Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3235332e3233322e302f32342d3234203d3e20313336373837.roa
File: 352e3235332e3233322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 87S6Td26OMnoWfpI4FXqE+qjWhdtkwAwjjazuYkMUAI=
Subject key identifier: F1:B9:24:5C:72:E5:B4:42:2A:34:61:D6:B3:0E:2B:54:EE:C7:FD:F3
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 702DA66EC89CD12FCD3FE1C8703544F4D4B90D30
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3235332e3233322e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:20 +0000
ROA not before: Fri 27 Dec 2024 11:42:20 +0000
ROA not after: Fri 26 Dec 2025 11:47:20 +0000
asID: 136787
IP address blocks: 5.253.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 04:46:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:2d:a6:6e:c8:9c:d1:2f:cd:3f:e1:c8:70:35:44:f4:d4:b9:0d:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:20 2024 GMT
Not After : Dec 26 11:47:20 2025 GMT
Subject: CN=F1B9245C72E5B4422A3461D6B30E2B54EEC7FDF3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c7:c3:2b:92:8b:61:13:b3:22:a9:e2:85:b9:
4c:6b:09:dc:4d:46:6c:62:e8:88:fa:bd:91:13:a6:
19:2f:a3:8a:19:92:63:a3:6d:22:50:5e:58:e6:e4:
9e:36:5d:2e:00:35:f3:7d:46:d2:9a:2f:50:51:26:
c2:d3:ef:41:41:e1:fc:6b:24:a1:52:73:9f:28:16:
b8:93:c0:12:08:95:7b:ec:c4:57:e8:da:d3:83:14:
56:e9:4a:51:5a:9f:53:c3:61:85:d7:d5:9d:12:de:
3f:67:d4:0c:1e:31:e3:97:57:de:1a:17:99:ac:5d:
87:4f:b8:fa:85:36:2e:67:76:42:77:d5:e6:6c:51:
bb:3d:a9:5c:fd:7a:24:62:2a:89:62:2c:08:a6:ed:
c6:6a:62:f6:95:57:00:8b:27:0a:58:d5:f7:74:e5:
7d:77:d7:b3:4d:b6:81:1f:16:de:4c:41:4c:55:1a:
1d:83:2a:51:89:2d:c1:33:d3:55:71:dd:c9:d6:0b:
38:96:81:61:6a:57:63:79:53:df:ad:46:96:00:95:
54:d1:ae:0d:28:07:65:39:de:d1:75:55:44:ac:79:
53:3f:16:a4:51:ce:45:48:1e:fc:76:9d:d7:ad:6b:
06:8d:ad:82:68:4b:2b:a0:95:1e:e9:99:ca:62:77:
e0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:B9:24:5C:72:E5:B4:42:2A:34:61:D6:B3:0E:2B:54:EE:C7:FD:F3
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3235332e3233322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.232.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:8b:1a:d0:3a:50:f4:24:38:46:d0:f0:26:d9:82:17:1b:2b:
22:53:93:e5:2f:b3:f6:cf:3d:9f:f3:9c:f5:53:2a:1f:0b:0f:
84:ed:fb:92:f7:60:f2:10:a4:38:c7:36:ff:f4:ba:31:49:f3:
f6:67:72:e9:35:ef:37:3c:fb:15:05:c1:3b:1f:8d:08:11:28:
d1:4d:e2:72:a6:cd:da:5d:b1:d1:e4:26:53:0c:66:1c:e9:db:
c3:d0:d1:d0:dd:74:a1:b5:55:2f:3a:1d:73:73:23:f5:40:77:
f9:a8:16:a0:d7:36:ee:57:de:9c:5c:85:49:dd:af:ca:55:81:
1b:a5:71:a8:f2:3a:d1:21:f9:ab:78:37:24:98:2b:aa:e8:ec:
8e:42:f5:a0:c6:fa:a2:74:f4:50:23:dc:cb:8a:c4:7f:7b:b5:
d3:7f:d1:fb:87:02:47:9e:5a:94:f9:1f:fe:06:ca:54:9c:7b:
dc:b0:3a:14:44:5f:68:9e:40:01:68:24:9d:17:11:5f:18:73:
6d:e5:6e:12:fd:a0:d3:53:fb:b2:0b:7e:6e:dd:73:ee:b4:98:
00:82:3c:73:1f:24:8c:27:2f:23:c4:a6:f8:0e:dd:6d:09:52:
b3:32:70:af:8c:0b:1f:e3:94:ba:72:9f:19:34:14:64:c9:46:
15:d0:07:f6
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUcC2mbsic0S/NP+HIcDVE9NS5DTAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMjBaFw0yNTEyMjYxMTQ3MjBaMDMxMTAvBgNV
BAMTKEYxQjkyNDVDNzJFNUI0NDIyQTM0NjFENkIzMEUyQjU0RUVDN0ZERjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyx8MrkothE7MiqeKFuUxrCdxN
Rmxi6Ij6vZETphkvo4oZkmOjbSJQXljm5J42XS4ANfN9RtKaL1BRJsLT70FB4fxr
JKFSc58oFriTwBIIlXvsxFfo2tODFFbpSlFan1PDYYXX1Z0S3j9n1AweMeOXV94a
F5msXYdPuPqFNi5ndkJ31eZsUbs9qVz9eiRiKoliLAim7cZqYvaVVwCLJwpY1fd0
5X1317NNtoEfFt5MQUxVGh2DKlGJLcEz01Vx3cnWCziWgWFqV2N5U9+tRpYAlVTR
rg0oB2U53tF1VUSseVM/FqRRzkVIHvx2ndetawaNrYJoSyuglR7pmcpid+AHAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQU8bkkXHLltEIqNGHWsw4rVO7H/fMwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNTJlMzIzNTMzMmUz
MjMzMzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAF/egwDQYJKoZIhvcNAQELBQADggEBAFyLGtA6UPQkOEbQ8CbZghcbKyJT
k+Uvs/bPPZ/znPVTKh8LD4Tt+5L3YPIQpDjHNv/0ujFJ8/Zncuk17zc8+xUFwTsf
jQgRKNFN4nKmzdpdsdHkJlMMZhzp28PQ0dDddKG1VS86HXNzI/VAd/moFqDXNu5X
3pxchUndr8pVgRulcajyOtEh+at4NySYK6ro7I5C9aDG+qJ09FAj3MuKxH97tdN/
0fuHAkeeWpT5H/4GylSce9ywOhREX2ieQAFoJJ0XEV8Yc23lbhL9oNNT+7ILfm7d
c+60mACCPHMfJIwnLyPEpvgO3W0JUrMycK+MCx/jlLpynxk0FGTJRhXQB/Y=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:54:52 2025 by rpki-client