Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS9087.roa
File: AS9087.roa (raw, json)
Hash identifier: vHLLRlhDMi2z1plplcT1qGm+cfxMtdTsYxXHcjnaTBg=
Subject key identifier: DF:6E:1C:8F:BF:C9:41:E4:1C:7D:2A:0A:49:52:0E:5F:01:44:5F:03
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 2212C8BA8BFBC0757A7A6715D66D9D33E3923053
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS9087.roa
Signing time: Sat 16 Dec 2023 10:42:48 +0000
ROA not before: Sat 16 Dec 2023 10:37:48 +0000
ROA not after: Sat 14 Dec 2024 10:42:48 +0000
asID: 9087
IP address blocks: 141.11.170.0/23 maxlen: 23
141.11.224.0/23 maxlen: 24
141.11.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:12:c8:ba:8b:fb:c0:75:7a:7a:67:15:d6:6d:9d:33:e3:92:30:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Dec 16 10:37:48 2023 GMT
Not After : Dec 14 10:42:48 2024 GMT
Subject: CN=DF6E1C8FBFC941E41C7D2A0A49520E5F01445F03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c9:3a:1d:90:4d:d2:2c:01:ca:b6:00:2d:1d:
a0:61:87:92:f7:0c:2d:fb:4e:62:ed:b3:fc:6f:f3:
22:02:00:b3:a8:a2:9a:45:1f:62:54:e3:df:a9:fd:
b8:95:e5:ac:94:11:d1:6b:c8:62:fa:df:be:52:2b:
d0:e1:97:d8:89:d9:62:a5:66:21:53:04:21:f5:04:
84:f7:3e:05:7f:05:a2:84:89:17:c7:55:ca:98:12:
92:28:ea:e3:79:e9:dd:1d:fb:33:7d:14:fe:c1:23:
4c:8c:6f:62:29:90:8c:98:d0:a0:2c:44:5a:5d:6b:
e5:5d:b7:fd:e8:05:b4:b1:bc:a8:77:ed:87:09:0e:
5b:94:c1:70:7d:9a:28:bd:35:cc:68:7e:66:22:10:
5d:6b:d0:d6:f6:f9:8a:09:5e:28:ab:b7:26:63:b6:
e8:33:3d:4e:98:64:42:27:af:30:05:22:42:0d:5a:
62:09:a8:5d:e3:bc:7a:c6:12:b9:62:ed:84:32:7e:
d8:a7:8e:7b:5c:f7:a5:17:35:30:78:7a:b5:54:d4:
7b:ef:8f:fb:db:4b:45:59:a9:8a:d2:69:c8:29:05:
79:f7:35:c5:1a:2c:b0:d6:43:36:66:d6:a9:d3:15:
a3:2a:ed:5b:bc:10:d9:bb:b2:b5:f4:09:61:3e:f7:
81:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:6E:1C:8F:BF:C9:41:E4:1C:7D:2A:0A:49:52:0E:5F:01:44:5F:03
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS9087.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.170.0/23
141.11.224.0/23
141.11.249.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:54:b3:b9:06:ed:88:4f:c8:0b:c7:b3:15:71:65:04:c6:af:
e7:67:ef:dc:5f:42:c6:c2:a2:13:3d:f9:3a:71:f8:ad:2d:80:
01:89:21:ad:48:f9:97:7e:de:8b:28:5a:cf:6e:e3:c5:cf:54:
40:b6:6f:33:1f:98:22:59:51:8f:08:65:97:c1:bc:2c:44:3d:
17:b6:f5:94:24:2a:19:2d:e2:0a:1d:c5:47:74:23:74:6a:73:
a2:94:a1:c2:a1:40:2d:e3:a3:6c:5f:fe:08:e3:8d:72:7c:c0:
26:4e:e1:92:08:a2:1d:17:21:07:a2:5a:73:6d:d4:11:3a:fb:
60:d7:5e:04:1d:b4:b2:5a:b7:2e:63:6b:b2:e5:ea:c6:f3:c3:
87:1b:10:b3:82:8f:88:55:bf:5d:7a:25:95:71:0f:70:db:0e:
f2:78:21:99:f9:d2:b2:58:b2:f0:91:15:76:f1:31:fd:6c:58:
56:75:ed:b5:39:ab:d1:44:7f:35:84:b2:d0:88:de:00:8f:b2:
3c:f2:7b:f4:b0:7a:d3:bc:20:b0:61:58:03:26:e0:53:5b:41:
6f:5a:6c:60:78:ac:97:03:62:f3:5b:84:d4:bd:b0:ac:d3:3f:
93:40:0a:bb:4a:a5:53:43:90:b5:bb:71:07:b2:39:30:fc:ee:
d5:01:a2:50
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIUIhLIuov7wHV6emcV1m2dM+OSMFMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzEyMTYxMDM3NDhaFw0yNDEyMTQxMDQyNDhaMDMxMTAvBgNV
BAMTKERGNkUxQzhGQkZDOTQxRTQxQzdEMkEwQTQ5NTIwRTVGMDE0NDVGMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiyTodkE3SLAHKtgAtHaBhh5L3
DC37TmLts/xv8yICALOooppFH2JU49+p/biV5ayUEdFryGL6375SK9Dhl9iJ2WKl
ZiFTBCH1BIT3PgV/BaKEiRfHVcqYEpIo6uN56d0d+zN9FP7BI0yMb2IpkIyY0KAs
RFpda+Vdt/3oBbSxvKh37YcJDluUwXB9mii9NcxofmYiEF1r0Nb2+YoJXiirtyZj
tugzPU6YZEInrzAFIkINWmIJqF3jvHrGErli7YQyftinjntc96UXNTB4erVU1Hvv
j/vbS0VZqYrSacgpBXn3NcUaLLDWQzZm1qnTFaMq7Vu8ENm7srX0CWE+94GzAgMB
AAGjggIUMIICEDAdBgNVHQ4EFgQU324cj7/JQeQcfSoKSVIOXwFEXwMwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTOTA4Ny5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAY0LqgME
AY0L4AMEAI0L+TANBgkqhkiG9w0BAQsFAAOCAQEALFSzuQbtiE/IC8ezFXFlBMav
52fv3F9CxsKiEz35OnH4rS2AAYkhrUj5l37eiyhaz27jxc9UQLZvMx+YIllRjwhl
l8G8LEQ9F7b1lCQqGS3iCh3FR3QjdGpzopShwqFALeOjbF/+COONcnzAJk7hkgii
HRchB6Jac23UETr7YNdeBB20slq3LmNrsuXqxvPDhxsQs4KPiFW/XXollXEPcNsO
8nghmfnSsliy8JEVdvEx/WxYVnXttTmr0UR/NYSy0IjeAI+yPPJ79LB607wgsGFY
AybgU1tBb1psYHislwNi81uE1L2wrNM/k0AKu0qlU0OQtbtxB7I5MPzu1QGiUA==
-----END CERTIFICATE-----
Generated at Sun May 5 15:51:35 2024 by rpki-client on console-fra.rpki-client.org