Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS48678.roa
File: AS48678.roa (raw, json)
Hash identifier: lg3JBZi4DMp6M6TPb+5qMePflniCJVCuThRcGuMfMiE=
Subject key identifier: 53:CA:FE:57:35:75:92:09:91:2F:A7:2A:63:20:6A:8D:4D:34:F7:1E
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 08FF7909FD71554FE0ED3E3FCB407ABDCFCFEBE0
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS48678.roa
Signing time: Fri 10 Nov 2023 16:27:59 +0000
ROA not before: Fri 10 Nov 2023 16:22:59 +0000
ROA not after: Fri 08 Nov 2024 16:27:59 +0000
asID: 48678
IP address blocks: 141.11.174.0/23 maxlen: 24
141.11.216.0/23 maxlen: 24
141.11.218.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:ff:79:09:fd:71:55:4f:e0:ed:3e:3f:cb:40:7a:bd:cf:cf:eb:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Nov 10 16:22:59 2023 GMT
Not After : Nov 8 16:27:59 2024 GMT
Subject: CN=53CAFE5735759209912FA72A63206A8D4D34F71E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:dd:17:ca:91:21:d7:0d:84:e2:ae:b3:99:b1:
9a:d5:31:49:55:02:c0:37:a3:1c:5a:0c:74:bc:21:
ed:70:56:7a:bf:29:7a:33:56:4f:e0:60:f3:31:53:
c5:d0:26:01:b6:98:8e:25:c0:d7:ef:23:7e:bd:74:
6f:66:b8:73:e1:e6:5b:ed:d4:3e:01:a0:fb:25:8d:
75:a4:9d:2a:10:e8:30:fc:18:c6:f7:08:6e:2f:0f:
eb:36:3e:fc:10:f8:74:6a:20:4f:2f:26:f9:0f:40:
1e:cd:d5:1a:a2:be:e9:f5:58:d1:da:4c:64:0b:41:
eb:51:2b:ab:30:15:e7:77:4a:91:12:c3:5e:ef:a8:
14:bc:50:30:f5:f5:a7:36:22:cf:49:d8:f4:9d:dd:
5a:a4:4f:2e:7b:1d:ac:7c:bf:42:17:ea:a7:fa:c5:
43:16:f4:20:ec:8d:63:11:dd:ff:23:96:8c:98:5e:
4b:9d:66:e9:53:80:ce:7f:30:b8:28:27:2d:c7:f8:
68:3c:f2:c3:17:18:43:ec:bf:4a:73:36:a7:73:6e:
2e:bc:49:01:3e:7b:f3:b8:be:9f:6c:04:40:91:a9:
56:f0:db:c9:c0:24:02:e0:93:87:17:b6:05:75:cf:
67:42:db:7f:5b:01:d2:7e:a4:a9:42:1a:7b:08:36:
cb:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:CA:FE:57:35:75:92:09:91:2F:A7:2A:63:20:6A:8D:4D:34:F7:1E
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS48678.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.174.0/23
141.11.216.0/22
Signature Algorithm: sha256WithRSAEncryption
c7:6a:0c:05:4e:e3:2e:f7:1a:5e:d8:78:33:6d:81:ee:1c:19:
8f:c7:00:14:87:01:d8:a6:34:39:e5:05:ae:20:44:50:ca:0a:
6c:31:15:c7:5e:29:3e:44:57:f4:4b:8a:dd:f8:5a:03:85:93:
9b:1e:34:38:89:e5:44:45:e2:d8:a1:78:36:76:fc:46:75:bd:
ba:b0:50:c5:e3:78:fa:99:cb:f2:25:f2:68:73:e5:c2:da:d0:
4a:02:0e:f4:6d:fc:35:67:11:31:39:7e:d8:6e:5d:b2:3d:3f:
f8:00:b6:07:44:56:fe:66:4f:c0:d3:c6:ec:46:bf:c7:50:5a:
72:5a:0a:51:05:f5:5e:41:b3:06:36:13:52:7b:1b:38:a2:09:
2f:33:72:53:7f:39:93:6e:70:a6:09:28:0d:b2:ce:6c:15:92:
2c:6d:26:38:10:8e:55:71:70:b7:23:87:5b:ba:59:69:13:83:
a1:ed:0c:39:d1:7a:55:20:e2:89:5b:f9:cb:09:72:41:7b:28:
6d:37:6c:e1:40:92:b4:bb:2c:d3:e1:13:da:71:58:8d:c8:73:
89:d0:d9:cd:e4:38:56:d9:be:ba:72:9a:b6:13:a1:c2:ac:4e:
35:db:fc:20:71:e1:21:cf:0b:b6:22:1c:51:e4:19:5a:cf:98:
e6:7f:3f:39
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUCP95Cf1xVU/g7T4/y0B6vc/P6+AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzExMTAxNjIyNTlaFw0yNDExMDgxNjI3NTlaMDMxMTAvBgNV
BAMTKDUzQ0FGRTU3MzU3NTkyMDk5MTJGQTcyQTYzMjA2QThENEQzNEY3MUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC63RfKkSHXDYTirrOZsZrVMUlV
AsA3oxxaDHS8Ie1wVnq/KXozVk/gYPMxU8XQJgG2mI4lwNfvI369dG9muHPh5lvt
1D4BoPsljXWknSoQ6DD8GMb3CG4vD+s2PvwQ+HRqIE8vJvkPQB7N1Rqivun1WNHa
TGQLQetRK6swFed3SpESw17vqBS8UDD19ac2Is9J2PSd3VqkTy57Hax8v0IX6qf6
xUMW9CDsjWMR3f8jloyYXkudZulTgM5/MLgoJy3H+Gg88sMXGEPsv0pzNqdzbi68
SQE+e/O4vp9sBECRqVbw28nAJALgk4cXtgV1z2dC239bAdJ+pKlCGnsINssZAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUU8r+VzV1kgmRL6cqYyBqjU009x4wHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNDg2Nzgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAGNC64D
BAKNC9gwDQYJKoZIhvcNAQELBQADggEBAMdqDAVO4y73Gl7YeDNtge4cGY/HABSH
AdimNDnlBa4gRFDKCmwxFcdeKT5EV/RLit34WgOFk5seNDiJ5URF4tiheDZ2/EZ1
vbqwUMXjePqZy/Il8mhz5cLa0EoCDvRt/DVnETE5fthuXbI9P/gAtgdEVv5mT8DT
xuxGv8dQWnJaClEF9V5BswY2E1J7GziiCS8zclN/OZNucKYJKA2yzmwVkixtJjgQ
jlVxcLcjh1u6WWkTg6HtDDnRelUg4olb+csJckF7KG03bOFAkrS7LNPhE9pxWI3I
c4nQ2c3kOFbZvrpymrYTocKsTjXb/CBx4SHPC7YiHFHkGVrPmOZ/Pzk=
-----END CERTIFICATE-----
Generated at Sun May 5 14:38:07 2024 by rpki-client on console-ams.rpki-client.org