Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137362e302f32342d3234203d3e20323032363733.roa
File: 352e3138312e3137362e302f32342d3234203d3e20323032363733.roa (raw, json)
Hash identifier: 79sTZTXBvc1XuJwVx13tNmNKENseA4a8loAaotxnp8s=
Subject key identifier: 93:FA:BE:24:A9:7F:52:93:1E:60:36:54:02:D1:F1:31:48:0D:B4:52
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 4B45BCD23FB8509DEBE844AB7A61BE026921DBCE
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137362e302f32342d3234203d3e20323032363733.roa
Signing time: Mon 01 Jul 2024 05:48:36 +0000
ROA not before: Mon 01 Jul 2024 05:43:36 +0000
ROA not after: Mon 30 Jun 2025 05:48:36 +0000
asID: 202673
IP address blocks: 5.181.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:45:bc:d2:3f:b8:50:9d:eb:e8:44:ab:7a:61:be:02:69:21:db:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jul 1 05:43:36 2024 GMT
Not After : Jun 30 05:48:36 2025 GMT
Subject: CN=93FABE24A97F52931E60365402D1F131480DB452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3e:9e:1e:d0:da:7c:dc:d1:3c:62:3e:71:1a:
ff:ce:b0:dd:48:8e:4f:21:be:94:cd:84:2e:ff:09:
5f:6e:f1:78:f4:c0:a0:74:95:52:ec:6c:48:9a:cb:
fa:10:b6:5b:af:e1:dc:e0:53:2b:db:92:14:39:fc:
d7:2e:e4:cb:7f:1d:2d:8e:8f:86:4e:e1:a4:30:95:
1a:4d:0b:37:69:36:d0:22:9b:d0:c7:9f:b2:41:04:
3b:56:10:bb:06:ff:4a:4f:fe:cf:ea:40:5a:c5:00:
68:78:13:3e:21:d0:bd:63:3c:70:6d:31:f3:c8:0a:
b5:44:8a:63:a1:18:09:a7:99:42:42:03:79:2a:f3:
b5:2b:ac:a0:ce:31:e4:25:9e:9c:99:9f:09:d3:10:
f4:c4:2b:9b:f9:7e:14:68:09:f9:0b:52:a5:fb:86:
dc:7b:81:50:07:c9:37:7e:8b:7c:65:af:09:b9:93:
d4:6c:28:77:6c:38:40:e9:56:64:25:d6:67:ad:f6:
29:37:d0:31:09:9e:fd:a2:e9:fc:93:38:3f:1f:53:
c3:19:09:58:32:5e:83:bb:10:64:49:0f:29:f4:7e:
5b:e0:fb:d1:52:8b:db:a1:e8:52:0f:32:b0:45:f0:
41:9a:00:81:a9:fe:6e:56:fa:3a:55:c5:0f:ca:8a:
24:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:FA:BE:24:A9:7F:52:93:1E:60:36:54:02:D1:F1:31:48:0D:B4:52
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137362e302f32342d3234203d3e20323032363733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.176.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:c6:e6:2d:e8:fc:ba:56:88:1d:d2:f8:8f:95:5d:73:7c:c6:
7d:c5:1c:84:c0:f0:d9:53:ac:8c:af:24:3e:fc:fb:a8:01:fc:
30:43:18:49:63:5e:b0:65:b1:75:b3:24:36:ed:15:84:0f:bc:
25:05:4a:ec:75:2a:bf:ff:8f:f0:f6:a3:2b:f3:80:b2:03:41:
98:82:9b:c0:b2:fd:08:88:3f:52:3a:f5:4d:5d:05:c3:c7:f6:
18:cc:3c:bd:3f:97:7c:f8:49:b0:44:54:53:d8:34:57:37:62:
11:e1:63:bd:33:b1:0c:cf:da:f4:a0:e7:32:da:1b:0d:94:ce:
c1:08:a3:5a:29:3d:28:17:b0:03:6c:00:11:48:b8:3b:21:d2:
ee:9a:bc:30:22:de:ef:a2:0a:56:c4:b0:b1:4b:b5:de:72:4f:
b6:e8:ae:5f:63:91:88:c8:c4:16:1e:68:32:f0:29:6c:dc:c3:
11:0c:38:4b:83:41:b0:bd:7a:57:1f:67:13:67:64:1b:d4:e9:
7f:6d:88:a8:df:10:e8:2e:3f:70:17:8e:66:84:52:2e:0a:04:
6c:27:93:97:80:f6:99:44:4a:f7:52:de:da:dd:f8:fe:1f:21:
64:41:21:cf:2e:39:df:32:2b:99:4a:10:d8:73:fd:01:c9:26:
71:b7:b0:46
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUS0W80j+4UJ3r6ESremG+Amkh284wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDA3MDEwNTQzMzZaFw0yNTA2MzAwNTQ4MzZaMDMxMTAvBgNV
BAMTKDkzRkFCRTI0QTk3RjUyOTMxRTYwMzY1NDAyRDFGMTMxNDgwREI0NTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5Pp4e0Np83NE8Yj5xGv/OsN1I
jk8hvpTNhC7/CV9u8Xj0wKB0lVLsbEiay/oQtluv4dzgUyvbkhQ5/Ncu5Mt/HS2O
j4ZO4aQwlRpNCzdpNtAim9DHn7JBBDtWELsG/0pP/s/qQFrFAGh4Ez4h0L1jPHBt
MfPICrVEimOhGAmnmUJCA3kq87UrrKDOMeQlnpyZnwnTEPTEK5v5fhRoCfkLUqX7
htx7gVAHyTd+i3xlrwm5k9RsKHdsOEDpVmQl1met9ik30DEJnv2i6fyTOD8fU8MZ
CVgyXoO7EGRJDyn0flvg+9FSi9uh6FIPMrBF8EGaAIGp/m5W+jpVxQ/KiiRTAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUk/q+JKl/UpMeYDZUAtHxMUgNtFIwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzUyZTMxMzgzMTJlMzEzNzM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMyMzYzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BbWwMA0GCSqGSIb3DQEBCwUAA4IBAQA/xuYt6Py6Vogd0viPlV1zfMZ9xRyEwPDZ
U6yMryQ+/PuoAfwwQxhJY16wZbF1syQ27RWED7wlBUrsdSq//4/w9qMr84CyA0GY
gpvAsv0IiD9SOvVNXQXDx/YYzDy9P5d8+EmwRFRT2DRXN2IR4WO9M7EMz9r0oOcy
2hsNlM7BCKNaKT0oF7ADbAARSLg7IdLumrwwIt7vogpWxLCxS7Xeck+26K5fY5GI
yMQWHmgy8Cls3MMRDDhLg0GwvXpXH2cTZ2Qb1Ol/bYio3xDoLj9wF45mhFIuCgRs
J5OXgPaZREr3Ut7a3fj+HyFkQSHPLjnfMiuZShDYc/0BySZxt7BG
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:43 2024 by rpki-client on console-ams.rpki-client.org