Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS43350.roa
File: AS43350.roa (raw, json)
Hash identifier: uwch2xbXXSQvBVT5+BVBU/pQ38e7GX3xZpTCmnSwqfU=
Subject key identifier: 27:6D:F1:99:1D:0D:27:A6:D9:C7:C8:53:38:4A:78:B5:DB:6F:9D:1C
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 1F132B17FA942EC6245E8289AF2324EDA67FDC64
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS43350.roa
Signing time: Wed 16 Apr 2025 13:54:01 +0000
ROA not before: Wed 16 Apr 2025 13:49:01 +0000
ROA not after: Wed 15 Apr 2026 13:54:01 +0000
asID: 43350
IP address blocks: 141.11.1.0/24 maxlen: 24
141.11.21.0/24 maxlen: 24
141.11.37.0/24 maxlen: 24
141.11.45.0/24 maxlen: 24
141.11.103.0/24 maxlen: 24
141.11.107.0/24 maxlen: 24
141.11.123.0/24 maxlen: 24
141.11.182.0/24 maxlen: 24
141.11.184.0/24 maxlen: 24
141.11.187.0/24 maxlen: 24
141.11.246.0/24 maxlen: 24
141.11.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 13:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:13:2b:17:fa:94:2e:c6:24:5e:82:89:af:23:24:ed:a6:7f:dc:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Apr 16 13:49:01 2025 GMT
Not After : Apr 15 13:54:01 2026 GMT
Subject: CN=276DF1991D0D27A6D9C7C853384A78B5DB6F9D1C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7d:a9:fd:42:5b:98:08:2a:56:b3:ec:93:d4:
cb:fd:f7:26:58:a1:50:0d:8a:47:15:9f:7d:78:22:
41:27:91:5a:d2:34:c4:9f:98:90:1c:2b:83:00:f9:
05:2f:5c:9e:20:9f:26:aa:9b:b6:ed:12:89:af:c6:
1e:0e:49:b3:e0:5b:79:60:59:07:05:d9:96:6e:1b:
3f:92:8d:64:b0:10:bc:df:38:f8:07:97:49:6c:05:
5c:db:52:8e:f3:d5:20:b9:08:8a:24:49:23:f1:62:
cf:70:23:db:5a:3d:a1:56:a1:8e:a0:c9:ec:ef:6d:
9b:ac:74:2f:ba:a2:d4:70:81:65:52:ec:32:b3:8c:
8d:89:45:34:02:73:20:9f:29:9e:b4:51:06:6c:de:
99:89:c2:93:d4:a5:3b:8c:f0:7f:f7:f5:a6:00:68:
7c:e9:77:7f:11:1f:c8:7c:0f:8c:dd:61:57:7b:13:
81:55:eb:22:7c:93:21:e8:8f:b8:da:e1:5a:be:83:
cd:ae:61:46:62:ad:34:15:e3:3d:72:a2:ac:2a:0e:
36:a3:2d:a6:d8:85:bb:32:27:c6:7d:0a:42:9c:e6:
6c:16:be:61:16:f7:15:88:d2:8c:93:6f:d2:8c:eb:
3a:41:d1:28:3e:cc:33:ac:e2:d9:84:76:b8:5f:44:
7c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:6D:F1:99:1D:0D:27:A6:D9:C7:C8:53:38:4A:78:B5:DB:6F:9D:1C
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS43350.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.1.0/24
141.11.21.0/24
141.11.37.0/24
141.11.45.0/24
141.11.103.0/24
141.11.107.0/24
141.11.123.0/24
141.11.182.0/24
141.11.184.0/24
141.11.187.0/24
141.11.246.0/24
141.11.250.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:7a:b7:99:18:59:4f:b5:41:14:e4:f4:33:aa:7c:11:8d:8d:
b9:f8:18:19:12:ba:8a:00:f1:27:a7:21:6b:d3:fe:03:de:04:
ba:a6:8e:e2:01:ab:25:45:ec:73:e1:44:f2:c3:40:92:12:e4:
ac:12:1d:ce:1c:fc:9b:66:28:a8:86:36:b9:a1:a0:0d:22:7c:
7b:01:38:f1:79:d0:cf:74:84:c3:31:e2:c5:4c:8c:8c:7e:b7:
d2:4f:6e:e7:e4:17:1b:a8:3c:de:eb:86:99:8a:e7:2e:91:7e:
c1:12:e8:79:92:10:96:d2:8c:b7:42:2f:4e:0e:6b:1d:0b:dd:
b9:9b:80:5f:c5:ba:2e:fb:54:1b:62:c9:51:15:a5:1b:fa:24:
7e:55:14:ac:40:4d:90:03:30:5a:17:7b:01:aa:e9:3f:52:32:
91:f4:fb:2d:e8:56:df:9f:36:a9:76:51:a7:53:20:b8:19:b7:
f8:88:6a:99:61:12:d3:d9:dc:59:7d:67:56:75:0a:89:5c:f8:
43:65:21:eb:71:97:79:58:a1:6d:31:58:45:c6:77:b9:6c:23:
cc:06:e1:61:2a:4b:6f:a8:d8:53:f8:02:0e:58:8d:94:08:d9:
b2:22:f7:9e:0f:d4:58:9b:3d:ee:e8:3e:9b:b4:ee:73:56:a1:
11:e0:06:48
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIUHxMrF/qULsYkXoKJryMk7aZ/3GQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTA0MTYxMzQ5MDFaFw0yNjA0MTUxMzU0MDFaMDMxMTAvBgNV
BAMTKDI3NkRGMTk5MUQwRDI3QTZEOUM3Qzg1MzM4NEE3OEI1REI2RjlEMUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIfan9QluYCCpWs+yT1Mv99yZY
oVANikcVn314IkEnkVrSNMSfmJAcK4MA+QUvXJ4gnyaqm7btEomvxh4OSbPgW3lg
WQcF2ZZuGz+SjWSwELzfOPgHl0lsBVzbUo7z1SC5CIokSSPxYs9wI9taPaFWoY6g
yezvbZusdC+6otRwgWVS7DKzjI2JRTQCcyCfKZ60UQZs3pmJwpPUpTuM8H/39aYA
aHzpd38RH8h8D4zdYVd7E4FV6yJ8kyHoj7ja4Vq+g82uYUZirTQV4z1yoqwqDjaj
LabYhbsyJ8Z9CkKc5mwWvmEW9xWI0oyTb9KM6zpB0Sg+zDOs4tmEdrhfRHz5AgMB
AAGjggJLMIICRzAdBgNVHQ4EFgQUJ23xmR0NJ6bZx8hTOEp4tdtvnRwwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNDMzNTAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwYQYIKwYBBQUHAQcBAf8EUjBQME4EAgABMEgDBACNCwED
BACNCxUDBACNCyUDBACNCy0DBACNC2cDBACNC2sDBACNC3sDBACNC7YDBACNC7gD
BACNC7sDBACNC/YDBACNC/owDQYJKoZIhvcNAQELBQADggEBALl6t5kYWU+1QRTk
9DOqfBGNjbn4GBkSuooA8SenIWvT/gPeBLqmjuIBqyVF7HPhRPLDQJIS5KwSHc4c
/JtmKKiGNrmhoA0ifHsBOPF50M90hMMx4sVMjIx+t9JPbufkFxuoPN7rhpmK5y6R
fsES6HmSEJbSjLdCL04Oax0L3bmbgF/Fui77VBtiyVEVpRv6JH5VFKxATZADMFoX
ewGq6T9SMpH0+y3oVt+fNql2UadTILgZt/iIaplhEtPZ3Fl9Z1Z1Colc+ENlIetx
l3lYoW0xWEXGd7lsI8wG4WEqS2+o2FP4Ag5YjZQI2bIi954P1FibPe7oPpu07nNW
oRHgBkg=
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:51:56 2025 by rpki-client