Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: hhG3wIJyeABpsD1Vxj2jboSu08zVFs7hcbc+5+605aA=
Subject key identifier: B8:2C:9A:B3:D1:6E:14:61:B6:5C:B6:72:B7:B1:A1:2F:8A:C0:35:87
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 2C77A9EDD1CBE5DF9D762C5FB717D969CCF4639F
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
Signing time: Sat 15 Feb 2025 00:02:15 +0000
ROA not before: Fri 14 Feb 2025 23:57:15 +0000
ROA not after: Sat 14 Feb 2026 00:02:15 +0000
asID: 834
IP address blocks: 141.11.39.0/24 maxlen: 24
141.11.97.0/24 maxlen: 24
141.11.108.0/24 maxlen: 24
141.11.120.0/24 maxlen: 24
141.11.138.0/23 maxlen: 24
141.11.154.0/23 maxlen: 24
141.11.236.0/23 maxlen: 24
194.60.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:77:a9:ed:d1:cb:e5:df:9d:76:2c:5f:b7:17:d9:69:cc:f4:63:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Feb 14 23:57:15 2025 GMT
Not After : Feb 14 00:02:15 2026 GMT
Subject: CN=B82C9AB3D16E1461B65CB672B7B1A12F8AC03587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:29:ed:9e:db:84:c7:69:4d:04:43:ad:e5:f3:
35:f9:0c:d0:49:ae:62:02:65:33:e2:fe:74:94:e6:
10:06:59:a3:e7:1c:98:3a:1f:8f:0c:d4:c9:23:47:
bb:b7:61:bc:da:51:2b:aa:be:f4:46:e1:9d:ac:c5:
08:8f:44:bc:96:08:77:4c:79:66:a5:e1:2f:5a:95:
ac:87:6d:a4:e6:a6:99:26:6e:1f:f1:44:c1:30:59:
75:b9:37:20:37:c9:da:a5:03:da:47:24:b1:72:7b:
f4:11:9a:54:c9:3b:48:19:12:ce:64:cc:9d:59:96:
98:b9:3f:85:9b:b0:d6:c1:28:a2:3b:d4:c7:e4:ac:
d8:01:84:d2:9e:f6:19:56:94:4d:bf:70:b3:e5:1c:
20:81:9d:8b:64:59:3f:ac:22:91:c6:6a:b6:23:28:
ed:98:fb:79:f9:00:e6:42:a8:64:8e:18:6f:47:ef:
09:12:be:79:29:23:67:1a:a8:0f:e2:02:af:53:f8:
69:61:c8:ee:45:4b:ce:71:5f:4c:fd:45:60:ee:b7:
1b:74:a1:61:bc:c3:e1:d7:f2:2d:dc:c5:e4:e8:b4:
47:49:f5:fd:db:98:80:22:36:f3:79:ee:a8:ca:66:
32:00:29:bf:78:c4:e2:2d:73:21:d5:38:39:86:1c:
bd:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:2C:9A:B3:D1:6E:14:61:B6:5C:B6:72:B7:B1:A1:2F:8A:C0:35:87
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.39.0/24
141.11.97.0/24
141.11.108.0/24
141.11.120.0/24
141.11.138.0/23
141.11.154.0/23
141.11.236.0/23
194.60.88.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:1f:49:0f:ca:dc:7d:cb:44:65:22:9d:6d:5d:56:03:5a:81:
dc:32:d9:a2:4b:e1:39:97:c1:20:7c:08:11:d6:b5:95:c9:b7:
49:2c:dd:59:f4:3d:83:3b:28:71:a1:27:c9:60:42:8a:68:be:
2e:80:7b:39:19:70:ce:d3:01:6a:ed:c7:2b:db:f9:1b:f0:0a:
8f:21:a1:5e:d6:1e:ab:24:a5:8c:80:48:b2:75:74:21:44:1a:
98:29:02:d8:33:b4:1c:e0:72:5a:98:27:61:2e:ce:75:a0:37:
10:be:59:ee:7b:1d:34:d8:57:81:9f:31:ae:fc:d7:d2:4e:17:
76:2d:a3:96:de:27:e2:d8:8d:fd:25:5f:20:67:fd:de:61:ca:
23:44:07:f0:59:e4:3f:87:70:a0:27:ed:1a:57:87:e8:e8:c3:
8f:26:39:87:8e:c5:d9:bc:28:75:e8:a3:fb:4d:43:6d:f7:47:
82:b6:07:b5:4a:ba:19:f2:79:4a:0d:d2:ec:76:0b:55:46:ad:
dc:e3:3d:04:23:3b:22:15:a9:67:0f:c3:c9:9e:96:a6:61:21:
4c:92:ee:ce:55:32:27:25:71:e6:a5:98:6c:3c:5d:16:18:03:
5e:df:f8:ac:94:87:c4:29:37:e9:c6:96:a4:4e:1c:5e:4d:aa:
55:c3:ab:7b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIULHep7dHL5d+ddixftxfZacz0Y58wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTAyMTQyMzU3MTVaFw0yNjAyMTQwMDAyMTVaMDMxMTAvBgNV
BAMTKEI4MkM5QUIzRDE2RTE0NjFCNjVDQjY3MkI3QjFBMTJGOEFDMDM1ODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoKe2e24THaU0EQ63l8zX5DNBJ
rmICZTPi/nSU5hAGWaPnHJg6H48M1MkjR7u3YbzaUSuqvvRG4Z2sxQiPRLyWCHdM
eWal4S9alayHbaTmppkmbh/xRMEwWXW5NyA3ydqlA9pHJLFye/QRmlTJO0gZEs5k
zJ1Zlpi5P4WbsNbBKKI71MfkrNgBhNKe9hlWlE2/cLPlHCCBnYtkWT+sIpHGarYj
KO2Y+3n5AOZCqGSOGG9H7wkSvnkpI2caqA/iAq9T+GlhyO5FS85xX0z9RWDutxt0
oWG8w+HX8i3cxeTotEdJ9f3bmIAiNvN57qjKZjIAKb94xOItcyHVODmGHL0RAgMB
AAGjggIxMIICLTAdBgNVHQ4EFgQUuCyas9FuFGG2XLZyt7GhL4rANYcwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAjQsnAwQA
jQthAwQAjQtsAwQAjQt4AwQBjQuKAwQBjQuaAwQBjQvsAwQAwjxYMA0GCSqGSIb3
DQEBCwUAA4IBAQCcH0kPytx9y0RlIp1tXVYDWoHcMtmiS+E5l8EgfAgR1rWVybdJ
LN1Z9D2DOyhxoSfJYEKKaL4ugHs5GXDO0wFq7ccr2/kb8AqPIaFe1h6rJKWMgEiy
dXQhRBqYKQLYM7Qc4HJamCdhLs51oDcQvlnuex002FeBnzGu/NfSThd2LaOW3ifi
2I39JV8gZ/3eYcojRAfwWeQ/h3CgJ+0aV4fo6MOPJjmHjsXZvCh16KP7TUNt90eC
tge1SroZ8nlKDdLsdgtVRq3c4z0EIzsiFalnD8PJnpamYSFMku7OVTInJXHmpZhs
PF0WGANe3/islIfEKTfpxpakThxeTapVw6t7
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:42:21 2025 by rpki-client