Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: pbynGmn4vZG9EFhFiPm4D9ZWjlpApAMGcXEGLUgAa9Q=
Subject key identifier: 53:04:82:40:D6:93:CF:96:48:5F:76:7C:73:85:FF:5C:D4:33:D1:07
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 52BB1EAAF4517728B8D79255CE12EFCDD945AF53
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
Signing time: Thu 02 May 2024 00:02:18 +0000
ROA not before: Wed 01 May 2024 23:57:18 +0000
ROA not after: Thu 01 May 2025 00:02:18 +0000
asID: 834
IP address blocks: 141.11.46.0/23 maxlen: 24
141.11.130.0/23 maxlen: 24
141.11.204.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:bb:1e:aa:f4:51:77:28:b8:d7:92:55:ce:12:ef:cd:d9:45:af:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: May 1 23:57:18 2024 GMT
Not After : May 1 00:02:18 2025 GMT
Subject: CN=53048240D693CF96485F767C7385FF5CD433D107
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:22:48:b0:85:94:7e:9c:52:57:bc:4a:9b:90:
ae:74:ca:35:61:a3:8c:78:5d:60:28:cb:de:f0:c9:
88:89:a4:1b:a2:79:7e:0d:4d:70:f4:54:ff:bf:d7:
a5:4f:99:47:65:2e:7d:37:28:0b:0a:7c:60:39:51:
f6:05:3d:c6:0b:d9:9a:28:da:b0:18:43:f6:aa:4c:
b1:84:f2:07:d6:5d:86:0b:9f:c3:fa:77:c6:8b:cc:
de:91:a9:76:31:6b:29:f2:9d:75:48:35:80:66:f2:
d9:5e:dd:47:08:73:af:7e:20:aa:41:40:0e:70:0b:
15:1a:1b:56:6f:47:75:ad:7a:07:14:a6:ad:07:c4:
67:23:de:b8:c7:34:97:cd:36:f8:c0:d1:f1:4b:5b:
08:f9:63:3a:66:1e:60:87:cb:d8:cc:49:f1:ea:6e:
6d:99:97:98:6b:38:8a:6d:33:b8:15:ab:73:3e:7d:
51:b5:08:c1:cd:e8:c4:40:aa:29:58:8a:a6:78:ee:
2a:4f:bd:be:7a:45:02:c4:dc:84:ab:e5:b5:e9:4a:
2a:9e:a7:f9:06:a7:d8:0b:f4:59:08:b8:ab:de:d2:
dd:c2:3f:57:57:4e:9a:58:b2:9a:ed:ad:e7:7d:90:
4f:db:5e:d3:aa:eb:eb:e4:1f:e9:b9:b0:9b:02:cf:
c7:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:04:82:40:D6:93:CF:96:48:5F:76:7C:73:85:FF:5C:D4:33:D1:07
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.46.0/23
141.11.130.0/23
141.11.204.0/23
Signature Algorithm: sha256WithRSAEncryption
36:31:57:5a:8a:51:d3:ec:ca:6b:03:da:b8:37:31:0f:d4:95:
d2:5a:ec:3c:d6:a4:73:80:76:be:6a:4e:47:7a:2d:bc:15:a4:
0c:21:b5:8c:3f:69:e5:c7:a8:58:b6:ea:0d:68:44:4d:21:66:
84:9f:3a:4d:36:d7:bf:79:ec:ec:a5:e2:7a:e9:f0:aa:25:ea:
5e:db:aa:f2:33:dc:ce:86:7c:dd:c3:45:c5:3a:32:43:24:94:
e3:b6:18:4b:3b:17:de:88:c1:34:6c:23:d7:d6:7b:38:56:5d:
c3:e1:6a:86:21:91:00:2b:0d:db:a9:20:18:db:c5:72:d2:6b:
47:84:47:33:8d:6c:cf:50:4b:b3:87:b6:fb:0b:42:f9:3e:30:
06:49:25:92:7b:4c:61:38:d1:99:fd:b3:f0:eb:9a:fe:c5:55:
24:22:36:3d:2d:a9:e5:4a:7f:99:60:5a:70:ae:ae:15:0f:d6:
ac:33:97:1e:1b:87:58:5b:7d:3e:a5:e4:13:e2:b8:b7:a9:d2:
68:e4:4d:cb:eb:2f:37:26:56:41:61:c3:6e:f9:77:b2:39:b9:
e4:a1:ef:c0:35:51:e8:ac:7b:e7:fa:67:04:76:46:26:bf:25:
56:23:13:2e:72:9e:e8:a6:7f:56:4d:bd:db:74:0a:75:79:5a:
d8:33:0d:a0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIUUrseqvRRdyi415JVzhLvzdlFr1MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDA1MDEyMzU3MThaFw0yNTA1MDEwMDAyMThaMDMxMTAvBgNV
BAMTKDUzMDQ4MjQwRDY5M0NGOTY0ODVGNzY3QzczODVGRjVDRDQzM0QxMDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJIkiwhZR+nFJXvEqbkK50yjVh
o4x4XWAoy97wyYiJpBuieX4NTXD0VP+/16VPmUdlLn03KAsKfGA5UfYFPcYL2Zoo
2rAYQ/aqTLGE8gfWXYYLn8P6d8aLzN6RqXYxaynynXVINYBm8tle3UcIc69+IKpB
QA5wCxUaG1ZvR3WtegcUpq0HxGcj3rjHNJfNNvjA0fFLWwj5YzpmHmCHy9jMSfHq
bm2Zl5hrOIptM7gVq3M+fVG1CMHN6MRAqilYiqZ47ipPvb56RQLE3ISr5bXpSiqe
p/kGp9gL9FkIuKve0t3CP1dXTppYsprtred9kE/bXtOq6+vkH+m5sJsCz8dXAgMB
AAGjggITMIICDzAdBgNVHQ4EFgQUUwSCQNaTz5ZIX3Z8c4X/XNQz0QcwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBjQsuAwQB
jQuCAwQBjQvMMA0GCSqGSIb3DQEBCwUAA4IBAQA2MVdailHT7MprA9q4NzEP1JXS
Wuw81qRzgHa+ak5Hei28FaQMIbWMP2nlx6hYtuoNaERNIWaEnzpNNte/eezspeJ6
6fCqJepe26ryM9zOhnzdw0XFOjJDJJTjthhLOxfeiME0bCPX1ns4Vl3D4WqGIZEA
Kw3bqSAY28Vy0mtHhEczjWzPUEuzh7b7C0L5PjAGSSWSe0xhONGZ/bPw65r+xVUk
IjY9LanlSn+ZYFpwrq4VD9asM5ceG4dYW30+peQT4ri3qdJo5E3L6y83JlZBYcNu
+XeyObnkoe/ANVHorHvn+mcEdkYmvyVWIxMucp7opn9WTb3bdAp1eVrYMw2g
-----END CERTIFICATE-----
Generated at Thu May 2 03:21:43 2024 by rpki-client on console-fra.rpki-client.org