Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS55720.roa
File: AS55720.roa (raw, json)
Hash identifier: TcRyukAaAIGheDaLXZ2GnyZ5Ej4AuBWNsgvFUfc4Z+Q=
Subject key identifier: 96:5A:65:53:7D:FE:05:84:AB:F4:F6:7F:22:A3:16:B8:72:57:B1:9E
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 67378A250AD4E549BB462B787AFF761FD1985A17
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS55720.roa
Signing time: Thu 10 Aug 2023 05:24:21 +0000
ROA not before: Thu 10 Aug 2023 05:19:21 +0000
ROA not after: Thu 08 Aug 2024 05:24:21 +0000
asID: 55720
IP address blocks: 141.11.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:37:8a:25:0a:d4:e5:49:bb:46:2b:78:7a:ff:76:1f:d1:98:5a:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Aug 10 05:19:21 2023 GMT
Not After : Aug 8 05:24:21 2024 GMT
Subject: CN=965A65537DFE0584ABF4F67F22A316B87257B19E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:73:ea:be:b6:6d:05:18:62:75:74:24:fe:ec:
0e:98:7c:34:d3:93:02:3a:33:7e:a5:fb:79:8e:ea:
e9:41:dd:aa:8e:66:f5:2d:f1:f6:f6:cd:cc:8a:b2:
99:bd:13:a7:32:60:ca:46:a7:be:45:43:eb:c5:34:
fa:d6:99:2c:a3:46:44:79:79:59:c6:b5:77:bf:8b:
e7:cf:0b:fe:99:af:58:2a:83:19:73:d2:fa:b9:5d:
a7:30:04:51:56:70:8c:23:ad:df:22:9d:90:db:64:
68:e7:ce:0e:24:17:41:51:6d:88:a9:69:18:4d:64:
82:c0:d8:88:5b:5e:80:84:0a:5a:4a:0a:ad:ec:96:
6f:a1:32:3b:6f:99:9c:2e:45:d3:66:57:a4:f0:e0:
72:62:61:50:50:bb:63:e3:0b:9c:a5:69:93:c6:20:
1c:9f:83:56:a2:c3:c7:02:74:8b:a4:ea:2f:60:26:
eb:aa:5f:2d:89:0a:d6:ef:fb:f3:51:55:29:e2:28:
df:fc:89:46:11:15:34:f5:36:9f:9f:08:a7:e6:c9:
9a:42:20:ab:d2:d0:47:05:eb:cc:61:ff:90:af:3d:
3b:9a:eb:e3:0d:d6:db:b8:23:02:16:d9:19:85:0e:
ca:70:52:83:f7:c2:7a:6e:7c:5b:c9:b6:e8:0c:ba:
a2:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:5A:65:53:7D:FE:05:84:AB:F4:F6:7F:22:A3:16:B8:72:57:B1:9E
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS55720.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.17.0/24
Signature Algorithm: sha256WithRSAEncryption
33:83:dc:86:dc:00:27:5f:bd:8f:bd:7c:a7:4d:02:f0:4b:8e:
ef:c8:ba:1e:ca:31:78:2c:e9:87:bd:c2:a2:a8:cb:c0:73:3f:
06:cd:bd:20:4e:3d:5f:c8:5d:a5:09:5b:de:45:53:55:82:e8:
68:e4:05:40:e1:74:af:3a:06:72:37:04:a3:e8:5f:02:3a:1d:
fb:7c:2e:1d:eb:00:b9:69:b3:d1:d9:06:36:13:b3:78:d5:ba:
e3:46:e8:0c:70:0e:ef:5a:64:4c:c4:90:01:44:ba:e8:a1:6f:
29:56:81:47:23:f4:61:3d:c1:76:ba:e0:13:51:5f:7a:e4:89:
21:bf:9b:b7:c6:98:03:6b:f6:a8:65:1f:2a:d1:2e:3d:14:5e:
eb:10:04:23:59:65:a2:c5:33:13:5c:2b:ab:66:50:11:e5:06:
a8:f1:c0:58:2f:e3:56:de:c8:9f:35:9b:05:ac:78:12:35:1e:
78:92:bc:e5:79:ed:2f:78:5f:f6:8e:59:07:48:c9:5a:c6:39:
79:99:9c:6e:c1:8d:5d:3e:e0:03:3d:32:66:5a:39:fb:f4:d0:
35:26:da:cb:d1:94:44:f7:ca:29:0a:cf:e0:30:09:dc:39:eb:
53:f5:c4:78:d9:23:5a:5f:e6:50:3a:49:20:4b:82:06:75:fe:
8e:f2:66:18
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUZzeKJQrU5Um7Rit4ev92H9GYWhcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzA4MTAwNTE5MjFaFw0yNDA4MDgwNTI0MjFaMDMxMTAvBgNV
BAMTKDk2NUE2NTUzN0RGRTA1ODRBQkY0RjY3RjIyQTMxNkI4NzI1N0IxOUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqc+q+tm0FGGJ1dCT+7A6YfDTT
kwI6M36l+3mO6ulB3aqOZvUt8fb2zcyKspm9E6cyYMpGp75FQ+vFNPrWmSyjRkR5
eVnGtXe/i+fPC/6Zr1gqgxlz0vq5XacwBFFWcIwjrd8inZDbZGjnzg4kF0FRbYip
aRhNZILA2IhbXoCEClpKCq3slm+hMjtvmZwuRdNmV6Tw4HJiYVBQu2PjC5ylaZPG
IByfg1aiw8cCdIuk6i9gJuuqXy2JCtbv+/NRVSniKN/8iUYRFTT1Np+fCKfmyZpC
IKvS0EcF68xh/5CvPTua6+MN1tu4IwIW2RmFDspwUoP3wnpufFvJtugMuqLLAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUllplU33+BYSr9PZ/IqMWuHJXsZ4wHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNTU3MjAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACNCxEw
DQYJKoZIhvcNAQELBQADggEBADOD3IbcACdfvY+9fKdNAvBLju/Iuh7KMXgs6Ye9
wqKoy8BzPwbNvSBOPV/IXaUJW95FU1WC6GjkBUDhdK86BnI3BKPoXwI6Hft8Lh3r
ALlps9HZBjYTs3jVuuNG6AxwDu9aZEzEkAFEuuihbylWgUcj9GE9wXa64BNRX3rk
iSG/m7fGmANr9qhlHyrRLj0UXusQBCNZZaLFMxNcK6tmUBHlBqjxwFgv41beyJ81
mwWseBI1HniSvOV57S94X/aOWQdIyVrGOXmZnG7BjV0+4AM9MmZaOfv00DUm2svR
lET3yikKz+AwCdw561P1xHjZI1pf5lA6SSBLggZ1/o7yZhg=
-----END CERTIFICATE-----
Generated at Sun May 5 14:38:07 2024 by rpki-client on console-ams.rpki-client.org