Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137362e302f32342d3234203d3e20323136323036.roa
File: 352e3138312e3137362e302f32342d3234203d3e20323136323036.roa (raw, json)
Hash identifier: ZGSqwasLlI7tdNyFseCbzDI0cmNox62OTrtK4OTRvJQ=
Subject key identifier: 52:BA:B6:8C:8B:B8:EE:E1:15:D8:32:BB:52:AB:6A:E3:19:74:C1:06
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 30C8C4D488E8D106BD3CCFC14E08A56BC3E539DA
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137362e302f32342d3234203d3e20323136323036.roa
Signing time: Fri 01 Mar 2024 14:58:45 +0000
ROA not before: Fri 01 Mar 2024 14:53:45 +0000
ROA not after: Fri 28 Feb 2025 14:58:45 +0000
asID: 216206
IP address blocks: 5.181.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 16:37:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:c8:c4:d4:88:e8:d1:06:bd:3c:cf:c1:4e:08:a5:6b:c3:e5:39:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 1 14:53:45 2024 GMT
Not After : Feb 28 14:58:45 2025 GMT
Subject: CN=52BAB68C8BB8EEE115D832BB52AB6AE31974C106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:87:33:20:8f:e3:02:22:e3:c3:5b:41:d6:5c:
b8:52:e0:2e:42:b2:a6:c7:d7:35:8c:c7:be:67:24:
e8:c0:2e:5f:be:78:2d:0d:c4:98:0a:1d:80:7f:e8:
a9:b8:c0:36:cf:ee:f8:97:77:18:7d:8b:45:ab:9d:
a8:ad:6b:6e:a9:f4:31:b4:b4:1a:76:5c:b1:64:60:
3e:bc:11:99:df:f6:65:58:36:a5:b4:97:5c:df:33:
a0:5e:71:99:42:5e:d1:f7:f6:03:a6:45:c6:4d:e6:
5c:73:65:5a:dd:ba:1e:24:14:6a:e7:84:cc:53:0a:
2c:b8:91:bf:a4:b9:8d:5a:bc:60:4c:21:37:dd:06:
a2:c6:1f:f6:5a:cb:23:34:53:f0:6e:d5:3a:70:5b:
20:9d:83:58:bb:21:49:ec:3e:12:30:55:08:f4:a1:
09:95:f8:bc:58:c1:ab:05:b5:de:e7:ab:9b:6b:80:
21:42:d0:3c:e5:72:75:d9:e9:a2:7c:00:7b:cc:f3:
79:ea:49:c7:cd:1f:80:20:4d:fc:38:3b:4d:16:1a:
fd:41:62:d4:52:06:ee:6c:5a:c6:eb:4f:60:21:db:
92:7a:57:70:70:1b:9f:ca:b8:d0:24:8a:d5:a3:49:
0b:27:9b:4f:67:d1:1b:a4:db:7e:1f:48:2a:2a:02:
36:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:BA:B6:8C:8B:B8:EE:E1:15:D8:32:BB:52:AB:6A:E3:19:74:C1:06
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137362e302f32342d3234203d3e20323136323036.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.176.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:66:4a:9f:98:f3:b1:be:84:9a:26:fa:f3:b5:f3:15:50:d7:
cb:ac:a4:c2:88:08:c9:60:2a:aa:c7:c5:24:34:d2:06:29:6a:
43:55:c5:6e:c6:63:a6:ec:06:67:5f:5f:81:9e:90:bc:c8:bb:
ca:a4:73:57:0f:4a:70:59:87:12:7f:53:bc:95:6b:a9:49:b8:
ff:5a:88:95:97:53:6d:46:d4:40:71:20:95:ff:21:1c:d0:d7:
ca:b2:48:86:8d:f4:38:9f:28:4b:19:5d:02:c2:91:69:4a:fd:
83:13:26:44:ef:d2:83:46:56:9e:1c:e0:6f:10:4f:4e:61:3b:
3b:b2:ef:92:fb:f8:3e:6d:5e:99:d5:3b:cc:a8:46:be:cd:13:
a5:d7:f7:e5:6e:fe:d8:06:a4:1d:18:5a:36:1d:04:c7:cc:18:
e9:a3:13:50:1b:0d:a9:93:cf:98:f8:05:80:75:bb:8b:1b:55:
31:c9:3b:a9:6b:db:d0:38:b9:b5:78:0f:2f:ec:19:39:81:8d:
4d:37:35:07:1c:fe:d5:98:82:44:b4:db:0f:ca:ac:5c:e5:96:
92:a0:e1:d7:ee:f7:8f:35:ef:ff:e1:4a:92:ff:de:f9:c6:f4:
1a:0c:1f:27:bc:62:d0:b4:45:46:3f:36:32:a9:0e:1b:67:bf:
e9:51:a5:ac
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMMjE1Ijo0Qa9PM/BTgila8PlOdowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDAzMDExNDUzNDVaFw0yNTAyMjgxNDU4NDVaMDMxMTAvBgNV
BAMTKDUyQkFCNjhDOEJCOEVFRTExNUQ4MzJCQjUyQUI2QUUzMTk3NEMxMDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyhzMgj+MCIuPDW0HWXLhS4C5C
sqbH1zWMx75nJOjALl++eC0NxJgKHYB/6Km4wDbP7viXdxh9i0Wrnaita26p9DG0
tBp2XLFkYD68EZnf9mVYNqW0l1zfM6BecZlCXtH39gOmRcZN5lxzZVrduh4kFGrn
hMxTCiy4kb+kuY1avGBMITfdBqLGH/ZayyM0U/Bu1TpwWyCdg1i7IUnsPhIwVQj0
oQmV+LxYwasFtd7nq5trgCFC0DzlcnXZ6aJ8AHvM83nqScfNH4AgTfw4O00WGv1B
YtRSBu5sWsbrT2Ah25J6V3BwG5/KuNAkitWjSQsnm09n0Ruk234fSCoqAjavAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUUrq2jIu47uEV2DK7Uqtq4xl0wQYwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzUyZTMxMzgzMTJlMzEzNzM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM2MzIzMDM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BbWwMA0GCSqGSIb3DQEBCwUAA4IBAQCjZkqfmPOxvoSaJvrztfMVUNfLrKTCiAjJ
YCqqx8UkNNIGKWpDVcVuxmOm7AZnX1+BnpC8yLvKpHNXD0pwWYcSf1O8lWupSbj/
WoiVl1NtRtRAcSCV/yEc0NfKskiGjfQ4nyhLGV0CwpFpSv2DEyZE79KDRlaeHOBv
EE9OYTs7su+S+/g+bV6Z1TvMqEa+zROl1/flbv7YBqQdGFo2HQTHzBjpoxNQGw2p
k8+Y+AWAdbuLG1UxyTupa9vQOLm1eA8v7Bk5gY1NNzUHHP7VmIJEtNsPyqxc5ZaS
oOHX7vePNe//4UqS/975xvQaDB8nvGLQtEVGPzYyqQ4bZ7/pUaWs
-----END CERTIFICATE-----
Generated at Sat May 11 20:11:50 2024 by rpki-client on console-fra.rpki-client.org