Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e20383334.roa
File: 352e3138312e3138352e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: 0liH5nGC6y3fxHnD2NYkl5gEjiPXOfBPcXnP+uhbuRg=
Subject key identifier: 12:11:C2:D3:65:E6:8C:8C:87:AF:42:DC:2F:02:D5:59:D7:DF:BF:39
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 58B780AD802F92AA0A40D10EF3FCA5CB147B1500
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e20383334.roa
Signing time: Tue 09 Apr 2024 10:06:20 +0000
ROA not before: Tue 09 Apr 2024 10:01:20 +0000
ROA not after: Tue 08 Apr 2025 10:06:20 +0000
asID: 834
IP address blocks: 5.181.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 00:45:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:b7:80:ad:80:2f:92:aa:0a:40:d1:0e:f3:fc:a5:cb:14:7b:15:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Apr 9 10:01:20 2024 GMT
Not After : Apr 8 10:06:20 2025 GMT
Subject: CN=1211C2D365E68C8C87AF42DC2F02D559D7DFBF39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:62:81:2e:99:25:39:2e:e6:d7:ac:f2:7f:98:
0b:99:9b:e4:ce:62:28:f6:ab:9f:7b:ce:e7:4e:5f:
54:a5:b2:c7:78:33:5f:b6:c8:8c:ed:4f:c2:32:30:
50:87:5e:fd:72:25:12:f5:c0:3d:a1:31:da:c3:46:
2e:87:09:13:fa:0c:b7:1f:c5:aa:4f:28:52:e4:bc:
bf:27:a8:1c:95:ab:37:ad:74:12:f3:d6:2f:d3:c8:
08:3c:eb:73:69:3d:ed:46:e6:1a:e2:0c:7a:0f:48:
56:56:eb:8f:99:8e:f2:05:af:64:c1:fa:5a:66:27:
0c:1f:65:ad:0e:41:7f:3d:5c:f6:79:cf:3f:cc:b6:
e9:6e:bb:a6:aa:77:05:a5:48:ec:8d:d4:36:1f:02:
71:0f:01:7b:d7:ca:73:5c:5f:76:7a:a8:a6:b3:34:
58:0c:f7:86:01:5f:9d:8e:6c:95:a8:c5:f7:9d:f5:
98:cc:83:d2:a3:4c:d0:5c:cc:ed:12:95:43:91:64:
f4:fd:af:0e:49:9b:a3:ff:81:41:38:68:4a:b9:ef:
9d:53:cb:5f:07:0d:30:49:92:da:42:a7:89:73:6c:
9c:3d:00:f8:3d:21:67:65:2c:78:3b:4f:4c:60:0b:
bc:15:dd:58:0d:9f:49:10:e4:56:5f:f5:da:7b:dd:
11:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:11:C2:D3:65:E6:8C:8C:87:AF:42:DC:2F:02:D5:59:D7:DF:BF:39
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.185.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:76:d8:ca:a0:95:67:e5:5f:68:ed:b9:13:1c:10:8e:24:a0:
3d:d7:bd:38:f0:82:93:b7:61:f6:48:9a:2b:4e:8c:55:b7:e8:
65:c6:80:d4:e8:65:ba:90:d5:4c:1f:d5:6a:8e:1d:82:71:61:
07:46:95:ca:12:08:54:fb:6e:4f:43:41:bc:0b:af:19:ec:8a:
96:c7:e8:4e:50:95:a0:9d:38:e4:e7:96:14:f6:ad:6c:c9:2c:
2a:7f:6d:19:db:e5:b1:24:57:ec:bd:53:8f:c3:99:65:a9:16:
bc:e9:eb:60:f8:91:32:e1:18:20:ae:17:43:0a:31:a9:bd:2e:
45:cc:f2:55:fb:29:06:e2:27:ab:13:9b:b0:6f:6a:ac:25:6c:
be:51:14:3c:a4:a3:36:32:87:5f:97:6b:f5:8e:a3:88:d5:fb:
43:ea:ec:16:2a:ff:88:c9:2e:1a:e0:7b:20:6f:63:67:91:a0:
05:3b:60:2b:c0:98:39:dd:fc:ab:a6:28:d1:f2:02:fe:37:46:
fc:0a:de:e2:e1:76:41:5a:f1:1d:c5:f2:c6:27:d5:b4:60:da:
16:18:d6:8f:6a:1d:85:51:bf:26:ce:c0:9d:94:0d:60:01:87:
90:6d:0c:fe:a2:ab:5b:dc:6b:0f:65:4c:a1:95:e4:3f:05:93:
9d:8b:a0:17
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUWLeArYAvkqoKQNEO8/ylyxR7FQAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDA0MDkxMDAxMjBaFw0yNTA0MDgxMDA2MjBaMDMxMTAvBgNV
BAMTKDEyMTFDMkQzNjVFNjhDOEM4N0FGNDJEQzJGMDJENTU5RDdERkJGMzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUYoEumSU5LubXrPJ/mAuZm+TO
Yij2q597zudOX1Slssd4M1+2yIztT8IyMFCHXv1yJRL1wD2hMdrDRi6HCRP6DLcf
xapPKFLkvL8nqByVqzetdBLz1i/TyAg863NpPe1G5hriDHoPSFZW64+ZjvIFr2TB
+lpmJwwfZa0OQX89XPZ5zz/Mtuluu6aqdwWlSOyN1DYfAnEPAXvXynNcX3Z6qKaz
NFgM94YBX52ObJWoxfed9ZjMg9KjTNBczO0SlUORZPT9rw5Jm6P/gUE4aEq5751T
y18HDTBJktpCp4lzbJw9APg9IWdlLHg7T0xgC7wV3VgNn0kQ5FZf9dp73RHXAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUEhHC02XmjIyHr0LcLwLVWdffvzkwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzUyZTMxMzgzMTJlMzEzODM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbW5MA0G
CSqGSIb3DQEBCwUAA4IBAQC4dtjKoJVn5V9o7bkTHBCOJKA917048IKTt2H2SJor
ToxVt+hlxoDU6GW6kNVMH9Vqjh2CcWEHRpXKEghU+25PQ0G8C68Z7IqWx+hOUJWg
nTjk55YU9q1sySwqf20Z2+WxJFfsvVOPw5llqRa86etg+JEy4RggrhdDCjGpvS5F
zPJV+ykG4ierE5uwb2qsJWy+URQ8pKM2Modfl2v1jqOI1ftD6uwWKv+IyS4a4Hsg
b2NnkaAFO2ArwJg53fyrpijR8gL+N0b8Ct7i4XZBWvEdxfLGJ9W0YNoWGNaPah2F
Ub8mzsCdlA1gAYeQbQz+oqtb3GsPZUyhleQ/BZOdi6AX
-----END CERTIFICATE-----
Generated at Sat Apr 20 09:11:41 2024 by rpki-client on console-ams.rpki-client.org