Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3235322e3134302e302f32342d3234203d3e20313336373837.roa
File: 352e3235322e3134302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: xM2SPNLcvQ7Pr+s9kAew37hi6R2wTGiVt5akpIM+1is=
Subject key identifier: 51:01:DA:22:7C:C3:B4:78:91:92:D0:CF:3B:60:DB:88:0C:E2:0A:F9
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 4EF7EFF3EC27CEB9879274B78597A2C80A20F29E
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3235322e3134302e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 20 Dec 2024 15:23:27 +0000
ROA not before: Fri 20 Dec 2024 15:18:27 +0000
ROA not after: Fri 19 Dec 2025 15:23:27 +0000
asID: 136787
IP address blocks: 5.252.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 14:13:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:f7:ef:f3:ec:27:ce:b9:87:92:74:b7:85:97:a2:c8:0a:20:f2:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:27 2024 GMT
Not After : Dec 19 15:23:27 2025 GMT
Subject: CN=5101DA227CC3B4789192D0CF3B60DB880CE20AF9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ca:5e:ae:2d:c5:dd:fe:3f:fd:22:39:29:6a:
34:d6:c5:e4:f5:d9:28:03:c2:ec:0c:63:f1:12:65:
36:ba:19:d4:5c:b5:7c:83:69:7d:dd:8b:47:c5:4e:
ff:7e:c8:af:e5:d9:88:52:5f:95:3e:21:f4:7f:f7:
dd:ec:5a:36:da:b2:55:6b:6e:0f:30:3c:66:16:73:
11:95:fe:59:8d:b9:ee:bf:ab:17:7b:68:0d:a8:14:
47:ef:de:4c:6e:50:85:6e:a4:e0:a2:d6:5d:b6:70:
b6:2b:ae:36:f7:e4:b2:dd:4d:ec:7a:77:ff:dd:8e:
c6:57:a3:dd:db:8c:64:c5:17:e6:34:30:aa:5d:74:
5e:ec:d8:e8:7a:81:61:bb:34:fa:bf:cc:8c:d2:ba:
64:13:e1:79:f5:ac:07:ca:ae:0c:c4:b9:be:c5:e0:
6b:45:6c:c4:9e:f9:a1:28:aa:86:5a:d0:82:45:75:
e1:f9:82:a7:cf:8e:0f:e4:92:e7:d8:81:18:1c:e3:
5d:90:a0:4e:f9:23:16:8b:bd:cb:5d:6d:ab:8a:e3:
d5:a1:79:06:cc:ec:b6:0e:db:cb:38:09:b5:2c:70:
29:47:86:34:2a:e5:e6:a7:10:ce:6d:de:56:33:ff:
79:0e:49:b2:bd:7b:95:b3:2e:ac:af:47:bc:d9:87:
30:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:01:DA:22:7C:C3:B4:78:91:92:D0:CF:3B:60:DB:88:0C:E2:0A:F9
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3235322e3134302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.140.0/24
Signature Algorithm: sha256WithRSAEncryption
51:2b:c9:00:e3:0c:56:0f:19:ca:46:77:4e:d1:e2:1d:a3:f1:
02:4e:6d:b7:97:4a:6c:ea:ed:3c:4a:7d:4e:17:f9:08:b9:6d:
17:43:d3:7c:7c:c5:2e:ba:45:02:01:72:8c:e7:ce:1a:27:b6:
30:06:96:02:00:b8:13:46:97:8c:88:c6:08:c5:af:81:93:0a:
24:6f:15:23:3f:17:7a:71:c2:a3:96:ea:c8:bf:ea:cf:ad:cf:
ff:90:7e:93:da:d6:e2:f3:cd:df:91:72:b7:15:25:9b:17:13:
4c:79:4c:ef:80:0a:ad:aa:01:f5:a5:ee:04:48:5a:7c:0f:6f:
74:ff:07:7d:10:71:9a:37:f2:17:d5:28:50:2a:07:75:13:f3:
d0:1e:cf:86:d0:09:52:6b:07:63:39:cc:20:96:e7:4c:c7:ba:
87:8e:80:ae:0b:f7:18:eb:57:21:c3:27:ce:cb:87:5e:4f:ab:
ec:ac:52:84:55:99:c1:fd:70:57:96:dc:b7:a5:3f:72:cf:59:
ea:a2:d0:e0:c9:2e:84:ef:d2:d6:f8:74:8f:08:d4:3d:11:15:
01:2b:8d:a2:4e:8f:7a:e9:f4:6c:15:5c:ee:df:9e:5c:b9:5e:
92:94:f6:99:40:7d:0f:e5:af:ca:76:50:ea:64:1e:2f:5b:ef:
cc:6b:76:93
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUTvfv8+wnzrmHknS3hZeiyAog8p4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MjdaFw0yNTEyMTkxNTIzMjdaMDMxMTAvBgNV
BAMTKDUxMDFEQTIyN0NDM0I0Nzg5MTkyRDBDRjNCNjBEQjg4MENFMjBBRjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9yl6uLcXd/j/9IjkpajTWxeT1
2SgDwuwMY/ESZTa6GdRctXyDaX3di0fFTv9+yK/l2YhSX5U+IfR/993sWjbaslVr
bg8wPGYWcxGV/lmNue6/qxd7aA2oFEfv3kxuUIVupOCi1l22cLYrrjb35LLdTex6
d//djsZXo93bjGTFF+Y0MKpddF7s2Oh6gWG7NPq/zIzSumQT4Xn1rAfKrgzEub7F
4GtFbMSe+aEoqoZa0IJFdeH5gqfPjg/kkufYgRgc412QoE75IxaLvctdbauK49Wh
eQbM7LYO28s4CbUscClHhjQq5eanEM5t3lYz/3kOSbK9e5WzLqyvR7zZhzBFAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUUQHaInzDtHiRktDPO2DbiAziCvkwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNTJlMzIzNTMyMmUz
MTM0MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAF/IwwDQYJKoZIhvcNAQELBQADggEBAFEryQDjDFYPGcpGd07R4h2j8QJO
bbeXSmzq7TxKfU4X+Qi5bRdD03x8xS66RQIBcoznzhontjAGlgIAuBNGl4yIxgjF
r4GTCiRvFSM/F3pxwqOW6si/6s+tz/+QfpPa1uLzzd+RcrcVJZsXE0x5TO+ACq2q
AfWl7gRIWnwPb3T/B30QcZo38hfVKFAqB3UT89Aez4bQCVJrB2M5zCCW50zHuoeO
gK4L9xjrVyHDJ87Lh15Pq+ysUoRVmcH9cFeW3LelP3LPWeqi0ODJLoTv0tb4dI8I
1D0RFQErjaJOj3rp9GwVXO7fnly5XpKU9plAfQ/lr8p2UOpkHi9b78xrdpM=
-----END CERTIFICATE-----
Generated at Wed Apr 9 19:36:25 2025 by rpki-client