Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e20313938393839.roa
File: 352e3138312e3138352e302f32342d3234203d3e20313938393839.roa (raw, json)
Hash identifier: bBHB0qGvsL7fJlqEB/WNCVCcsuCkMHwqBkS10Cf+hw4=
Subject key identifier: 35:78:A4:58:AC:81:CA:D0:85:DD:A4:97:EC:9B:60:20:29:D0:38:7D
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 209A96FB7379AEFB3783059148D26A960FDDF856
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e20313938393839.roa
Signing time: Sun 21 Apr 2024 05:28:55 +0000
ROA not before: Sun 21 Apr 2024 05:23:55 +0000
ROA not after: Sun 20 Apr 2025 05:28:55 +0000
asID: 198989
IP address blocks: 5.181.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 15 May 2024 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:9a:96:fb:73:79:ae:fb:37:83:05:91:48:d2:6a:96:0f:dd:f8:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Apr 21 05:23:55 2024 GMT
Not After : Apr 20 05:28:55 2025 GMT
Subject: CN=3578A458AC81CAD085DDA497EC9B602029D0387D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:3d:69:30:0d:91:3c:cb:00:a0:56:74:b6:1b:
d0:59:1c:14:f7:17:97:33:0f:5f:ef:9e:57:cf:58:
06:91:b1:80:c3:09:03:ea:b9:82:a7:68:1b:13:25:
18:91:d9:90:c0:ee:51:5a:86:14:f7:c3:e4:b1:c8:
01:fd:dd:ca:01:5f:9c:4f:42:58:fc:9c:6d:12:30:
da:16:75:97:2f:a5:7a:68:b0:cc:3c:b6:a2:65:14:
14:3c:7e:9c:fe:ec:e6:7e:33:3f:dd:c4:95:2c:b1:
60:70:df:67:f0:9f:c1:5c:a4:a0:1b:9b:80:97:ee:
aa:5f:3a:2b:ee:a6:cb:3b:de:0a:e4:0b:9a:db:5f:
e0:9a:fb:11:28:09:3a:a2:c9:4c:ef:7a:f5:aa:57:
7b:b9:88:66:41:15:58:77:3c:74:ad:b1:78:0b:79:
14:ff:0e:80:36:9b:87:8c:c3:c2:88:50:b8:66:f2:
56:d8:f4:ea:d8:1f:50:d4:12:85:a2:4b:73:6d:a2:
c3:07:07:d6:bb:72:86:62:50:f5:d3:30:83:f3:65:
a8:60:6e:3b:d4:5c:b2:19:50:a1:b6:de:ff:0f:b3:
ad:32:95:5d:8e:65:b9:e1:72:52:73:41:90:fe:97:
28:a1:7b:1e:a0:40:13:48:ca:37:1d:0a:6d:48:f2:
f8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:78:A4:58:AC:81:CA:D0:85:DD:A4:97:EC:9B:60:20:29:D0:38:7D
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e20313938393839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.185.0/24
Signature Algorithm: sha256WithRSAEncryption
11:33:d6:b4:60:89:62:72:c3:af:cc:3e:22:46:5b:29:6f:48:
e2:8c:13:5b:6d:87:50:2e:e6:70:cd:b1:b2:0c:34:a0:67:8f:
4c:ca:73:12:7f:01:32:75:78:df:7a:40:e3:a8:10:e7:c2:f6:
46:82:27:0a:fd:32:62:13:78:62:77:af:34:77:46:3f:a9:ff:
ed:a1:22:a0:eb:6c:8d:b7:dd:28:58:25:79:c1:aa:07:0b:77:
b1:d3:91:d8:7c:95:16:43:1f:d2:7d:ca:0b:9a:05:5a:77:8e:
11:85:36:30:32:b4:c9:8b:24:e2:26:dd:50:d6:46:c8:18:f1:
bb:04:48:50:e9:ad:72:5c:1b:50:19:d3:93:52:76:4d:fa:0e:
74:81:1e:55:b9:a4:f4:5c:a5:0d:e2:5e:97:0d:5c:89:1b:76:
2b:75:6a:35:10:29:73:98:12:ef:56:95:85:cd:6b:67:a9:47:
c5:c0:f7:dd:e7:7c:e2:6d:84:d9:6a:cb:39:27:b1:33:0c:b3:
11:4f:7c:fe:3b:3f:f9:31:06:5a:e1:4f:cf:e1:41:a5:18:f3:
84:11:51:00:bc:4b:c8:65:aa:ce:52:87:a9:e5:3c:35:78:eb:
58:81:59:2c:a6:b7:0f:f3:2c:6d:7d:d4:d0:0a:1c:1e:e1:02:
46:07:6e:9a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIJqW+3N5rvs3gwWRSNJqlg/d+FYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDA0MjEwNTIzNTVaFw0yNTA0MjAwNTI4NTVaMDMxMTAvBgNV
BAMTKDM1NzhBNDU4QUM4MUNBRDA4NUREQTQ5N0VDOUI2MDIwMjlEMDM4N0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDePWkwDZE8ywCgVnS2G9BZHBT3
F5czD1/vnlfPWAaRsYDDCQPquYKnaBsTJRiR2ZDA7lFahhT3w+SxyAH93coBX5xP
Qlj8nG0SMNoWdZcvpXposMw8tqJlFBQ8fpz+7OZ+Mz/dxJUssWBw32fwn8FcpKAb
m4CX7qpfOivupss73grkC5rbX+Ca+xEoCTqiyUzvevWqV3u5iGZBFVh3PHStsXgL
eRT/DoA2m4eMw8KIULhm8lbY9OrYH1DUEoWiS3NtosMHB9a7coZiUPXTMIPzZahg
bjvUXLIZUKG23v8Ps60ylV2OZbnhclJzQZD+lyihex6gQBNIyjcdCm1I8vh5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUNXikWKyBytCF3aSX7JtgICnQOH0wHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzUyZTMxMzgzMTJlMzEzODM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzOTM4MzkzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BbW5MA0GCSqGSIb3DQEBCwUAA4IBAQARM9a0YIlicsOvzD4iRlspb0jijBNbbYdQ
LuZwzbGyDDSgZ49MynMSfwEydXjfekDjqBDnwvZGgicK/TJiE3hid680d0Y/qf/t
oSKg62yNt90oWCV5waoHC3ex05HYfJUWQx/SfcoLmgVad44RhTYwMrTJiyTiJt1Q
1kbIGPG7BEhQ6a1yXBtQGdOTUnZN+g50gR5VuaT0XKUN4l6XDVyJG3YrdWo1EClz
mBLvVpWFzWtnqUfFwPfd53zibYTZass5J7EzDLMRT3z+Oz/5MQZa4U/P4UGlGPOE
EVEAvEvIZarOUoep5Tw1eOtYgVksprcP8yxtfdTQChwe4QJGB26a
-----END CERTIFICATE-----
Generated at Wed May 15 03:10:39 2024 by rpki-client on console-ams.rpki-client.org