Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS142594.roa
File: AS142594.roa (raw, json)
Hash identifier: Hli776HrcyARFVeVBz4x/U6AqbVdpKI7hEtI8yFCpFY=
Subject key identifier: 30:6B:28:45:53:BD:0A:F0:E4:6D:11:E0:9F:D0:F6:77:25:FF:47:B8
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 5C136589AD6F48DBCACDA8FDF50B6729FB37988D
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS142594.roa
Signing time: Sun 06 Apr 2025 12:54:00 +0000
ROA not before: Sun 06 Apr 2025 12:49:00 +0000
ROA not after: Sun 05 Apr 2026 12:54:00 +0000
asID: 142594
IP address blocks: 141.11.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:13:65:89:ad:6f:48:db:ca:cd:a8:fd:f5:0b:67:29:fb:37:98:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Apr 6 12:49:00 2025 GMT
Not After : Apr 5 12:54:00 2026 GMT
Subject: CN=306B284553BD0AF0E46D11E09FD0F67725FF47B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:4e:35:4f:0e:87:d9:2e:3f:c2:7a:e4:3f:e8:
cd:54:43:df:56:49:b9:b4:f4:91:cd:22:c0:38:fb:
11:fb:c6:69:08:41:37:88:d6:48:9b:ca:83:28:d8:
58:da:09:dd:f2:4d:38:98:5d:fc:21:a7:91:88:c3:
65:ea:cc:79:66:70:87:6e:0c:5d:f4:72:f4:43:08:
ea:8b:d4:55:f7:c9:62:0c:e9:8c:76:f2:d0:eb:70:
7a:ec:6b:3f:22:03:fb:ea:43:df:4d:7a:53:1b:40:
51:95:47:bc:ea:21:fb:6d:ac:fa:67:92:02:25:d1:
11:84:34:9d:8e:24:33:fa:a6:e7:12:96:96:a4:b1:
c9:33:3a:9d:62:22:19:7c:21:b3:e9:d9:93:32:5b:
18:53:c2:a2:98:7b:25:ac:cf:b8:71:75:30:da:4f:
c5:ac:0f:ae:0f:e4:0a:ac:58:c1:b1:ed:75:61:08:
88:ea:1d:fd:cd:e0:42:09:45:94:5a:ae:83:fa:77:
5d:23:02:8c:64:99:72:57:a6:99:5b:d8:f5:46:c3:
5e:58:10:c4:f8:ec:6f:d0:97:b3:bf:fe:a5:6a:c8:
49:ec:05:66:2a:9e:83:f9:0a:ad:9f:92:4a:00:9d:
7c:46:a2:3a:98:cb:c3:b5:55:b5:d0:b1:17:39:40:
b0:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:6B:28:45:53:BD:0A:F0:E4:6D:11:E0:9F:D0:F6:77:25:FF:47:B8
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS142594.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.46.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:6c:4c:ad:34:fc:86:91:64:c6:25:e2:39:e1:ce:7d:3a:96:
fe:80:d6:0b:82:49:b1:c5:22:fe:df:66:39:2e:97:fc:73:60:
e0:be:96:bc:f9:0b:d4:43:c6:35:eb:82:2d:98:b6:1e:6c:41:
83:39:c6:af:6e:3f:9a:28:c4:fb:7d:03:dd:79:2e:25:7a:09:
8b:18:ca:a0:4f:a3:94:7d:3f:e5:bb:62:ab:d9:c9:07:05:bc:
ab:dc:44:9e:38:58:2b:e4:be:b3:80:82:e7:16:2f:42:8b:5d:
ab:8f:16:09:0e:75:94:dd:c3:0e:68:80:0d:95:d1:1a:6b:f2:
5d:ec:65:8c:de:bb:e3:94:8a:e1:7d:ed:8f:89:9d:c5:8f:95:
4b:7b:f9:17:7b:39:e0:91:71:f4:ad:b2:29:51:c8:2c:87:9c:
aa:37:35:6d:f4:9a:eb:6e:e1:d5:5d:73:3a:db:7c:4a:6a:c5:
d8:a5:4c:25:59:77:a8:c9:8c:64:7f:7d:b6:ce:ed:01:40:d4:
e7:70:a1:13:ff:da:72:26:db:e6:70:7a:65:dd:b8:b2:d7:a0:
b5:22:ef:4c:38:de:7d:da:fe:33:2e:e7:98:2b:2b:44:a0:c0:
f7:1e:46:ba:e5:27:f2:99:bd:0a:fc:f1:ef:01:36:fe:12:7b:
a7:3e:36:59
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUXBNlia1vSNvKzaj99QtnKfs3mI0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTA0MDYxMjQ5MDBaFw0yNjA0MDUxMjU0MDBaMDMxMTAvBgNV
BAMTKDMwNkIyODQ1NTNCRDBBRjBFNDZEMTFFMDlGRDBGNjc3MjVGRjQ3QjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPTjVPDofZLj/CeuQ/6M1UQ99W
Sbm09JHNIsA4+xH7xmkIQTeI1kibyoMo2FjaCd3yTTiYXfwhp5GIw2XqzHlmcIdu
DF30cvRDCOqL1FX3yWIM6Yx28tDrcHrsaz8iA/vqQ99NelMbQFGVR7zqIfttrPpn
kgIl0RGENJ2OJDP6pucSlpaksckzOp1iIhl8IbPp2ZMyWxhTwqKYeyWsz7hxdTDa
T8WsD64P5AqsWMGx7XVhCIjqHf3N4EIJRZRaroP6d10jAoxkmXJXpplb2PVGw15Y
EMT47G/Ql7O//qVqyEnsBWYqnoP5Cq2fkkoAnXxGojqYy8O1VbXQsRc5QLBPAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUMGsoRVO9CvDkbRHgn9D2dyX/R7gwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMTQyNTk0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjQsu
MA0GCSqGSIb3DQEBCwUAA4IBAQBKbEytNPyGkWTGJeI54c59Opb+gNYLgkmxxSL+
32Y5Lpf8c2Dgvpa8+QvUQ8Y164ItmLYebEGDOcavbj+aKMT7fQPdeS4legmLGMqg
T6OUfT/lu2Kr2ckHBbyr3ESeOFgr5L6zgILnFi9Ci12rjxYJDnWU3cMOaIANldEa
a/Jd7GWM3rvjlIrhfe2PiZ3Fj5VLe/kXezngkXH0rbIpUcgsh5yqNzVt9JrrbuHV
XXM623xKasXYpUwlWXeoyYxkf322zu0BQNTncKET/9pyJtvmcHpl3biy16C1Iu9M
ON592v4zLueYKytEoMD3Hka65Sfymb0K/PHvATb+EnunPjZZ
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:42:05 2025 by rpki-client