Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS5650.roa
File: AS5650.roa (raw, json)
Hash identifier: 1cZyPW9VSrNwiPiV9IsgSZ9YukofEQpOyAOz3Tg0Tq0=
Subject key identifier: 2B:9C:CF:00:8B:52:1B:B2:A9:88:E2:18:DD:8C:AA:88:A4:91:0B:B8
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 05492A8EBD54F2768A9A222F340313B98E92B103
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS5650.roa
Signing time: Fri 10 May 2024 03:47:06 +0000
ROA not before: Fri 10 May 2024 03:42:06 +0000
ROA not after: Fri 09 May 2025 03:47:06 +0000
asID: 5650
IP address blocks: 147.79.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 11 Jun 2024 14:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:49:2a:8e:bd:54:f2:76:8a:9a:22:2f:34:03:13:b9:8e:92:b1:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 10 03:42:06 2024 GMT
Not After : May 9 03:47:06 2025 GMT
Subject: CN=2B9CCF008B521BB2A988E218DD8CAA88A4910BB8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:16:fb:75:21:28:b9:ca:ce:7f:ee:cb:ab:d9:
91:e9:a9:49:eb:2a:3d:de:e2:b9:4e:21:55:8e:c7:
de:78:00:19:c7:28:67:ae:51:58:57:6a:e4:15:89:
b6:c5:0a:be:ef:92:5c:fb:ea:12:d4:69:94:5e:10:
3c:82:67:d6:71:f8:15:31:34:aa:50:2e:e5:fc:b2:
70:d5:ec:bb:37:f6:60:f5:4e:70:7d:79:0b:81:16:
0f:5f:42:52:c9:de:ad:33:f8:64:1f:12:53:dc:36:
de:e6:5f:5c:5e:93:ca:96:1b:5e:25:75:c5:7a:ec:
ea:ab:77:a3:3d:64:9e:63:b9:6d:d8:29:da:68:2c:
e7:4d:4b:e0:09:b7:e2:ce:d6:2b:77:8c:f4:cb:05:
9f:94:18:38:cd:eb:fa:82:1a:33:8b:09:a5:b1:64:
7a:50:5d:6c:1b:26:ed:89:23:c2:2b:6c:6b:f5:45:
87:a4:83:1a:a6:19:cb:26:36:b8:10:21:22:17:4f:
9f:50:92:7b:a7:9f:7a:db:a4:28:5f:05:94:63:68:
58:dd:23:54:33:b6:ca:b6:d6:83:4b:9f:23:2b:d3:
d5:d5:2b:19:ba:c5:48:ae:1a:eb:5f:9f:c9:33:fd:
34:48:e2:47:e8:36:6a:e4:3f:b5:af:43:77:cf:ed:
f9:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:9C:CF:00:8B:52:1B:B2:A9:88:E2:18:DD:8C:AA:88:A4:91:0B:B8
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS5650.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.79.31.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:00:b2:06:77:cf:35:0d:8b:07:be:3c:93:4d:6f:a4:47:03:
85:ab:fc:ea:2e:80:da:1b:a1:ff:3b:3f:68:c7:06:58:ce:30:
85:b7:d1:c3:b9:0f:da:e8:ae:fb:6e:b5:f2:ff:e8:26:f6:84:
f3:91:30:d9:ee:00:24:1e:99:96:a7:cc:05:1e:7a:0f:9d:e1:
92:a7:0b:97:4e:09:2c:f3:77:21:f4:1a:96:9c:cd:6a:a7:57:
29:28:34:2e:2c:fc:19:44:7a:be:c5:d5:62:1c:d6:f2:0c:07:
12:5c:99:27:9a:3d:79:7d:62:98:be:29:11:73:7a:f5:0d:e3:
0c:67:a5:ad:b0:f3:2c:5c:b9:8b:dd:23:3a:24:fc:c6:9f:a9:
2a:d3:89:33:59:36:bc:9a:19:97:5e:cf:99:12:16:7f:fc:7d:
4f:d9:f3:67:24:f0:a4:cb:f9:fc:3a:14:1e:24:f3:ff:c6:43:
c1:cb:4b:aa:28:9b:ac:2a:b3:1a:e1:ce:41:1e:0c:9c:8c:af:
0e:f0:0c:d1:87:b2:5c:86:a3:86:27:0a:9b:b2:90:7d:09:13:
3b:ae:25:59:c4:ac:9e:30:4c:67:a1:12:58:1e:ff:cc:f8:80:
d7:6e:56:82:a8:85:61:0c:61:9a:d6:ab:db:cb:1b:24:7e:20:
5e:4a:78:ee
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIUBUkqjr1U8naKmiIvNAMTuY6SsQMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA1MTAwMzQyMDZaFw0yNTA1MDkwMzQ3MDZaMDMxMTAvBgNV
BAMTKDJCOUNDRjAwOEI1MjFCQjJBOTg4RTIxOEREOENBQTg4QTQ5MTBCQjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbFvt1ISi5ys5/7sur2ZHpqUnr
Kj3e4rlOIVWOx954ABnHKGeuUVhXauQVibbFCr7vklz76hLUaZReEDyCZ9Zx+BUx
NKpQLuX8snDV7Ls39mD1TnB9eQuBFg9fQlLJ3q0z+GQfElPcNt7mX1xek8qWG14l
dcV67Oqrd6M9ZJ5juW3YKdpoLOdNS+AJt+LO1it3jPTLBZ+UGDjN6/qCGjOLCaWx
ZHpQXWwbJu2JI8IrbGv1RYekgxqmGcsmNrgQISIXT59Qknunn3rbpChfBZRjaFjd
I1Qztsq21oNLnyMr09XVKxm6xUiuGutfn8kz/TRI4kfoNmrkP7WvQ3fP7flzAgMB
AAGjggIIMIICBDAdBgNVHQ4EFgQUK5zPAItSG7KpiOIY3YyqiKSRC7gwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTY1MC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJNPHzAN
BgkqhkiG9w0BAQsFAAOCAQEAtgCyBnfPNQ2LB748k01vpEcDhav86i6A2huh/zs/
aMcGWM4whbfRw7kP2uiu+2618v/oJvaE85Ew2e4AJB6ZlqfMBR56D53hkqcLl04J
LPN3IfQalpzNaqdXKSg0Liz8GUR6vsXVYhzW8gwHElyZJ5o9eX1imL4pEXN69Q3j
DGelrbDzLFy5i90jOiT8xp+pKtOJM1k2vJoZl17PmRIWf/x9T9nzZyTwpMv5/DoU
HiTz/8ZDwctLqiibrCqzGuHOQR4MnIyvDvAM0YeyXIajhicKm7KQfQkTO64lWcSs
njBMZ6ESWB7/zPiA125WgqiFYQxhmtar28sbJH4gXkp47g==
-----END CERTIFICATE-----
Generated at Mon Jun 10 21:13:18 2024 by rpki-client on console-ams.rpki-client.org