Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS212335.roa
File: AS212335.roa (raw, json)
Hash identifier: AJtL23xenjpb4KpvladkIGukN7vVBTJ2DtFKs3dYFXg=
Subject key identifier: 11:A7:F6:32:8D:C1:9E:EA:B0:25:84:AB:17:54:3B:89:0E:6F:B0:01
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 6224C0D57045C60C49954D8ABDFAE7771854CA48
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS212335.roa
Signing time: Mon 07 Apr 2025 07:42:55 +0000
ROA not before: Mon 07 Apr 2025 07:37:55 +0000
ROA not after: Mon 06 Apr 2026 07:42:55 +0000
asID: 212335
IP address blocks: 141.11.97.0/24 maxlen: 24
141.11.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:24:c0:d5:70:45:c6:0c:49:95:4d:8a:bd:fa:e7:77:18:54:ca:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Apr 7 07:37:55 2025 GMT
Not After : Apr 6 07:42:55 2026 GMT
Subject: CN=11A7F6328DC19EEAB02584AB17543B890E6FB001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:de:57:d7:24:18:1a:21:47:4e:4e:bd:e0:11:
25:df:9a:e0:33:05:7e:26:c1:32:6a:89:18:0a:b1:
b5:b4:b4:04:b9:17:41:b1:3e:91:b3:3e:cd:6d:3c:
54:10:8a:76:cc:99:85:d7:1f:8e:52:87:4d:be:47:
12:99:35:e1:85:8f:9d:fd:24:0f:c7:bd:13:20:08:
15:dc:a2:93:2f:4b:ed:c1:54:35:a5:42:22:4d:b0:
81:da:fa:21:15:0e:8e:53:d9:cc:61:22:9b:39:9f:
ce:a8:d2:09:23:c2:d5:2c:38:4b:c2:02:40:15:c0:
7c:4e:75:8d:67:72:e8:fc:82:92:a0:e6:b9:48:f9:
1c:da:bf:bc:fc:5b:08:5e:b3:ac:ad:14:1c:19:01:
3d:67:b5:bd:ff:82:91:2c:fd:2b:3c:6c:75:56:ee:
64:4b:f2:05:85:1e:f9:29:18:e7:4b:6b:0c:59:b3:
d9:ee:90:1d:65:b4:ca:f3:0f:7f:96:94:04:e5:17:
ca:62:fd:ab:cd:41:7a:58:f9:53:96:bd:6e:44:fb:
15:70:bc:6a:88:57:94:ab:90:ee:d9:cf:62:3a:7d:
f5:ac:f0:2e:11:c4:ae:2b:23:14:ed:24:32:42:3a:
86:9c:c1:a6:7c:20:ab:76:15:07:41:aa:d5:fb:b5:
b8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:A7:F6:32:8D:C1:9E:EA:B0:25:84:AB:17:54:3B:89:0E:6F:B0:01
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS212335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.97.0/24
141.11.126.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:8b:0a:11:64:a7:cc:b0:22:89:91:bd:d7:1f:3d:95:2b:d4:
5f:d3:38:59:45:22:ff:00:2b:53:17:30:23:a8:4d:e1:ab:86:
78:ca:ec:3f:46:68:2e:ba:c0:a8:fa:97:56:cf:bb:44:33:73:
ff:ce:8b:f0:8a:60:cb:8d:b9:4b:06:af:3f:5d:11:89:f3:35:
b1:f9:3d:b4:e4:3e:11:e9:40:17:eb:a9:4d:90:05:0d:86:7d:
7b:53:89:6b:65:67:b5:97:98:35:4f:69:80:d4:89:54:8e:d0:
85:71:6c:4f:d5:5e:0e:3e:b1:11:38:81:ae:49:57:67:5f:db:
61:12:0d:13:48:b7:3c:9d:40:3a:82:7c:54:6a:72:14:a6:6c:
48:ee:2c:7a:2a:12:34:e7:c3:1a:2e:d0:ee:30:8c:ae:f9:be:
cd:c1:a4:15:b0:fb:c7:59:68:e9:f4:42:bc:cd:dc:71:0d:6f:
1a:79:5a:a2:1d:24:09:4b:fe:df:2a:09:bb:f2:16:53:d7:95:
d5:19:36:ef:ed:7a:61:92:27:8b:c6:ab:3b:42:0d:15:34:bf:
a1:d9:57:8f:61:dc:00:ac:c5:e4:75:cb:49:d8:ad:ca:e8:15:
80:c6:1b:5e:e6:18:0e:a4:e7:ee:c2:ce:9c:80:bc:8e:b4:1e:
ba:7d:a8:ea
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUYiTA1XBFxgxJlU2KvfrndxhUykgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTA0MDcwNzM3NTVaFw0yNjA0MDYwNzQyNTVaMDMxMTAvBgNV
BAMTKDExQTdGNjMyOERDMTlFRUFCMDI1ODRBQjE3NTQzQjg5MEU2RkIwMDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCh3lfXJBgaIUdOTr3gESXfmuAz
BX4mwTJqiRgKsbW0tAS5F0GxPpGzPs1tPFQQinbMmYXXH45Sh02+RxKZNeGFj539
JA/HvRMgCBXcopMvS+3BVDWlQiJNsIHa+iEVDo5T2cxhIps5n86o0gkjwtUsOEvC
AkAVwHxOdY1ncuj8gpKg5rlI+Rzav7z8Wwhes6ytFBwZAT1ntb3/gpEs/Ss8bHVW
7mRL8gWFHvkpGOdLawxZs9nukB1ltMrzD3+WlATlF8pi/avNQXpY+VOWvW5E+xVw
vGqIV5SrkO7Zz2I6ffWs8C4RxK4rIxTtJDJCOoacwaZ8IKt2FQdBqtX7tbgJAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUEaf2Mo3BnuqwJYSrF1Q7iQ5vsAEwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjEyMzM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjQth
AwQAjQt+MA0GCSqGSIb3DQEBCwUAA4IBAQBeiwoRZKfMsCKJkb3XHz2VK9Rf0zhZ
RSL/ACtTFzAjqE3hq4Z4yuw/RmguusCo+pdWz7tEM3P/zovwimDLjblLBq8/XRGJ
8zWx+T205D4R6UAX66lNkAUNhn17U4lrZWe1l5g1T2mA1IlUjtCFcWxP1V4OPrER
OIGuSVdnX9thEg0TSLc8nUA6gnxUanIUpmxI7ix6KhI058MaLtDuMIyu+b7NwaQV
sPvHWWjp9EK8zdxxDW8aeVqiHSQJS/7fKgm78hZT15XVGTbv7XphkieLxqs7Qg0V
NL+h2VePYdwArMXkdctJ2K3K6BWAxhte5hgOpOfuws6cgLyOtB66fajq
-----END CERTIFICATE-----
Generated at Sun Apr 27 12:15:19 2025 by rpki-client