Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/352e3232362e3134362e302f32342d3234203d3e203538323939.roa
File: 352e3232362e3134362e302f32342d3234203d3e203538323939.roa (raw, json)
Hash identifier: qNr0TnWXn91io5Kf4S/eUzwAUX/WkTOzXp+VxijVCjY=
Subject key identifier: 0D:10:59:0A:13:D8:FE:19:5F:49:73:04:09:9C:40:E0:21:AE:D0:7F
Certificate issuer: /CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Certificate serial: 0E0773E97EEA689B00FE8A11D97E4970C53DED44
Authority key identifier: FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/352e3232362e3134362e302f32342d3234203d3e203538323939.roa
Signing time: Wed 04 Jun 2025 21:32:16 +0000
ROA not before: Wed 04 Jun 2025 21:27:16 +0000
ROA not after: Wed 03 Jun 2026 21:32:16 +0000
asID: 58299
IP address blocks: 5.226.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 06:03:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:07:73:e9:7e:ea:68:9b:00:fe:8a:11:d9:7e:49:70:c5:3d:ed:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Validity
Not Before: Jun 4 21:27:16 2025 GMT
Not After : Jun 3 21:32:16 2026 GMT
Subject: CN=0D10590A13D8FE195F497304099C40E021AED07F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:6d:de:74:b9:6f:a1:cc:81:f8:d6:2f:06:25:
e8:34:b4:de:60:bb:ad:c5:68:33:83:0d:a6:73:e2:
31:16:60:f3:bd:f4:73:92:14:b7:ee:24:47:df:69:
c2:87:47:6d:35:f4:6f:66:23:5e:6a:d4:c9:95:98:
19:07:20:b5:17:4a:56:f5:1b:aa:1d:8d:52:69:bb:
e3:61:2c:0c:f1:bb:58:cc:13:95:b5:de:27:3d:4f:
ac:b7:b5:d5:9e:f1:3f:70:03:03:83:76:c9:b1:d1:
85:6e:35:47:da:0e:65:7d:59:cb:95:57:cf:30:68:
5c:05:b9:18:ea:f9:ac:7b:12:16:97:15:ca:82:94:
70:03:a3:34:64:2c:b3:d5:4b:9a:80:67:23:d4:94:
a0:49:b0:60:94:a3:e2:81:2b:5a:b1:eb:93:0a:e1:
f5:e6:41:8c:e6:ea:13:a5:2d:e6:f7:37:c1:a8:7a:
e5:18:f2:af:3a:66:85:e6:fc:ad:9a:30:9f:12:e7:
9d:4e:ad:a4:f3:52:c7:8a:a0:57:cd:0c:11:fe:d8:
5f:22:94:84:1e:17:0d:0b:c7:6d:f2:58:69:b5:b6:
5b:ff:82:86:31:18:fe:f4:cb:87:c2:ec:8c:fb:77:
3c:89:6a:fd:e1:95:38:65:10:d3:88:58:78:41:d5:
85:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:10:59:0A:13:D8:FE:19:5F:49:73:04:09:9C:40:E0:21:AE:D0:7F
X509v3 Authority Key Identifier:
keyid:FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/352e3232362e3134362e302f32342d3234203d3e203538323939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.146.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:92:e4:1c:b4:3e:aa:2e:05:ec:01:85:be:d8:e5:f9:7b:a5:
8b:09:a2:17:06:fd:6a:3f:b6:17:1c:9d:75:1a:a8:bb:a9:4f:
10:f6:dd:ba:0d:e8:39:78:3d:5a:52:1c:fd:1b:47:fb:5a:ba:
90:cb:ef:f3:af:a2:cc:9c:33:62:83:0d:0a:c5:71:ae:13:78:
79:f5:cc:d1:58:dd:89:61:ca:d6:ad:dd:de:18:4b:3e:60:52:
b6:e7:f6:3b:db:e3:cf:b7:1c:1b:a0:c8:54:5a:08:f3:55:e4:
d6:ee:96:f3:9d:86:34:6c:37:05:05:de:62:e8:bf:c4:95:bf:
49:7d:c8:22:41:e1:44:76:7a:f0:b5:4d:66:a8:a9:fb:db:a8:
43:ae:d3:f0:0a:54:68:99:df:ba:bc:e0:2d:50:f8:91:19:34:
41:b3:07:2a:1f:23:31:ee:be:5b:33:0a:21:5f:a5:4b:43:18:
e7:2c:43:4d:12:32:b5:7d:6b:41:59:4c:c9:0d:af:c1:02:2b:
14:57:ea:78:e2:51:4d:a9:71:89:37:1e:1d:35:5c:37:53:25:
f5:13:7a:fe:4b:e2:da:ee:5c:f2:fa:ab:2c:8a:6d:b8:28:e6:
04:8c:3d:19:61:9a:d4:4c:6d:18:5b:16:66:c9:7b:1a:c8:cf:
c8:c8:1e:e2
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUDgdz6X7qaJsA/ooR2X5JcMU97UQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmFjNDcwOGQ3ZTI2NWRiMTA0NGY5YmIwZWU4NzI4NTg3
ZjQ4YjQ4NDAeFw0yNTA2MDQyMTI3MTZaFw0yNjA2MDMyMTMyMTZaMDMxMTAvBgNV
BAMTKDBEMTA1OTBBMTNEOEZFMTk1RjQ5NzMwNDA5OUM0MEUwMjFBRUQwN0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMbd50uW+hzIH41i8GJeg0tN5g
u63FaDODDaZz4jEWYPO99HOSFLfuJEffacKHR2019G9mI15q1MmVmBkHILUXSlb1
G6odjVJpu+NhLAzxu1jME5W13ic9T6y3tdWe8T9wAwODdsmx0YVuNUfaDmV9WcuV
V88waFwFuRjq+ax7EhaXFcqClHADozRkLLPVS5qAZyPUlKBJsGCUo+KBK1qx65MK
4fXmQYzm6hOlLeb3N8GoeuUY8q86ZoXm/K2aMJ8S551OraTzUseKoFfNDBH+2F8i
lIQeFw0Lx23yWGm1tlv/goYxGP70y4fC7Iz7dzyJav3hlThlENOIWHhB1YUhAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUDRBZChPY/hlfSXMECZxA4CGu0H8wHwYDVR0j
BBgwFoAU+sRwjX4mXbEET5uw7ocoWH9ItIQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNWI1OGU2NDYtZTdhMi00NjVjLTg3YzUtNDNjMzU5YWQ5
MzY5LzAvRkFDNDcwOEQ3RTI2NURCMTA0NEY5QkIwRUU4NzI4NTg3RjQ4QjQ4NC5j
cmwwZQYIKwYBBQUHAQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEtc1J3alg0bVhiRUVUNXV3N29jb1dI
OUl0SVEuY2VyMIGrBggrBgEFBQcBCwSBnjCBmzCBmAYIKwYBBQUHMAuGgYtyc3lu
YzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzViNThlNjQ2
LWU3YTItNDY1Yy04N2M1LTQzYzM1OWFkOTM2OS8wLzM1MmUzMjMyMzYyZTMxMzQz
NjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzgzMjM5Mzkucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAF
4pIwDQYJKoZIhvcNAQELBQADggEBAEyS5By0PqouBewBhb7Y5fl7pYsJohcG/Wo/
thccnXUaqLupTxD23boN6Dl4PVpSHP0bR/taupDL7/OvosycM2KDDQrFca4TeHn1
zNFY3Ylhytat3d4YSz5gUrbn9jvb48+3HBugyFRaCPNV5NbulvOdhjRsNwUF3mLo
v8SVv0l9yCJB4UR2evC1TWaoqfvbqEOu0/AKVGiZ37q84C1Q+JEZNEGzByofIzHu
vlszCiFfpUtDGOcsQ00SMrV9a0FZTMkNr8ECKxRX6njiUU2pcYk3Hh01XDdTJfUT
ev5L4truXPL6qyyKbbgo5gSMPRlhmtRMbRhbFmbJexrIz8jIHuI=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:30:02 2025 by rpki-client