Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3235322e3134312e302f32342d3234203d3e20313336373837.roa
File: 352e3235322e3134312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: y63kaIsQiRJUBOYDZaKwQZrUJbPRyk/litlTqLz2peM=
Subject key identifier: 32:50:81:4B:57:58:94:23:E4:3B:BD:16:05:33:BC:43:95:5E:9F:0F
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 3E10085CA2DE6F4EFE76C20057FC1EF8CDFACAAB
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3235322e3134312e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 20 Dec 2024 15:23:37 +0000
ROA not before: Fri 20 Dec 2024 15:18:37 +0000
ROA not after: Fri 19 Dec 2025 15:23:37 +0000
asID: 136787
IP address blocks: 5.252.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:10:08:5c:a2:de:6f:4e:fe:76:c2:00:57:fc:1e:f8:cd:fa:ca:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:37 2024 GMT
Not After : Dec 19 15:23:37 2025 GMT
Subject: CN=3250814B57589423E43BBD160533BC43955E9F0F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:db:68:f9:21:38:fb:ee:fd:44:c8:e5:02:5b:
de:19:cb:19:b6:f2:fe:e3:56:90:0d:92:ed:a8:b8:
5c:e7:35:44:c6:82:e3:96:8f:e1:11:92:7a:a5:f9:
66:0c:b9:14:06:1b:2e:2c:3c:5d:52:cb:47:23:c2:
c1:e4:1e:d3:ba:bf:5f:fc:6d:23:da:be:cc:f9:65:
7a:44:c4:92:e3:7d:5a:27:e5:4f:59:9b:a9:c9:0b:
fa:8e:8b:ad:7b:70:a5:7a:05:d4:3c:50:15:32:13:
53:27:1a:6c:90:e7:9c:8f:ec:22:35:f5:71:b3:a0:
e6:fd:ac:0a:85:60:96:05:dd:12:4a:c8:83:09:56:
cd:59:13:8d:b7:0e:d0:f2:b5:ec:1e:07:46:d2:ee:
b4:e6:59:64:c0:89:81:bf:e1:c5:e5:82:24:90:15:
a2:a6:eb:62:28:04:63:a7:df:3e:da:22:18:60:e0:
b7:ec:72:9c:2e:66:36:2d:52:8d:8e:94:75:93:90:
fb:78:b6:6f:d9:61:eb:1a:9e:9a:bc:2e:2b:b1:3e:
c4:da:5a:70:0a:79:27:17:8c:59:e5:0f:e2:d0:53:
8c:ae:05:63:18:a4:1e:3a:37:1f:9b:63:2c:c5:f4:
4c:76:81:52:27:0e:37:eb:16:90:5b:f1:3d:b3:63:
c1:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:50:81:4B:57:58:94:23:E4:3B:BD:16:05:33:BC:43:95:5E:9F:0F
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3235322e3134312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.141.0/24
Signature Algorithm: sha256WithRSAEncryption
e2:b9:69:c3:9a:22:63:63:75:70:68:49:41:1c:36:a5:a2:89:
2e:bb:3b:10:9e:fd:00:79:75:36:74:fe:84:e7:07:c0:1c:35:
54:7a:cd:78:48:e4:ff:19:e3:c6:0e:cc:1e:f7:f8:d9:88:42:
e8:63:4c:20:8f:a8:ba:2f:28:ed:86:14:41:65:68:f4:f1:0e:
89:53:a3:3a:fa:4e:36:1e:6b:8b:7b:2f:95:f9:62:af:01:c7:
d6:bb:5d:81:cc:b1:dd:a0:8c:09:f7:41:91:9a:5a:ef:a4:3b:
f7:64:7a:24:57:44:e1:d0:9f:14:7c:79:c4:0e:c2:8b:cd:87:
d4:6b:d8:d8:ab:ef:4a:eb:19:7c:0a:f9:46:a7:89:ba:58:1c:
45:c9:f3:fb:02:a5:2b:10:9d:2b:d3:30:c7:86:4b:51:a8:e7:
3c:8a:eb:f2:52:bc:a5:ab:65:cf:9d:93:75:d9:7c:eb:cb:a4:
fe:db:b6:29:15:fb:97:83:b7:89:09:20:26:07:0d:17:ee:5c:
19:0f:72:6d:e2:83:1b:84:cd:35:cc:af:ad:b4:2e:45:82:4b:
60:00:18:e3:ea:ea:72:72:cb:30:bf:52:d8:b9:8c:60:20:4b:
14:76:80:fa:e0:6f:96:18:b9:a6:0c:e3:19:3e:cb:a7:20:89:
d7:c9:c2:4f
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUPhAIXKLeb07+dsIAV/we+M36yqswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzdaFw0yNTEyMTkxNTIzMzdaMDMxMTAvBgNV
BAMTKDMyNTA4MTRCNTc1ODk0MjNFNDNCQkQxNjA1MzNCQzQzOTU1RTlGMEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDh22j5ITj77v1EyOUCW94Zyxm2
8v7jVpANku2ouFznNUTGguOWj+ERknql+WYMuRQGGy4sPF1Sy0cjwsHkHtO6v1/8
bSPavsz5ZXpExJLjfVon5U9Zm6nJC/qOi617cKV6BdQ8UBUyE1MnGmyQ55yP7CI1
9XGzoOb9rAqFYJYF3RJKyIMJVs1ZE423DtDyteweB0bS7rTmWWTAiYG/4cXlgiSQ
FaKm62IoBGOn3z7aIhhg4LfscpwuZjYtUo2OlHWTkPt4tm/ZYesanpq8LiuxPsTa
WnAKeScXjFnlD+LQU4yuBWMYpB46Nx+bYyzF9Ex2gVInDjfrFpBb8T2zY8HVAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUMlCBS1dYlCPkO70WBTO8Q5Venw8wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNTJlMzIzNTMyMmUz
MTM0MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAF/I0wDQYJKoZIhvcNAQELBQADggEBAOK5acOaImNjdXBoSUEcNqWiiS67
OxCe/QB5dTZ0/oTnB8AcNVR6zXhI5P8Z48YOzB73+NmIQuhjTCCPqLovKO2GFEFl
aPTxDolTozr6TjYea4t7L5X5Yq8Bx9a7XYHMsd2gjAn3QZGaWu+kO/dkeiRXROHQ
nxR8ecQOwovNh9Rr2Nir70rrGXwK+UanibpYHEXJ8/sCpSsQnSvTMMeGS1Go5zyK
6/JSvKWrZc+dk3XZfOvLpP7btikV+5eDt4kJICYHDRfuXBkPcm3igxuEzTXMr620
LkWCS2AAGOPq6nJyyzC/Uti5jGAgSxR2gPrgb5YYuaYM4xk+y6cgidfJwk8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:21:37 2025 by rpki-client