:9f:1a:bd:bf:fd:4d:16:5b:a9:70:e4:4b:04:
32:47:30:48:65:e8:ed:84:e0:74:3f:04:44:f9:3a:a3:1e:6e:
bc:01:44:fc:33:65:09:93:ab:5a:2b:c8:84:30:6e:65:58:37:
d5:7f:5e:a0
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIUaOVmnYBNv519+VDVImSoTAs/Kj0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDA1MTUxMzAzNThaFw0yNTA1MTQxMzA4NThaMDMxMTAvBgNV
BAMTKEMxNDZFRjI4MjFEOTc5MTlFNzU0OENGRUZFQ0M0QTM5OEEzNTMyNjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv8oHugn6acqXC/wPbfxcIGEOv
YWYnIagqVyOkKPJFDcwCvhvOufbzE7Q/2T2KvTANPJV2uf2ZXvnXYA5PaGO/ogkf
6YxS/4S4yheiqe4yugeI/EuQzajVgu6sawa+sq/EHA1o3PjjGJDbdYyQTCx7G8I+
BPryi3J7BUq1jaZ/NmfMtlJvcoqVJnB1yJ1tLJFZur6awuWEt6l/hOHINNs8cEU2
r07wGdixK9vddiBBQlvhUF44PHo5SegrrAXR8evm3CcPb2xkiHND+xTLLEPUtD1Q
3/VgyoBOIfmGGUHkIYCIFQmtSYxSQaPs3nf5xLexg2mQiUsMKVuewgptwfedAgMB
AAGjggJLMIICRzAdBgNVHQ4EFgQUwUbvKCHZeRnnVIz+/sxKOYo1MmAwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNDMzNTAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwYQYIKwYBBQUHAQcBAf8EUjBQME4EAgABMEgDBACNCwED
BACNCxUDBACNCyUDBACNCy0DBACNC2cDBACNC2sDBACNC3sDBACNC7YDBACNC7gD
BACNC7sDBACNC/YDBACNC/owDQYJKoZIhvcNAQELBQADggEBAMtSC/rfTT0T3I/9
77Qb0f1Xtif7Jd+cdiGoQ1mr/NigsfBUQrtB1ha38LyV0mH1MAVKhif4/ZpEU3uL
BBLXVNLCGi5UUF1r+mBD/iCFKgx7fAXJi4WNwKLmI+5ZE1WXvT0hYqC0KqdekOpn
SeqU6340ecH7FbkrxVKrRcaYpozG2PRgKGAGYtT+at5V8fXyA0LMORK/sfvrPO4q
BA+joqiARTOwXvq2hAEhG3bQIMXh/zqz3d3gWgsdMisiySc8u01U/KYQPgcSqby5
nxq9v/1NFlupcORLBDJHMEhl6O2E4HQ/BET5OqMebrwBRPwzZQmTq1oryIQwbmVY
N9V/XqA=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:51:26 2025 by rpki-client