Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138372e302f32342d3234203d3e20323135313434.roa
File: 352e3138312e3138372e302f32342d3234203d3e20323135313434.roa (raw, json)
Hash identifier: 7HOX1LID6a6bv6Eqk61wt7wWNIXrSZ5BtgOQZjJIn7Q=
Subject key identifier: F9:DC:4D:3C:61:FB:22:3F:65:DC:E6:08:EE:2F:C5:E7:2D:BA:D0:C4
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 2F8B833D636886A6A7E34F03D1C9B1FD2201063C
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138372e302f32342d3234203d3e20323135313434.roa
Signing time: Wed 10 Apr 2024 13:01:04 +0000
ROA not before: Wed 10 Apr 2024 12:56:04 +0000
ROA not after: Wed 09 Apr 2025 13:01:04 +0000
asID: 215144
IP address blocks: 5.181.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:8b:83:3d:63:68:86:a6:a7:e3:4f:03:d1:c9:b1:fd:22:01:06:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Apr 10 12:56:04 2024 GMT
Not After : Apr 9 13:01:04 2025 GMT
Subject: CN=F9DC4D3C61FB223F65DCE608EE2FC5E72DBAD0C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e1:72:9b:8f:7c:31:d7:75:ed:09:5c:72:8a:
75:09:7f:fc:4c:2b:1a:67:e3:e3:1a:24:ae:c8:b8:
6f:5b:51:15:49:45:ac:66:cd:55:df:68:52:d9:98:
db:78:f3:99:7b:5e:47:df:74:fd:b4:09:1c:73:87:
bd:10:9d:7b:f7:a8:88:b3:e4:eb:1d:f5:87:9f:fb:
b9:e8:d7:3d:1a:b4:30:38:bd:60:8a:7f:08:0c:79:
47:a2:bf:90:b6:02:3f:83:c3:6c:fe:38:67:24:6c:
0b:0a:ee:43:11:ee:b4:c0:71:a5:1f:d0:f8:c8:24:
09:fc:be:52:67:2b:ff:3b:0c:a9:49:1f:47:48:5d:
b0:e2:4b:e7:c9:b5:0c:e8:94:c8:48:f7:a6:18:ad:
df:5e:ac:da:09:95:b8:a2:43:ef:47:b9:ec:79:29:
3a:bf:2f:e9:6b:24:06:f5:0f:03:f3:1f:be:dd:95:
f9:d8:5d:8e:f1:c2:15:ba:4f:a2:59:34:9a:6f:fb:
53:b6:57:7e:ca:64:73:9c:78:3b:32:3e:ad:df:b5:
db:14:ab:88:13:9a:78:7f:58:cb:b1:ff:54:bb:3e:
00:0d:28:e3:e4:84:2b:2c:2a:43:12:13:91:a5:5b:
50:6e:7e:da:cc:fb:ea:85:34:4e:28:47:35:e0:6a:
0a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:DC:4D:3C:61:FB:22:3F:65:DC:E6:08:EE:2F:C5:E7:2D:BA:D0:C4
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138372e302f32342d3234203d3e20323135313434.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.187.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:b0:d5:e6:a1:b2:a7:a5:78:f9:f2:63:97:cc:95:ef:d3:78:
40:0e:01:d7:d0:83:9b:f1:c3:75:e4:1b:b6:60:a0:64:b6:a2:
3e:9b:c8:d4:1a:6f:4a:46:77:05:2b:02:d3:96:b7:04:1e:0e:
d7:c1:62:30:be:41:1e:41:6f:00:39:da:5e:8a:a8:7d:08:97:
d3:ce:46:39:ff:cb:7a:2d:af:44:c9:df:95:76:4b:28:e2:03:
e9:7a:c3:2a:fe:8d:54:82:1a:20:ef:c9:b2:98:e2:4b:2f:14:
9f:dc:b4:f6:32:10:5a:ae:fc:1e:1f:aa:af:d9:43:0a:96:54:
70:9d:42:73:ff:96:20:10:a6:52:12:4f:9a:a8:dc:3e:d2:72:
81:01:9f:d2:d4:37:a9:57:db:fc:52:69:cb:ec:de:57:b1:7a:
ab:81:21:71:84:0b:85:42:cf:32:f8:3b:5d:da:04:14:5b:5a:
db:d1:85:e3:f7:3e:de:87:e2:90:1b:b6:4a:5f:70:5b:ff:d9:
6d:57:c5:9c:dc:9b:67:c5:16:19:c5:fb:13:bc:b3:b5:dc:78:
33:f4:23:f1:e3:01:51:a8:d2:b0:3b:ad:34:1c:d0:3b:9b:59:
6d:20:e0:76:9b:73:ee:1f:c2:31:62:1b:1b:84:0c:d9:8b:a8:
9b:4a:14:2a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUL4uDPWNohqan408D0cmx/SIBBjwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDA0MTAxMjU2MDRaFw0yNTA0MDkxMzAxMDRaMDMxMTAvBgNV
BAMTKEY5REM0RDNDNjFGQjIyM0Y2NURDRTYwOEVFMkZDNUU3MkRCQUQwQzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq4XKbj3wx13XtCVxyinUJf/xM
Kxpn4+MaJK7IuG9bURVJRaxmzVXfaFLZmNt485l7XkffdP20CRxzh70QnXv3qIiz
5Osd9Yef+7no1z0atDA4vWCKfwgMeUeiv5C2Aj+Dw2z+OGckbAsK7kMR7rTAcaUf
0PjIJAn8vlJnK/87DKlJH0dIXbDiS+fJtQzolMhI96YYrd9erNoJlbiiQ+9Huex5
KTq/L+lrJAb1DwPzH77dlfnYXY7xwhW6T6JZNJpv+1O2V37KZHOceDsyPq3ftdsU
q4gTmnh/WMux/1S7PgANKOPkhCssKkMSE5GlW1BuftrM++qFNE4oRzXgagpjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU+dxNPGH7Ij9l3OYI7i/F5y260MQwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzUyZTMxMzgzMTJlMzEzODM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM1MzEzNDM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BbW7MA0GCSqGSIb3DQEBCwUAA4IBAQC3sNXmobKnpXj58mOXzJXv03hADgHX0IOb
8cN15Bu2YKBktqI+m8jUGm9KRncFKwLTlrcEHg7XwWIwvkEeQW8AOdpeiqh9CJfT
zkY5/8t6La9Eyd+Vdkso4gPpesMq/o1Ughog78mymOJLLxSf3LT2MhBarvweH6qv
2UMKllRwnUJz/5YgEKZSEk+aqNw+0nKBAZ/S1DepV9v8UmnL7N5XsXqrgSFxhAuF
Qs8y+Dtd2gQUW1rb0YXj9z7eh+KQG7ZKX3Bb/9ltV8Wc3JtnxRYZxfsTvLO13Hgz
9CPx4wFRqNKwO600HNA7m1ltIOB2m3PuH8IxYhsbhAzZi6ibShQq
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:01 2024 by rpki-client on console-fra.rpki-client.org