Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138372e302f32342d3234203d3e20323135373033.roa
File: 352e3138312e3138372e302f32342d3234203d3e20323135373033.roa (raw, json)
Hash identifier: NPvxKSNfdGX2aoCtCwLVMBnzeoN7AU2GpBh+K+JOMMc=
Subject key identifier: B1:F9:03:EC:A7:AD:C8:CD:F1:E7:A5:BC:26:7E:2F:F1:AF:25:88:B9
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 47A72C498F569A143CF4F761F4DAFE14577BC64E
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138372e302f32342d3234203d3e20323135373033.roa
Signing time: Sat 11 Jan 2025 12:02:23 +0000
ROA not before: Sat 11 Jan 2025 11:57:23 +0000
ROA not after: Sat 10 Jan 2026 12:02:23 +0000
asID: 215703
IP address blocks: 5.181.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:a7:2c:49:8f:56:9a:14:3c:f4:f7:61:f4:da:fe:14:57:7b:c6:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jan 11 11:57:23 2025 GMT
Not After : Jan 10 12:02:23 2026 GMT
Subject: CN=B1F903ECA7ADC8CDF1E7A5BC267E2FF1AF2588B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:db:34:6f:16:76:26:14:08:9b:da:32:f8:c3:
78:3a:9f:25:58:de:7a:91:8c:ef:f2:04:4a:a5:b4:
b2:a9:91:8f:f8:f2:3b:4f:ea:83:bc:74:3a:78:9a:
af:7c:21:1e:23:28:4e:c0:3f:87:fb:a1:41:f3:82:
5d:43:27:7c:76:59:46:5c:d5:02:5c:70:a3:2c:87:
31:e8:00:a2:43:79:bc:7b:21:59:09:de:37:1a:40:
1a:1b:07:fb:9c:a2:a4:0d:84:e0:23:1a:5d:3f:92:
74:4b:47:df:86:89:90:33:1b:d0:3a:6a:47:ca:4f:
0d:88:64:5c:62:6b:db:0b:3c:74:c1:31:3f:be:8b:
b6:0b:55:f5:77:28:8a:87:6f:08:fc:dd:96:ed:0f:
16:eb:66:a8:19:d9:46:81:62:aa:03:05:f6:f0:3a:
d9:da:2e:31:10:a5:ac:41:ff:31:f3:56:17:84:4d:
fa:6c:65:16:e3:b0:1d:af:12:f5:be:8d:e9:b1:d9:
06:12:e8:7c:f7:b2:c3:76:33:2b:98:6d:36:f2:fd:
f5:17:e7:ac:64:c3:c6:8e:a0:1c:26:5d:6b:4d:fc:
7f:a2:27:ff:f0:04:2e:4c:c0:54:62:27:80:2e:f8:
dc:21:e7:de:d1:2f:93:06:92:8a:05:6b:64:8a:85:
0b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:F9:03:EC:A7:AD:C8:CD:F1:E7:A5:BC:26:7E:2F:F1:AF:25:88:B9
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138372e302f32342d3234203d3e20323135373033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.187.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:b3:6f:23:9d:6c:ea:d7:62:a3:52:73:82:82:16:10:e1:62:
4e:74:84:f0:78:30:3d:81:f4:83:2c:92:f3:3f:96:fa:df:8d:
5b:bd:de:c6:7a:c0:b8:09:9f:90:13:08:9a:b6:2c:66:27:7e:
47:03:21:e9:0b:4a:cc:7e:95:7b:fb:29:b9:0a:24:eb:2b:d3:
af:da:44:bd:ae:27:8d:cf:b8:c8:66:c0:68:ac:26:b2:e7:7a:
a7:f8:7f:68:30:3b:bb:e7:aa:67:c7:76:81:2d:e0:90:72:60:
eb:eb:97:fb:58:27:da:8e:47:82:64:29:dc:ed:7b:4f:5e:15:
b4:36:60:20:7e:b1:cc:52:91:ae:84:a9:52:87:da:14:6c:b1:
ac:fe:9f:4c:15:54:6d:08:f4:8e:6c:c9:2d:b8:5b:0d:ae:32:
2b:fc:8c:8d:cc:e2:52:bc:17:fc:73:cb:96:f1:bc:3e:fb:73:
9d:b2:30:5f:6b:22:b5:7c:d1:32:91:97:d2:b0:2a:5b:ee:b7:
64:fb:45:61:8a:b1:e4:a8:85:0e:fd:0b:82:25:62:eb:93:50:
09:33:94:70:10:89:5e:d2:70:0f:e5:08:88:ff:b6:5b:28:73:
9a:3a:26:58:49:90:63:e4:62:f0:dc:ec:03:15:28:93:cc:b4:
c4:eb:ce:66
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUR6csSY9WmhQ89Pdh9Nr+FFd7xk4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTAxMTExMTU3MjNaFw0yNjAxMTAxMjAyMjNaMDMxMTAvBgNV
BAMTKEIxRjkwM0VDQTdBREM4Q0RGMUU3QTVCQzI2N0UyRkYxQUYyNTg4QjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+2zRvFnYmFAib2jL4w3g6nyVY
3nqRjO/yBEqltLKpkY/48jtP6oO8dDp4mq98IR4jKE7AP4f7oUHzgl1DJ3x2WUZc
1QJccKMshzHoAKJDebx7IVkJ3jcaQBobB/ucoqQNhOAjGl0/knRLR9+GiZAzG9A6
akfKTw2IZFxia9sLPHTBMT++i7YLVfV3KIqHbwj83ZbtDxbrZqgZ2UaBYqoDBfbw
OtnaLjEQpaxB/zHzVheETfpsZRbjsB2vEvW+jemx2QYS6Hz3ssN2MyuYbTby/fUX
56xkw8aOoBwmXWtN/H+iJ//wBC5MwFRiJ4Au+Nwh597RL5MGkooFa2SKhQuBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUsfkD7KetyM3x56W8Jn4v8a8liLkwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzUyZTMxMzgzMTJlMzEzODM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM1MzczMDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BbW7MA0GCSqGSIb3DQEBCwUAA4IBAQAbs28jnWzq12KjUnOCghYQ4WJOdITweDA9
gfSDLJLzP5b6341bvd7GesC4CZ+QEwiatixmJ35HAyHpC0rMfpV7+ym5CiTrK9Ov
2kS9rieNz7jIZsBorCay53qn+H9oMDu756pnx3aBLeCQcmDr65f7WCfajkeCZCnc
7XtPXhW0NmAgfrHMUpGuhKlSh9oUbLGs/p9MFVRtCPSObMktuFsNrjIr/IyNzOJS
vBf8c8uW8bw++3OdsjBfayK1fNEykZfSsCpb7rdk+0VhirHkqIUO/QuCJWLrk1AJ
M5RwEIle0nAP5QiI/7ZbKHOaOiZYSZBj5GLw3OwDFSiTzLTE685m
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:10:20 2025 by rpki-client