Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/352e3235332e3233322e302f32342d3234203d3e20313336373837.roa
File: 352e3235332e3233322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 6hUeZCy56bL/+Jmmifv2V6YH9Is9dw6vqPIdD1meuN0=
Subject key identifier: 70:B4:3E:C4:AF:84:59:99:16:F1:F8:6C:CA:BB:94:9A:C9:F6:6D:2B
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 65F111278F3BDDDD38E7F52B18D885F1E0B9A486
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/352e3235332e3233322e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 07 Feb 2024 12:33:56 +0000
ROA not before: Wed 07 Feb 2024 12:28:56 +0000
ROA not after: Wed 05 Feb 2025 12:33:56 +0000
asID: 136787
IP address blocks: 5.253.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:f1:11:27:8f:3b:dd:dd:38:e7:f5:2b:18:d8:85:f1:e0:b9:a4:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 7 12:28:56 2024 GMT
Not After : Feb 5 12:33:56 2025 GMT
Subject: CN=70B43EC4AF84599916F1F86CCABB949AC9F66D2B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:6b:b9:ec:8b:da:07:f0:dd:a6:7d:e8:4a:de:
ef:e4:a2:24:05:61:9e:72:50:97:3a:51:89:ea:a4:
29:20:22:fe:b1:a7:62:a7:f9:bc:7f:d3:41:15:eb:
f2:f9:0c:55:af:6b:91:45:fe:5d:2d:03:e2:cc:0f:
b9:ba:da:fc:a2:f8:91:60:5e:74:34:b7:f3:d1:97:
cf:cd:a2:20:a8:88:0e:a0:a9:ee:6e:1d:78:a1:af:
1c:e5:1d:ea:36:d4:67:0e:d1:11:b7:ef:a9:a0:f9:
97:f2:4c:32:a6:21:2c:f7:00:29:9f:1b:db:77:95:
af:62:29:67:8e:1b:73:ae:dc:87:73:b9:45:c7:32:
8e:57:9a:14:d3:2c:cf:c8:4c:6f:86:08:5f:1d:3e:
6f:0a:70:e5:cc:ff:9a:a7:3d:a9:59:82:8c:9a:8a:
a0:80:4f:5e:13:80:13:75:c1:49:07:77:19:cb:ae:
aa:e1:57:7f:62:74:04:2f:b7:66:c5:d6:23:a4:3f:
92:7c:86:f2:95:39:95:ca:6f:b4:5d:7f:9c:8f:df:
49:cf:4e:e0:29:d4:b9:ee:22:9a:3b:ee:f8:ab:18:
6c:a0:94:95:e8:73:68:25:e0:b8:fb:90:79:22:cc:
eb:23:a3:48:f1:66:03:da:d9:c4:88:6c:70:d1:57:
a2:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B4:3E:C4:AF:84:59:99:16:F1:F8:6C:CA:BB:94:9A:C9:F6:6D:2B
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/352e3235332e3233322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.232.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:83:3c:82:98:26:1a:4a:b3:75:1a:19:02:77:e5:b4:07:cb:
b3:97:5a:84:5d:3a:7e:46:6f:af:ba:4e:8f:54:0c:3b:44:e3:
b5:a6:75:14:00:7a:2c:83:21:5b:95:34:a4:76:b6:c3:28:bc:
8e:3e:0a:10:a3:a1:06:41:93:8b:83:84:53:7b:62:e0:b6:d9:
7d:21:3e:de:18:14:27:b7:cd:bb:ac:0c:9c:0f:f2:95:88:34:
dc:41:5b:ee:48:72:d3:4d:97:44:e9:a1:c0:63:87:73:ac:f4:
20:2f:df:b9:aa:7a:54:14:69:bb:22:b8:79:59:8d:8e:cb:9d:
f2:3e:eb:64:d6:5d:30:23:68:3d:ad:db:63:5d:30:f8:7a:f3:
8c:68:25:c4:0a:4a:0d:c4:1d:d9:4e:89:65:6f:5c:56:66:1a:
04:4b:50:a8:f1:b1:54:94:3a:6f:0b:cc:56:27:84:f7:dc:79:
d0:8e:94:2f:41:cb:a2:13:8a:99:d3:d4:e2:f7:f2:47:78:d3:
0e:db:0e:03:0c:0e:63:47:e2:3c:9d:27:43:1a:2d:4b:d8:7b:
5f:5d:f2:d1:80:7e:cc:1d:ed:03:37:5a:b3:07:46:aa:ff:b4:
82:2c:11:4d:d2:1c:ac:e9:66:a6:7b:e8:82:7d:8d:0a:6b:6e:
7d:c2:ee:35
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZfERJ4873d045/UrGNiF8eC5pIYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMDcxMjI4NTZaFw0yNTAyMDUxMjMzNTZaMDMxMTAvBgNV
BAMTKDcwQjQzRUM0QUY4NDU5OTkxNkYxRjg2Q0NBQkI5NDlBQzlGNjZEMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDga7nsi9oH8N2mfehK3u/koiQF
YZ5yUJc6UYnqpCkgIv6xp2Kn+bx/00EV6/L5DFWva5FF/l0tA+LMD7m62vyi+JFg
XnQ0t/PRl8/NoiCoiA6gqe5uHXihrxzlHeo21GcO0RG376mg+ZfyTDKmISz3ACmf
G9t3la9iKWeOG3Ou3IdzuUXHMo5XmhTTLM/ITG+GCF8dPm8KcOXM/5qnPalZgoya
iqCAT14TgBN1wUkHdxnLrqrhV39idAQvt2bF1iOkP5J8hvKVOZXKb7Rdf5yP30nP
TuAp1LnuIpo77virGGyglJXoc2gl4Lj7kHkizOsjo0jxZgPa2cSIbHDRV6J3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUcLQ+xK+EWZkW8fhsyruUmsn2bSswHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzUyZTMyMzUzMzJlMzIzMzMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Bf3oMA0GCSqGSIb3DQEBCwUAA4IBAQAvgzyCmCYaSrN1GhkCd+W0B8uzl1qEXTp+
Rm+vuk6PVAw7ROO1pnUUAHosgyFblTSkdrbDKLyOPgoQo6EGQZOLg4RTe2Lgttl9
IT7eGBQnt827rAycD/KViDTcQVvuSHLTTZdE6aHAY4dzrPQgL9+5qnpUFGm7Irh5
WY2Oy53yPutk1l0wI2g9rdtjXTD4evOMaCXECkoNxB3ZTollb1xWZhoES1Co8bFU
lDpvC8xWJ4T33HnQjpQvQcuiE4qZ09Ti9/JHeNMO2w4DDA5jR+I8nSdDGi1L2Htf
XfLRgH7MHe0DN1qzB0aq/7SCLBFN0hys6Wame+iCfY0Ka259wu41
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:44:10 2024 by rpki-client on console-fra.rpki-client.org