Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/352e3232362e3139312e302f32342d3234203d3e20323135323338.roa
File: 352e3232362e3139312e302f32342d3234203d3e20323135323338.roa (raw, json)
Hash identifier: UAeHXbW3QhFNKys+iIRYQQp2rK+CbLJVmAbT44zmQ1k=
Subject key identifier: 5A:FA:47:A6:FE:A0:9C:3E:C7:62:68:BA:FF:2F:9B:73:69:2C:15:78
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 0AFED6614411827F68EC2BC7BC779E809302EA5E
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/352e3232362e3139312e302f32342d3234203d3e20323135323338.roa
Signing time: Sat 31 May 2025 18:51:31 +0000
ROA not before: Sat 31 May 2025 18:46:31 +0000
ROA not after: Sat 30 May 2026 18:51:31 +0000
asID: 215238
IP address blocks: 5.226.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.mft
rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:fe:d6:61:44:11:82:7f:68:ec:2b:c7:bc:77:9e:80:93:02:ea:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: May 31 18:46:31 2025 GMT
Not After : May 30 18:51:31 2026 GMT
Subject: CN=5AFA47A6FEA09C3EC76268BAFF2F9B73692C1578
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:73:db:b0:da:03:78:1c:04:6b:9a:57:72:1c:
f8:e8:46:74:59:c8:3d:e7:52:2e:68:10:db:f1:d1:
85:3f:16:fd:47:2b:32:76:02:9e:15:66:25:f8:ed:
df:4e:48:64:35:41:cb:0a:de:98:c5:8c:47:da:bb:
84:a3:27:74:a7:17:b5:04:ce:5c:2a:c3:c6:40:33:
16:85:1e:c4:99:c3:3c:13:ea:96:ab:f7:f0:dc:9e:
e1:43:1d:2b:22:e7:b7:05:ee:e3:09:c2:a6:cc:72:
c3:3c:7b:3c:01:45:3b:be:12:32:3e:a9:95:39:aa:
4a:c4:4c:c5:5c:1b:2c:34:a9:f4:57:93:f7:c8:09:
7a:ed:c5:1b:c2:16:78:b9:89:36:cf:4d:d6:51:8a:
ed:35:5e:28:1b:fb:c8:9a:43:81:cf:ae:26:28:86:
94:89:08:41:73:2f:13:eb:ab:9c:5e:93:86:00:7b:
1c:bf:3e:86:a1:b8:fc:cf:67:59:40:6e:30:66:80:
d9:d0:7d:9b:af:64:0d:c1:67:c0:9e:1a:dd:f2:2e:
c2:5d:45:1e:04:b1:01:88:37:89:fc:94:7b:db:9f:
cf:f3:6e:81:2b:82:d7:db:a1:79:20:20:e5:8c:2b:
c6:3f:69:fd:ff:75:e2:7b:9b:23:ac:26:c7:f6:0e:
ca:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:FA:47:A6:FE:A0:9C:3E:C7:62:68:BA:FF:2F:9B:73:69:2C:15:78
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/352e3232362e3139312e302f32342d3234203d3e20323135323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.191.0/24
Signature Algorithm: sha256WithRSAEncryption
89:be:1c:ac:26:f8:e3:e9:05:7b:93:c1:9c:3b:d0:a6:c0:cc:
eb:a6:de:e7:0d:7c:96:e5:95:47:1d:ee:ee:ca:ed:a0:8b:7c:
1c:12:31:a4:fa:3d:80:45:01:0d:12:a7:06:fe:b5:05:32:c5:
e9:2d:64:af:2a:6a:4f:f3:1b:0c:0a:cf:ef:f4:0d:1c:06:73:
fa:09:89:97:06:f9:81:10:b9:d4:3a:9c:20:60:09:0b:51:02:
d1:95:27:a4:b9:c3:5b:16:e5:fa:f1:4e:4c:ea:0a:ba:7c:8c:
74:22:41:0e:54:fe:01:a2:17:2b:a5:86:ec:e0:43:92:6e:be:
da:5e:b9:54:bb:77:96:70:6a:41:d8:40:30:1e:74:4e:5c:ac:
22:23:5f:0a:23:54:e0:0e:33:19:a8:47:3e:9b:27:ec:96:1f:
19:64:85:7f:f9:a5:ff:52:dd:4f:70:dd:72:a8:b1:98:29:61:
86:79:f8:3d:4b:3f:21:e1:e8:72:f9:8f:1c:9c:d0:ce:e7:97:
fe:4f:97:44:c7:81:d6:9a:aa:8f:af:7e:e0:f5:a0:26:00:8b:
54:48:68:f0:de:79:26:75:d8:9c:16:87:6b:37:8f:13:aa:ce:
9e:25:53:34:51:05:0a:d5:13:4c:21:34:6c:c7:41:9c:f8:e7:
c2:2e:71:42
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCv7WYUQRgn9o7CvHvHeegJMC6l4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNTA1MzExODQ2MzFaFw0yNjA1MzAxODUxMzFaMDMxMTAvBgNV
BAMTKDVBRkE0N0E2RkVBMDlDM0VDNzYyNjhCQUZGMkY5QjczNjkyQzE1NzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsc9uw2gN4HARrmldyHPjoRnRZ
yD3nUi5oENvx0YU/Fv1HKzJ2Ap4VZiX47d9OSGQ1QcsK3pjFjEfau4SjJ3SnF7UE
zlwqw8ZAMxaFHsSZwzwT6par9/DcnuFDHSsi57cF7uMJwqbMcsM8ezwBRTu+EjI+
qZU5qkrETMVcGyw0qfRXk/fICXrtxRvCFni5iTbPTdZRiu01Xigb+8iaQ4HPriYo
hpSJCEFzLxPrq5xek4YAexy/PoahuPzPZ1lAbjBmgNnQfZuvZA3BZ8CeGt3yLsJd
RR4EsQGIN4n8lHvbn8/zboErgtfboXkgIOWMK8Y/af3/deJ7myOsJsf2DsoRAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUWvpHpv6gnD7HYmi6/y+bc2ksFXgwHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzUyZTMyMzIzNjJlMzEzOTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM1MzIzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BeK/MA0GCSqGSIb3DQEBCwUAA4IBAQCJvhysJvjj6QV7k8GcO9CmwMzrpt7nDXyW
5ZVHHe7uyu2gi3wcEjGk+j2ARQENEqcG/rUFMsXpLWSvKmpP8xsMCs/v9A0cBnP6
CYmXBvmBELnUOpwgYAkLUQLRlSekucNbFuX68U5M6gq6fIx0IkEOVP4BohcrpYbs
4EOSbr7aXrlUu3eWcGpB2EAwHnROXKwiI18KI1TgDjMZqEc+myfslh8ZZIV/+aX/
Ut1PcN1yqLGYKWGGefg9Sz8h4ehy+Y8cnNDO55f+T5dEx4HWmqqPr37g9aAmAItU
SGjw3nkmddicFodrN48Tqs6eJVM0UQUK1RNMITRsx0Gc+OfCLnFC
-----END CERTIFICATE-----
Generated at Sat Jun 7 01:29:35 2025 by rpki-client