Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS48925.roa
File: AS48925.roa (raw, json)
Hash identifier: cm9lGmkQS4Na67JFj77TtZSd++6DDD1BOMfUAwW3AT0=
Subject key identifier: E0:B1:A9:02:9C:51:A3:77:A8:A9:5B:62:BF:B0:E2:1A:DF:08:14:47
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 5FC200048CF4C5BF739DDC390215685A2C5683BA
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS48925.roa
Signing time: Wed 31 Jan 2024 11:00:43 +0000
ROA not before: Wed 31 Jan 2024 10:55:43 +0000
ROA not after: Wed 29 Jan 2025 11:00:43 +0000
asID: 48925
IP address blocks: 141.11.196.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:c2:00:04:8c:f4:c5:bf:73:9d:dc:39:02:15:68:5a:2c:56:83:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Jan 31 10:55:43 2024 GMT
Not After : Jan 29 11:00:43 2025 GMT
Subject: CN=E0B1A9029C51A377A8A95B62BFB0E21ADF081447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:71:a8:cf:13:c4:30:de:2c:0c:76:49:3d:73:
02:70:98:9e:db:3d:50:57:67:48:4c:63:88:59:21:
65:86:fd:aa:f9:ab:51:e7:c2:ff:cb:73:fa:61:a2:
df:34:52:b2:ef:61:29:97:57:23:0c:2b:32:36:90:
73:71:73:cd:59:5d:7a:73:cc:bf:ee:17:1a:0a:ef:
eb:1a:0b:72:be:3e:b7:06:31:ca:4e:e4:b1:42:4d:
f2:95:e9:64:68:a0:40:fd:79:bc:79:4a:20:b5:81:
d3:f2:c8:15:3c:91:ce:bb:e0:bd:b7:a0:c3:ee:60:
11:34:51:5b:9d:40:44:aa:9c:35:a4:62:8e:8d:9f:
f4:af:8f:c6:68:00:2b:31:b7:80:66:e1:f8:4a:a9:
df:94:ce:01:dd:dd:46:e6:f6:07:e9:07:a3:3e:b8:
2a:fc:f5:98:f2:e3:6a:20:6e:ed:3d:78:cb:64:ba:
c5:eb:72:8a:4c:12:17:9e:99:49:33:32:72:8b:c3:
e4:74:df:9f:62:f5:b1:b6:33:1a:e2:c8:7c:5d:21:
f5:94:4f:c5:55:3f:e4:07:0f:a1:01:d8:15:1f:9a:
17:b2:a4:f7:0a:f9:bb:8c:d7:06:17:fa:24:57:ab:
3c:41:cf:bb:e7:4a:53:d1:fb:a8:33:40:d4:8a:be:
b3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:B1:A9:02:9C:51:A3:77:A8:A9:5B:62:BF:B0:E2:1A:DF:08:14:47
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS48925.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.196.0/22
Signature Algorithm: sha256WithRSAEncryption
cf:01:e2:b7:dc:ef:ec:42:2d:64:0a:29:f4:48:fc:1a:0f:63:
a3:4f:e0:69:d9:e5:b2:12:3e:2d:81:eb:00:fb:44:4e:6d:76:
c4:25:cf:c2:63:d0:c0:b0:75:88:8b:62:69:ef:a5:b2:c3:d5:
a2:ed:1f:61:9a:c7:2c:ad:bf:87:88:4f:79:b6:69:a1:37:95:
b6:1d:95:37:5b:0e:4d:20:5d:4e:8e:ed:e5:e4:e9:04:27:dc:
cd:c7:09:ad:82:c5:08:ea:f5:34:74:33:95:78:2d:ad:97:56:
69:4b:3f:51:3b:bd:58:8e:0d:d9:6e:e1:94:ad:5d:73:07:0e:
93:5d:2f:26:7e:d6:d2:58:8c:bc:4e:0f:5a:70:0e:6f:3f:0c:
3f:d9:4a:a1:24:99:0d:34:a6:11:1e:a3:fd:7e:f4:8b:11:4e:
a7:0c:bc:64:a3:74:ef:05:5d:be:b9:b3:cf:c0:b5:44:2d:2d:
de:8e:de:43:f9:46:d4:39:b2:58:90:bb:82:5c:e2:3e:6c:55:
ef:a5:92:9f:30:8e:09:b3:b7:83:63:52:83:8b:a9:31:73:f1:
e7:39:19:2c:ab:18:99:8e:39:43:22:73:a7:db:fe:d4:ba:9b:
27:b6:e5:a1:ee:d1:11:6e:bf:a3:33:d2:55:9b:a1:01:d5:90:
e9:6c:a7:e8
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUX8IABIz0xb9zndw5AhVoWixWg7owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDAxMzExMDU1NDNaFw0yNTAxMjkxMTAwNDNaMDMxMTAvBgNV
BAMTKEUwQjFBOTAyOUM1MUEzNzdBOEE5NUI2MkJGQjBFMjFBREYwODE0NDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYcajPE8Qw3iwMdkk9cwJwmJ7b
PVBXZ0hMY4hZIWWG/ar5q1Hnwv/Lc/phot80UrLvYSmXVyMMKzI2kHNxc81ZXXpz
zL/uFxoK7+saC3K+PrcGMcpO5LFCTfKV6WRooED9ebx5SiC1gdPyyBU8kc674L23
oMPuYBE0UVudQESqnDWkYo6Nn/Svj8ZoACsxt4Bm4fhKqd+UzgHd3Ubm9gfpB6M+
uCr89Zjy42ogbu09eMtkusXrcopMEheemUkzMnKLw+R0359i9bG2MxriyHxdIfWU
T8VVP+QHD6EB2BUfmheypPcK+buM1wYX+iRXqzxBz7vnSlPR+6gzQNSKvrNBAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU4LGpApxRo3eoqVtiv7DiGt8IFEcwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNDg5MjUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKNC8Qw
DQYJKoZIhvcNAQELBQADggEBAM8B4rfc7+xCLWQKKfRI/BoPY6NP4GnZ5bISPi2B
6wD7RE5tdsQlz8Jj0MCwdYiLYmnvpbLD1aLtH2Gaxyytv4eIT3m2aaE3lbYdlTdb
Dk0gXU6O7eXk6QQn3M3HCa2CxQjq9TR0M5V4La2XVmlLP1E7vViODdlu4ZStXXMH
DpNdLyZ+1tJYjLxOD1pwDm8/DD/ZSqEkmQ00phEeo/1+9IsRTqcMvGSjdO8FXb65
s8/AtUQtLd6O3kP5RtQ5sliQu4Jc4j5sVe+lkp8wjgmzt4NjUoOLqTFz8ec5GSyr
GJmOOUMic6fb/tS6mye25aHu0RFuv6Mz0lWboQHVkOlsp+g=
-----END CERTIFICATE-----
Generated at Sun May 5 15:51:35 2024 by rpki-client on console-fra.rpki-client.org