Route Origin Authorization
$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS35487.roa
File: AS35487.roa (raw, json)
Hash identifier: KzJxy+ht31063XRr1E+hsynzRnqHgx46V+CyjU84lhI=
Subject key identifier: F8:8C:76:9F:57:3A:27:BB:F5:EF:F8:35:81:BF:10:20:2E:46:6B:A3
Certificate issuer: /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial: 4C20054BAA23D7C1AA496933CC2D19582AB63265
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access: rsync://rsync.rp.ki/repo/misakaio/2/AS35487.roa
Signing time: Tue 28 Jan 2025 16:30:42 +0000
ROA not before: Tue 28 Jan 2025 16:25:42 +0000
ROA not after: Tue 27 Jan 2026 16:30:42 +0000
asID: 35487
IP address blocks: 45.131.68.0/22 maxlen: 24
45.142.247.0/24 maxlen: 24
45.150.240.0/23 maxlen: 24
45.150.243.0/24 maxlen: 24
146.19.3.0/24 maxlen: 24
194.156.154.0/24 maxlen: 24
2a0b:4341::/32 maxlen: 48
2a0b:4342:1a90::/44 maxlen: 48
2a0d:5641:1a00::/40 maxlen: 48
2a0d:5642::/32 maxlen: 48
2a0f:3b05:100::/44 maxlen: 44
2a12:1701::/32 maxlen: 48
2a12:8d02::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:20:05:4b:aa:23:d7:c1:aa:49:69:33:cc:2d:19:58:2a:b6:32:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
Validity
Not Before: Jan 28 16:25:42 2025 GMT
Not After : Jan 27 16:30:42 2026 GMT
Subject: CN=F88C769F573A27BBF5EFF83581BF10202E466BA3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:bc:aa:db:46:d5:d1:dc:a6:e8:68:1d:83:91:
01:b4:92:b1:5e:7e:b5:5e:b7:39:f4:b6:4a:55:33:
a2:82:74:37:3d:9b:b8:04:bc:6d:13:4e:06:19:6e:
bc:66:2e:3f:d0:bb:d5:a0:16:c6:18:8c:bd:48:08:
97:28:9c:f0:28:70:12:9d:06:5f:91:07:9b:80:94:
0e:46:c5:18:b1:ea:04:d3:50:8b:5a:9f:c6:29:15:
60:2c:fe:7b:b4:b7:a3:b7:44:d0:ad:77:7e:56:04:
00:36:7c:bb:be:98:bb:cb:33:1a:11:4b:e4:17:b7:
50:f7:21:8d:48:16:57:df:dc:80:df:83:fa:f9:15:
97:89:6c:4f:f2:c4:12:77:be:23:24:e8:76:c5:e0:
9f:6a:1c:b7:5f:c6:e0:35:cb:dc:e8:6d:52:b6:ff:
7c:09:27:b4:a5:0f:60:00:f2:96:62:0b:99:21:5b:
af:d2:d5:6f:39:0d:12:20:76:3f:27:7e:30:0f:a6:
c1:b0:9e:5c:68:ac:8f:53:6a:ea:85:f3:bb:27:ce:
f3:c0:6a:c5:90:cb:ce:da:e0:ed:4f:14:10:7f:c1:
a1:c0:83:82:e5:60:07:e0:67:4c:85:f1:51:af:f1:
4c:54:42:3e:d5:dd:7c:d2:61:f9:3f:87:0a:aa:2d:
0c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:8C:76:9F:57:3A:27:BB:F5:EF:F8:35:81:BF:10:20:2E:46:6B:A3
X509v3 Authority Key Identifier:
keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS35487.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.68.0/22
45.142.247.0/24
45.150.240.0/23
45.150.243.0/24
146.19.3.0/24
194.156.154.0/24
IPv6:
2a0b:4341::/32
2a0b:4342:1a90::/44
2a0d:5641:1a00::/40
2a0d:5642::/32
2a0f:3b05:100::/44
2a12:1701::/32
2a12:8d02::/32
Signature Algorithm: sha256WithRSAEncryption
8c:25:e3:31:5d:e0:83:c3:76:1b:35:60:60:58:ea:71:f8:7a:
a0:df:71:e6:1a:2f:9a:74:af:00:a9:8a:8b:82:9f:e6:48:4c:
00:f9:b6:01:15:ef:3c:b0:3c:20:1a:08:8b:85:81:fb:37:37:
29:2b:4c:2f:ef:4a:4b:c0:3f:9e:b4:ba:01:eb:51:de:ae:0d:
12:a8:7e:97:c0:4d:c2:3e:c3:8c:60:f9:8e:b3:4f:7a:49:da:
98:66:e5:99:b6:0c:c7:6a:76:d6:1f:df:5b:38:7e:f2:91:fb:
e8:a4:86:31:b7:15:2c:69:06:23:aa:73:97:7a:ee:b0:35:41:
81:a2:68:de:72:00:ef:01:d7:b5:64:59:c2:0f:0d:23:06:5b:
e1:cc:74:31:b3:b9:e0:1f:5f:e0:a5:8a:8f:f7:43:aa:f0:3e:
0d:2e:01:96:96:89:24:bf:c6:52:c0:69:1c:77:54:d2:06:20:
11:93:eb:21:96:2d:66:81:d5:6e:89:ce:98:3a:f5:b6:e4:cc:
67:b1:44:53:64:d7:63:a5:f0:a9:be:12:fc:49:88:26:53:8b:
1a:9a:1d:ba:41:84:47:ba:6a:c2:be:22:02:5f:67:19:f6:55:
bb:3a:23:e2:3e:3a:22:2d:e2:2b:cc:24:7e:b2:05:aa:a3:13:
04:b3:eb:76
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIUTCAFS6oj18GqSWkzzC0ZWCq2MmUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNTAxMjgxNjI1NDJaFw0yNjAxMjcxNjMwNDJaMDMxMTAvBgNV
BAMTKEY4OEM3NjlGNTczQTI3QkJGNUVGRjgzNTgxQkYxMDIwMkU0NjZCQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmvKrbRtXR3KboaB2DkQG0krFe
frVetzn0tkpVM6KCdDc9m7gEvG0TTgYZbrxmLj/Qu9WgFsYYjL1ICJconPAocBKd
Bl+RB5uAlA5GxRix6gTTUItan8YpFWAs/nu0t6O3RNCtd35WBAA2fLu+mLvLMxoR
S+QXt1D3IY1IFlff3IDfg/r5FZeJbE/yxBJ3viMk6HbF4J9qHLdfxuA1y9zobVK2
/3wJJ7SlD2AA8pZiC5khW6/S1W85DRIgdj8nfjAPpsGwnlxorI9TauqF87snzvPA
asWQy87a4O1PFBB/waHAg4LlYAfgZ0yF8VGv8UxUQj7V3XzSYfk/hwqqLQwRAgMB
AAGjggIBMIIB/TAdBgNVHQ4EFgQU+Ix2n1c6J7v17/g1gb8QIC5Ga6MwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVMzNTQ4Ny5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjB7BggrBgEFBQcBBwEB/wRsMGowKgQCAAEwJAMEAi2DRAMEAC2O
9wMEAS2W8AMEAC2W8wMEAJITAwMEAMKcmjA8BAIAAjA2AwUAKgtDQQMHBCoLQ0Ia
kAMGACoNVkEaAwUAKg1WQgMHBCoPOwUBAAMFACoSFwEDBQAqEo0CMA0GCSqGSIb3
DQEBCwUAA4IBAQCMJeMxXeCDw3YbNWBgWOpx+Hqg33HmGi+adK8AqYqLgp/mSEwA
+bYBFe88sDwgGgiLhYH7NzcpK0wv70pLwD+etLoB61Herg0SqH6XwE3CPsOMYPmO
s096SdqYZuWZtgzHanbWH99bOH7ykfvopIYxtxUsaQYjqnOXeu6wNUGBomjecgDv
Ade1ZFnCDw0jBlvhzHQxs7ngH1/gpYqP90Oq8D4NLgGWlokkv8ZSwGkcd1TSBiAR
k+shli1mgdVuic6YOvW25MxnsURTZNdjpfCpvhL8SYgmU4samh26QYRHumrCviIC
X2cZ9lW7OiPiPjoiLeIrzCR+sgWqoxMEs+t2
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:23 2025 by rpki-client