Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS48925.roa
File: AS48925.roa (raw, json)
Hash identifier: kUOOyO67WVGc6yb3ztDzLEise3m1k8WFRSzbqfdRw/Y=
Subject key identifier: A5:60:03:AD:E1:1F:61:57:3D:C7:5D:76:5C:C9:DA:90:24:DB:D4:99
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 60AFA098188C4073A9D99F7128D34A24D7AF2A81
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS48925.roa
Signing time: Sat 05 Oct 2024 22:40:50 +0000
ROA not before: Sat 05 Oct 2024 22:35:50 +0000
ROA not after: Sat 04 Oct 2025 22:40:50 +0000
asID: 48925
IP address blocks: 141.11.59.0/24 maxlen: 24
141.11.104.0/24 maxlen: 24
141.11.196.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:af:a0:98:18:8c:40:73:a9:d9:9f:71:28:d3:4a:24:d7:af:2a:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Oct 5 22:35:50 2024 GMT
Not After : Oct 4 22:40:50 2025 GMT
Subject: CN=A56003ADE11F61573DC75D765CC9DA9024DBD499
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:92:91:32:cc:44:c8:93:81:5f:dd:0a:62:e2:
5d:24:59:7f:4a:aa:6b:f1:08:44:85:ac:49:34:d9:
1e:26:03:c7:b0:36:22:a7:39:9b:ae:b7:38:39:0f:
00:74:79:ba:23:0a:e6:1c:10:47:a1:01:2a:0d:f0:
74:68:14:25:54:db:e6:e8:67:07:4d:cf:af:34:78:
c5:b6:69:c2:da:fe:a6:8b:9a:7e:fd:fa:c9:3a:22:
d5:a3:13:74:83:32:d2:0a:11:8e:b2:16:c1:d2:fe:
49:74:07:36:55:0a:b8:89:f2:90:3b:5f:23:8b:21:
0e:aa:91:b3:a2:36:66:01:52:0e:d2:1e:88:27:47:
c0:4e:21:90:b0:2a:3e:a3:5f:d5:c3:76:db:51:00:
61:a8:8c:76:b1:5e:66:05:d6:c8:0a:af:cd:2d:52:
7c:ac:16:b7:b8:7c:3b:95:cc:03:9f:6f:07:e5:69:
33:ae:10:17:3a:fa:fe:34:8c:51:d2:7a:34:ed:14:
58:16:85:d5:18:13:95:6e:19:ab:6a:27:07:fd:ee:
f8:66:42:0d:cc:41:da:22:5b:b7:3d:80:72:b9:d1:
f5:9f:29:e1:89:6b:5d:0f:57:c2:41:ab:93:88:d0:
6b:1b:e2:fa:55:3e:a7:df:c7:91:e0:d7:8f:2a:7e:
4e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:60:03:AD:E1:1F:61:57:3D:C7:5D:76:5C:C9:DA:90:24:DB:D4:99
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS48925.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.59.0/24
141.11.104.0/24
141.11.196.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:0a:e4:f0:39:3c:cc:d9:fd:c4:0c:19:2f:0b:51:3a:0b:92:
32:f9:ca:91:5d:16:25:70:44:de:27:68:65:85:e7:12:24:39:
22:c0:d5:1a:32:3e:8e:ed:c5:a9:dc:2a:6b:cb:b6:63:ff:aa:
cd:96:10:b2:43:32:df:e1:ea:90:0a:11:a0:4f:1a:6a:d7:a5:
55:66:b6:d2:37:92:c8:d7:7f:00:7d:14:eb:d8:8c:6a:a0:3e:
2c:66:02:56:15:04:93:63:82:eb:ea:eb:5c:d0:de:71:2a:4e:
2e:af:b8:7a:9b:3a:b2:70:8f:ea:b8:d5:15:7c:07:b3:3b:75:
88:42:8d:07:d3:51:7e:84:ea:18:3f:03:e8:56:0c:4a:8e:ea:
86:04:28:95:b9:d2:cc:a4:23:d7:60:bd:21:12:b4:46:19:a9:
fe:fc:95:3c:44:fc:aa:b0:f0:94:83:dc:cd:02:1f:80:b2:05:
e5:ba:ad:c8:c7:7d:f5:36:e0:51:a1:3a:a4:f3:e5:d8:53:a3:
4f:38:43:e1:d6:01:f0:f4:bc:31:7c:d0:4f:65:92:f7:17:81:
03:61:20:07:9a:19:f6:85:0c:8a:fb:16:49:12:96:29:ba:58:
58:1b:30:1e:dc:6b:68:04:2e:ca:ce:aa:a7:2e:63:0c:20:44:
c4:fd:e2:ed
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUYK+gmBiMQHOp2Z9xKNNKJNevKoEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDEwMDUyMjM1NTBaFw0yNTEwMDQyMjQwNTBaMDMxMTAvBgNV
BAMTKEE1NjAwM0FERTExRjYxNTczREM3NUQ3NjVDQzlEQTkwMjREQkQ0OTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClkpEyzETIk4Ff3Qpi4l0kWX9K
qmvxCESFrEk02R4mA8ewNiKnOZuutzg5DwB0ebojCuYcEEehASoN8HRoFCVU2+bo
ZwdNz680eMW2acLa/qaLmn79+sk6ItWjE3SDMtIKEY6yFsHS/kl0BzZVCriJ8pA7
XyOLIQ6qkbOiNmYBUg7SHognR8BOIZCwKj6jX9XDdttRAGGojHaxXmYF1sgKr80t
UnysFre4fDuVzAOfbwflaTOuEBc6+v40jFHSejTtFFgWhdUYE5VuGatqJwf97vhm
Qg3MQdoiW7c9gHK50fWfKeGJa10PV8JBq5OI0Gsb4vpVPqffx5Hg148qfk7TAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUpWADreEfYVc9x112XMnakCTb1JkwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNDg5MjUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBACNCzsD
BACNC2gDBAKNC8QwDQYJKoZIhvcNAQELBQADggEBALQK5PA5PMzZ/cQMGS8LUToL
kjL5ypFdFiVwRN4naGWF5xIkOSLA1RoyPo7txancKmvLtmP/qs2WELJDMt/h6pAK
EaBPGmrXpVVmttI3ksjXfwB9FOvYjGqgPixmAlYVBJNjguvq61zQ3nEqTi6vuHqb
OrJwj+q41RV8B7M7dYhCjQfTUX6E6hg/A+hWDEqO6oYEKJW50sykI9dgvSEStEYZ
qf78lTxE/Kqw8JSD3M0CH4CyBeW6rcjHffU24FGhOqTz5dhTo084Q+HWAfD0vDF8
0E9lkvcXgQNhIAeaGfaFDIr7FkkSlim6WFgbMB7ca2gELsrOqqcuYwwgRMT94u0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:59:16 2024 by rpki-client on console-ams.rpki-client.org