Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e20323132333834.roa
File: 352e3138312e3138352e302f32342d3234203d3e20323132333834.roa (raw, json)
Hash identifier: A0XKJ5LQE2xdMm4Ben97C7myJjFSIvK/gRy57S/U13Q=
Subject key identifier: 36:E8:BB:4E:0D:DA:1F:7E:9C:5B:EF:DB:06:CD:07:3A:D6:D2:B5:4E
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 29D6C88105EFF0CE57DFC07FD775E0A7479E1FD2
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e20323132333834.roa
Signing time: Tue 02 Jul 2024 08:02:40 +0000
ROA not before: Tue 02 Jul 2024 07:57:40 +0000
ROA not after: Tue 01 Jul 2025 08:02:40 +0000
asID: 212384
IP address blocks: 5.181.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:d6:c8:81:05:ef:f0:ce:57:df:c0:7f:d7:75:e0:a7:47:9e:1f:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jul 2 07:57:40 2024 GMT
Not After : Jul 1 08:02:40 2025 GMT
Subject: CN=36E8BB4E0DDA1F7E9C5BEFDB06CD073AD6D2B54E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:69:80:e4:09:6b:ab:e4:e0:84:75:d5:2b:8e:
e3:86:06:57:3c:b2:39:6e:96:a3:74:8a:22:85:e2:
c7:a0:67:0b:f8:83:31:2d:cc:10:16:23:c4:79:51:
7d:aa:97:b8:dd:1b:59:43:6b:e0:26:3a:04:b0:2d:
fc:b8:b3:25:50:b1:66:1a:a5:90:0d:2c:6e:7c:92:
3e:c8:0a:b4:6e:6c:25:39:c3:36:8d:f8:7f:38:1f:
35:6e:99:e3:eb:ea:25:7a:1d:02:c8:b5:ea:5f:9e:
b5:be:8a:fd:28:72:27:1e:d6:e4:43:05:84:e2:b4:
1c:15:11:fb:3f:51:3f:53:3e:8d:c9:45:a6:46:3b:
43:8e:5d:95:f1:74:68:f1:2f:3b:f8:49:8c:e5:0c:
76:4d:b8:d1:d4:05:db:9e:68:5c:cd:9d:8a:fa:96:
c7:d6:01:6b:fc:33:d5:aa:ae:56:30:81:60:df:67:
f7:26:60:5f:d0:b1:56:31:f2:f3:0a:49:71:4a:a3:
64:d1:e7:55:5c:ad:af:01:04:a2:30:49:90:89:5a:
1c:ca:34:77:09:02:6d:74:66:a9:b5:1f:e6:0a:ff:
5a:dd:a2:ba:30:4c:5d:fd:07:70:e0:d0:a8:1b:35:
d3:af:58:ef:70:49:56:8b:04:98:53:6a:cf:0c:8e:
de:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:E8:BB:4E:0D:DA:1F:7E:9C:5B:EF:DB:06:CD:07:3A:D6:D2:B5:4E
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e20323132333834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.185.0/24
Signature Algorithm: sha256WithRSAEncryption
78:aa:02:05:f0:e9:94:bf:32:c1:1a:a9:59:01:ba:41:4d:90:
c1:74:6c:0b:57:00:3b:36:96:0e:e4:a5:1a:a9:f3:51:49:90:
0d:30:5d:dd:aa:2b:41:02:97:05:ce:c0:b9:3e:7e:70:57:16:
e2:8a:45:b7:c2:83:b0:5a:33:f7:59:f8:1d:31:43:bd:15:b0:
c6:d8:2a:76:1b:09:b8:be:ec:5d:d2:de:c9:51:80:8a:7d:05:
ed:53:7d:65:dd:92:23:d9:0c:b1:a2:2e:12:1e:48:d2:0a:3a:
c6:ac:46:9a:af:92:d4:99:41:38:87:f8:a8:3b:19:98:bc:91:
20:b5:51:b6:de:2f:c3:d0:89:81:fa:e1:40:1a:e2:3a:83:ed:
36:88:d9:ea:76:7a:f8:01:87:3b:cc:73:3a:60:02:f2:cc:a6:
e5:c9:ab:4f:cf:56:4c:ce:7b:ec:42:ee:3f:4d:98:77:79:e3:
da:ba:59:dc:b8:14:7f:8a:c5:82:c0:63:6e:ea:78:35:e6:c1:
d0:3e:51:85:e8:0c:21:78:de:e2:bb:0a:4a:95:c4:2a:6c:67:
e0:d8:dc:05:21:51:16:db:d0:b0:28:d1:cb:a2:03:1d:ac:9b:
e7:7d:3a:52:c5:cb:d2:99:f4:9f:f5:a0:95:98:f0:7c:c6:c8:
9e:5b:f1:5d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKdbIgQXv8M5X38B/13Xgp0eeH9IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDA3MDIwNzU3NDBaFw0yNTA3MDEwODAyNDBaMDMxMTAvBgNV
BAMTKDM2RThCQjRFMEREQTFGN0U5QzVCRUZEQjA2Q0QwNzNBRDZEMkI1NEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8aYDkCWur5OCEddUrjuOGBlc8
sjlulqN0iiKF4segZwv4gzEtzBAWI8R5UX2ql7jdG1lDa+AmOgSwLfy4syVQsWYa
pZANLG58kj7ICrRubCU5wzaN+H84HzVumePr6iV6HQLItepfnrW+iv0ocice1uRD
BYTitBwVEfs/UT9TPo3JRaZGO0OOXZXxdGjxLzv4SYzlDHZNuNHUBdueaFzNnYr6
lsfWAWv8M9WqrlYwgWDfZ/cmYF/QsVYx8vMKSXFKo2TR51Vcra8BBKIwSZCJWhzK
NHcJAm10Zqm1H+YK/1rdorowTF39B3Dg0KgbNdOvWO9wSVaLBJhTas8Mjt5jAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUNui7Tg3aH36cW+/bBs0HOtbStU4wHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzUyZTMxMzgzMTJlMzEzODM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzMzODM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BbW5MA0GCSqGSIb3DQEBCwUAA4IBAQB4qgIF8OmUvzLBGqlZAbpBTZDBdGwLVwA7
NpYO5KUaqfNRSZANMF3dqitBApcFzsC5Pn5wVxbiikW3woOwWjP3WfgdMUO9FbDG
2Cp2Gwm4vuxd0t7JUYCKfQXtU31l3ZIj2Qyxoi4SHkjSCjrGrEaar5LUmUE4h/io
OxmYvJEgtVG23i/D0ImB+uFAGuI6g+02iNnqdnr4AYc7zHM6YALyzKblyatPz1ZM
znvsQu4/TZh3eePaulncuBR/isWCwGNu6ng15sHQPlGF6AwheN7iuwpKlcQqbGfg
2NwFIVEW29CwKNHLogMdrJvnfTpSxcvSmfSf9aCVmPB8xsieW/Fd
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:15 2024 by rpki-client on console-ams.rpki-client.org