Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/352e3235332e3233332e302f32342d3234203d3e20313336373837.roa
File: 352e3235332e3233332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: KYiD7XgeOzKoTtMdAh0yyOpuT4fy8soMWx7enIrTERE=
Subject key identifier: 0E:73:C4:35:DB:78:24:C8:6B:B7:26:EC:0B:3E:7F:3D:FC:87:5A:91
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: E6E1AA3E19B5827B62E42B824E172354774B19
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/352e3235332e3233332e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 07 Feb 2024 12:33:57 +0000
ROA not before: Wed 07 Feb 2024 12:28:57 +0000
ROA not after: Wed 05 Feb 2025 12:33:57 +0000
asID: 136787
IP address blocks: 5.253.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
e6:e1:aa:3e:19:b5:82:7b:62:e4:2b:82:4e:17:23:54:77:4b:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 7 12:28:57 2024 GMT
Not After : Feb 5 12:33:57 2025 GMT
Subject: CN=0E73C435DB7824C86BB726EC0B3E7F3DFC875A91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f0:1b:84:04:f3:6b:c3:c0:0d:88:c0:27:b1:
84:ac:ca:f9:34:3f:d9:b9:a3:07:b1:39:4d:54:19:
c8:a4:96:0f:49:be:07:48:39:6e:2a:e2:3a:c7:a1:
6d:93:a2:cd:b9:43:92:c7:77:19:c3:ef:ec:2a:eb:
54:ed:39:ba:cb:d8:ce:78:23:93:3d:4e:1e:3c:b1:
b0:30:94:34:b7:8e:ec:45:32:78:d8:d5:61:08:e9:
3f:0a:a8:13:c4:12:84:44:29:b5:78:4b:61:2f:73:
13:e3:cc:da:d0:3d:de:3e:31:80:a2:79:22:45:89:
7f:1d:05:70:62:58:3f:ad:00:66:97:0e:02:9d:d7:
da:08:54:9a:2d:bc:7e:7e:c2:ff:1e:ba:42:5b:f4:
1e:20:a2:00:20:ab:df:6f:9c:55:bc:70:f6:9f:fa:
0b:bb:2a:8f:03:7b:b2:19:5d:ec:2f:67:2e:0e:ab:
2e:eb:b9:bc:3e:59:a0:08:1d:f5:86:72:c2:21:4b:
88:70:1a:b8:78:c5:f8:5c:c7:4f:40:63:8f:aa:52:
44:9f:ce:2a:27:69:a8:5a:4b:6c:0a:34:12:bd:05:
0e:fe:e4:bd:50:26:1f:1b:6f:e5:1b:4f:69:cc:d2:
d2:fb:70:11:37:fb:bf:27:78:19:1b:38:f6:08:50:
35:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:73:C4:35:DB:78:24:C8:6B:B7:26:EC:0B:3E:7F:3D:FC:87:5A:91
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/352e3235332e3233332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.233.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:93:05:ed:b7:ee:95:d3:51:fe:0a:29:ed:10:ee:48:bc:a9:
1f:79:63:9d:af:56:df:17:ac:d6:62:50:57:10:4b:bc:3f:06:
1d:c9:fa:39:90:bc:1f:3d:1f:f0:9b:7a:13:c5:9e:c2:95:5c:
47:9a:ae:16:a9:f0:9e:b8:55:6d:41:09:3d:bd:13:10:6d:e9:
20:d8:2e:66:94:35:66:29:f3:a0:a0:4f:f2:a1:83:82:86:bb:
9a:3b:3a:8d:47:1e:4a:40:7e:95:f5:89:0f:cc:02:7f:a9:c3:
51:8e:a8:6e:eb:08:48:1d:70:23:8d:1a:8f:53:ca:0c:ea:0f:
9f:2a:0d:8f:df:02:a6:e1:9c:77:04:94:61:05:80:40:87:14:
3c:7b:94:25:76:7f:6f:70:39:0d:d3:da:6d:21:83:ed:0b:16:
2d:5b:d4:dd:7a:6c:1a:9a:cf:c2:6b:af:37:7e:18:17:57:41:
af:f2:49:21:50:26:ba:b8:ab:3f:d6:50:65:10:9e:59:a4:53:
80:bc:ab:c8:b4:cb:be:a1:0e:5f:d8:07:af:e0:3f:0c:c8:db:
7b:1f:38:98:b7:91:d3:19:20:54:08:cc:31:a5:a5:3d:a1:c4:
7d:0d:9e:1c:c4:52:7d:6c:d4:b7:72:bd:a4:68:59:75:79:b1:
85:bb:4e:45
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUAObhqj4ZtYJ7YuQrgk4XI1R3SxkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMDcxMjI4NTdaFw0yNTAyMDUxMjMzNTdaMDMxMTAvBgNV
BAMTKDBFNzNDNDM1REI3ODI0Qzg2QkI3MjZFQzBCM0U3RjNERkM4NzVBOTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC58BuEBPNrw8ANiMAnsYSsyvk0
P9m5owexOU1UGciklg9JvgdIOW4q4jrHoW2Tos25Q5LHdxnD7+wq61TtObrL2M54
I5M9Th48sbAwlDS3juxFMnjY1WEI6T8KqBPEEoREKbV4S2EvcxPjzNrQPd4+MYCi
eSJFiX8dBXBiWD+tAGaXDgKd19oIVJotvH5+wv8eukJb9B4gogAgq99vnFW8cPaf
+gu7Ko8De7IZXewvZy4Oqy7rubw+WaAIHfWGcsIhS4hwGrh4xfhcx09AY4+qUkSf
zionaahaS2wKNBK9BQ7+5L1QJh8bb+UbT2nM0tL7cBE3+78neBkbOPYIUDWbAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUDnPENdt4JMhrtybsCz5/PfyHWpEwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzUyZTMyMzUzMzJlMzIzMzMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Bf3pMA0GCSqGSIb3DQEBCwUAA4IBAQB9kwXtt+6V01H+CintEO5IvKkfeWOdr1bf
F6zWYlBXEEu8PwYdyfo5kLwfPR/wm3oTxZ7ClVxHmq4WqfCeuFVtQQk9vRMQbekg
2C5mlDVmKfOgoE/yoYOChruaOzqNRx5KQH6V9YkPzAJ/qcNRjqhu6whIHXAjjRqP
U8oM6g+fKg2P3wKm4Zx3BJRhBYBAhxQ8e5Qldn9vcDkN09ptIYPtCxYtW9Tdemwa
ms/Ca683fhgXV0Gv8kkhUCa6uKs/1lBlEJ5ZpFOAvKvItMu+oQ5f2Aev4D8MyNt7
HziYt5HTGSBUCMwxpaU9ocR9DZ4cxFJ9bNS3cr2kaFl1ebGFu05F
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:14:44 2024 by rpki-client on console-ams.rpki-client.org