Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/352e3232362e3139312e302f32342d3234203d3e20323135323837.roa
File: 352e3232362e3139312e302f32342d3234203d3e20323135323837.roa (raw, json)
Hash identifier: RkV+HIT5VsE9pjn8210EZGVuenhPjG9cevpcRBJ9k2w=
Subject key identifier: 22:62:3A:1D:7A:FC:D9:4A:CE:F0:07:50:48:A6:D8:7C:E0:FA:22:99
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 713161A00DA51C031677F5374C8D27B83A9D341D
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/352e3232362e3139312e302f32342d3234203d3e20323135323837.roa
Signing time: Sat 25 Jan 2025 21:57:59 +0000
ROA not before: Sat 25 Jan 2025 21:52:59 +0000
ROA not after: Sat 24 Jan 2026 21:57:59 +0000
asID: 215287
IP address blocks: 5.226.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.mft
rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:31:61:a0:0d:a5:1c:03:16:77:f5:37:4c:8d:27:b8:3a:9d:34:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Jan 25 21:52:59 2025 GMT
Not After : Jan 24 21:57:59 2026 GMT
Subject: CN=22623A1D7AFCD94ACEF0075048A6D87CE0FA2299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:74:38:c4:34:73:5d:c1:12:a0:fd:56:a0:0a:
c9:1c:48:ce:e5:46:3d:d7:f4:37:3a:4e:b5:80:45:
d0:68:6d:09:d4:91:07:c9:e6:aa:9a:e4:7f:7e:0c:
e6:68:2d:51:c2:98:cb:9f:c5:a1:26:a4:c6:5c:ec:
3c:bf:89:64:3b:f1:a2:eb:46:7e:a8:30:45:52:28:
41:20:fa:ef:17:27:91:ae:64:9a:4e:70:0e:1a:dd:
cf:99:6c:ae:1a:ed:0d:36:fb:08:7e:eb:22:9e:a4:
ef:54:d3:55:2c:fd:b6:6e:7b:e4:82:03:6a:3f:c4:
16:31:8d:6b:d4:6a:d5:97:59:bc:64:43:22:f1:cf:
ff:68:bf:59:9d:1c:5d:7b:65:31:9e:90:97:61:3e:
cc:a1:91:a7:d9:af:e6:ae:82:3b:1d:bf:71:fe:f4:
57:5e:15:e3:67:8a:a5:43:5e:04:8c:c0:86:a5:5a:
3c:ab:32:22:ad:a5:ce:c7:28:7f:d1:b6:2d:8f:85:
5d:cb:b5:d0:50:1a:25:88:7c:86:14:33:18:f5:c1:
9a:32:7d:09:12:cf:d3:39:b2:f8:41:66:45:b9:17:
70:25:cc:98:71:01:33:c8:84:ae:32:b5:b2:eb:b3:
bb:2f:88:c4:39:64:d8:34:35:c7:ee:b3:5b:4e:ae:
e7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:62:3A:1D:7A:FC:D9:4A:CE:F0:07:50:48:A6:D8:7C:E0:FA:22:99
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/352e3232362e3139312e302f32342d3234203d3e20323135323837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.191.0/24
Signature Algorithm: sha256WithRSAEncryption
35:cf:98:35:47:81:20:1a:0f:9e:13:03:ef:47:1f:57:9e:13:
a5:8c:e1:cd:0c:9f:07:a2:a1:e8:9b:a7:37:c8:3e:9f:64:e6:
b0:cb:dd:53:c8:14:49:2b:58:07:90:dc:e6:6b:a1:cf:47:c0:
b6:79:d7:49:a9:fa:63:5a:03:7c:6d:60:e8:36:9b:ff:93:a3:
fa:c8:d9:db:07:74:14:75:03:c1:48:0e:97:da:a6:5c:16:19:
dd:b9:4f:f7:94:fe:31:74:6a:ed:fd:1b:9f:d0:45:ec:8f:b7:
8c:44:02:4a:47:16:16:b5:8f:21:4b:42:54:1a:1d:4d:f0:67:
2c:23:6c:0d:1e:1e:f6:21:12:d2:7f:43:d3:36:74:de:d9:f5:
ef:9d:7d:0c:3f:ea:44:a9:ec:fb:75:18:08:43:79:e2:bd:43:
2d:83:5a:e9:01:90:a3:af:d2:a9:6e:c8:49:c7:74:d0:31:da:
9e:33:93:b1:8e:46:9e:f5:5d:30:3b:60:54:5d:a2:e9:af:fc:
33:5f:95:a8:a8:b8:76:7c:a8:25:d2:95:4a:d8:ab:f8:94:03:
29:08:b7:11:1e:3e:d5:71:1c:91:5f:3b:58:c4:b7:9e:b0:65:
25:6f:68:80:bf:f5:b8:83:3a:68:4f:bb:6f:9e:ef:0c:ff:c9:
27:47:5a:1d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUcTFhoA2lHAMWd/U3TI0nuDqdNB0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNTAxMjUyMTUyNTlaFw0yNjAxMjQyMTU3NTlaMDMxMTAvBgNV
BAMTKDIyNjIzQTFEN0FGQ0Q5NEFDRUYwMDc1MDQ4QTZEODdDRTBGQTIyOTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5dDjENHNdwRKg/VagCskcSM7l
Rj3X9Dc6TrWARdBobQnUkQfJ5qqa5H9+DOZoLVHCmMufxaEmpMZc7Dy/iWQ78aLr
Rn6oMEVSKEEg+u8XJ5GuZJpOcA4a3c+ZbK4a7Q02+wh+6yKepO9U01Us/bZue+SC
A2o/xBYxjWvUatWXWbxkQyLxz/9ov1mdHF17ZTGekJdhPsyhkafZr+augjsdv3H+
9FdeFeNniqVDXgSMwIalWjyrMiKtpc7HKH/Rti2PhV3LtdBQGiWIfIYUMxj1wZoy
fQkSz9M5svhBZkW5F3AlzJhxATPIhK4ytbLrs7sviMQ5ZNg0Ncfus1tOrufdAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUImI6HXr82UrO8AdQSKbYfOD6IpkwHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzUyZTMyMzIzNjJlMzEzOTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM1MzIzODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BeK/MA0GCSqGSIb3DQEBCwUAA4IBAQA1z5g1R4EgGg+eEwPvRx9XnhOljOHNDJ8H
oqHom6c3yD6fZOawy91TyBRJK1gHkNzma6HPR8C2eddJqfpjWgN8bWDoNpv/k6P6
yNnbB3QUdQPBSA6X2qZcFhnduU/3lP4xdGrt/Ruf0EXsj7eMRAJKRxYWtY8hS0JU
Gh1N8GcsI2wNHh72IRLSf0PTNnTe2fXvnX0MP+pEqez7dRgIQ3nivUMtg1rpAZCj
r9KpbshJx3TQMdqeM5Oxjkae9V0wO2BUXaLpr/wzX5WoqLh2fKgl0pVK2Kv4lAMp
CLcRHj7VcRyRXztYxLeesGUlb2iAv/W4gzpoT7tvnu8M/8knR1od
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:48:06 2025 by rpki-client