Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137372e302f32342d3234203d3e20323134363737.roa
File: 352e3138312e3137372e302f32342d3234203d3e20323134363737.roa (raw, json)
Hash identifier: IBgwZNBAZ6olnwpXzb+GHQ28FIlRk/3WaSuN21c8t5M=
Subject key identifier: 57:8A:1A:A8:1D:FF:01:36:ED:E2:E0:55:7C:7A:D5:42:31:DA:40:CE
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 2E6BACBE32A3518EC900F232D9AA079718163678
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137372e302f32342d3234203d3e20323134363737.roa
Signing time: Sat 02 Nov 2024 11:33:40 +0000
ROA not before: Sat 02 Nov 2024 11:28:40 +0000
ROA not after: Sat 01 Nov 2025 11:33:40 +0000
asID: 214677
IP address blocks: 5.181.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:6b:ac:be:32:a3:51:8e:c9:00:f2:32:d9:aa:07:97:18:16:36:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Nov 2 11:28:40 2024 GMT
Not After : Nov 1 11:33:40 2025 GMT
Subject: CN=578A1AA81DFF0136EDE2E0557C7AD54231DA40CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f5:a4:d2:26:9a:b3:0d:d8:e0:85:b7:a3:12:
b4:7e:19:37:b1:1b:18:90:33:e1:46:39:6f:6a:d6:
e6:b8:a9:e0:53:47:77:29:4c:0c:ea:9e:a6:64:98:
66:17:92:1b:ce:11:88:79:91:9c:f5:3b:b6:61:8c:
aa:94:36:95:83:0a:0e:d4:53:48:ec:80:c6:62:0c:
bd:07:5c:52:5a:69:b2:4a:29:88:e2:37:c2:06:a9:
a6:bf:e3:fa:b6:a8:84:e5:81:c5:ba:95:99:16:25:
39:aa:34:da:4c:30:a0:8b:c6:49:08:5b:b1:df:66:
0d:5d:fb:51:54:97:46:01:4a:56:2c:a9:85:e7:d7:
44:2d:a5:88:1a:bb:66:91:9e:16:90:b6:7f:5a:73:
c9:f4:a2:ee:b6:31:64:aa:0f:37:9a:0c:26:01:53:
45:be:a5:6b:25:28:ef:2b:94:20:15:af:39:c8:fc:
77:52:a7:64:dd:6e:24:82:95:58:12:af:a5:e1:bc:
67:a0:08:bc:7e:b9:39:cb:00:be:ae:12:18:df:f7:
e1:92:dc:3a:59:71:82:0e:19:d9:9b:e3:2d:df:bc:
bc:96:cb:66:9b:74:bb:93:c7:b4:42:b4:6d:e4:bd:
b4:76:a8:6b:26:b2:ff:6e:80:66:ef:2a:48:23:25:
f0:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:8A:1A:A8:1D:FF:01:36:ED:E2:E0:55:7C:7A:D5:42:31:DA:40:CE
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137372e302f32342d3234203d3e20323134363737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.177.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:19:19:1e:13:83:db:2e:28:64:10:ea:4c:36:af:cb:a2:17:
bf:74:ea:75:e6:cf:52:b8:11:d3:39:ba:9d:ef:cd:dc:43:45:
28:c9:89:ab:7c:5e:53:cd:3c:d3:db:23:f2:09:14:13:d8:e5:
f5:af:39:95:88:4c:5a:70:40:f9:84:92:f8:2c:11:f9:a9:1f:
9b:6e:cb:d6:8e:6c:9b:49:48:3d:60:79:9f:9a:9a:c7:23:38:
bd:44:8f:75:72:a9:53:31:9a:93:44:32:a2:fb:95:b1:5f:28:
05:f5:bc:aa:da:76:70:f0:44:94:3f:d5:a2:d1:ec:bc:29:ae:
5f:eb:b8:92:00:39:f1:ad:79:64:4b:7b:92:b4:9d:e3:63:28:
7c:31:4b:b4:2d:54:78:87:ec:18:4d:8f:97:7f:8b:e8:25:72:
9d:32:47:36:7a:39:a9:34:f8:86:76:34:26:f8:56:8d:54:b7:
9e:07:5c:ff:8b:62:30:1d:91:91:b2:e7:0e:2d:a9:f3:23:65:
e5:71:cb:6f:6b:88:20:8c:59:6d:ac:b6:49:ce:dd:e9:fc:b9:
c8:e0:7b:97:3b:57:c8:46:b2:0f:45:f0:88:15:7d:d5:f3:57:
05:a3:7d:37:cb:df:00:27:bc:c3:a4:be:83:41:da:6e:8f:24:
eb:03:64:a8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIULmusvjKjUY7JAPIy2aoHlxgWNngwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDExMDIxMTI4NDBaFw0yNTExMDExMTMzNDBaMDMxMTAvBgNV
BAMTKDU3OEExQUE4MURGRjAxMzZFREUyRTA1NTdDN0FENTQyMzFEQTQwQ0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy9aTSJpqzDdjghbejErR+GTex
GxiQM+FGOW9q1ua4qeBTR3cpTAzqnqZkmGYXkhvOEYh5kZz1O7ZhjKqUNpWDCg7U
U0jsgMZiDL0HXFJaabJKKYjiN8IGqaa/4/q2qITlgcW6lZkWJTmqNNpMMKCLxkkI
W7HfZg1d+1FUl0YBSlYsqYXn10QtpYgau2aRnhaQtn9ac8n0ou62MWSqDzeaDCYB
U0W+pWslKO8rlCAVrznI/HdSp2TdbiSClVgSr6XhvGegCLx+uTnLAL6uEhjf9+GS
3DpZcYIOGdmb4y3fvLyWy2abdLuTx7RCtG3kvbR2qGsmsv9ugGbvKkgjJfCLAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUV4oaqB3/ATbt4uBVfHrVQjHaQM4wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzUyZTMxMzgzMTJlMzEzNzM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM0MzYzNzM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BbWxMA0GCSqGSIb3DQEBCwUAA4IBAQCqGRkeE4PbLihkEOpMNq/Lohe/dOp15s9S
uBHTObqd783cQ0UoyYmrfF5TzTzT2yPyCRQT2OX1rzmViExacED5hJL4LBH5qR+b
bsvWjmybSUg9YHmfmprHIzi9RI91cqlTMZqTRDKi+5WxXygF9byq2nZw8ESUP9Wi
0ey8Ka5f67iSADnxrXlkS3uStJ3jYyh8MUu0LVR4h+wYTY+Xf4voJXKdMkc2ejmp
NPiGdjQm+FaNVLeeB1z/i2IwHZGRsucOLanzI2Xlcctva4ggjFltrLZJzt3p/LnI
4HuXO1fIRrIPRfCIFX3V81cFo303y98AJ7zDpL6DQdpujyTrA2So
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:43 2024 by rpki-client on console-ams.rpki-client.org