Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/352e3235332e3233342e302f32342d3234203d3e20313336373837.roa
File: 352e3235332e3233342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 48A3S6CFdIaOmTVddmNbeSmXTP1P/2wZ2bOn31OTeDI=
Subject key identifier: 7C:8B:A5:3C:5A:F1:30:FD:6E:AE:FA:C6:79:5D:54:2D:A6:BE:55:5F
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 4172E0038406712AFEE15650099E26A11BDD6983
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/352e3235332e3233342e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 07 Feb 2024 12:33:59 +0000
ROA not before: Wed 07 Feb 2024 12:28:59 +0000
ROA not after: Wed 05 Feb 2025 12:33:59 +0000
asID: 136787
IP address blocks: 5.253.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:72:e0:03:84:06:71:2a:fe:e1:56:50:09:9e:26:a1:1b:dd:69:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 7 12:28:59 2024 GMT
Not After : Feb 5 12:33:59 2025 GMT
Subject: CN=7C8BA53C5AF130FD6EAEFAC6795D542DA6BE555F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:61:87:f4:fd:ad:a6:b5:a6:3a:d5:e4:23:3c:
20:58:66:8c:9c:61:7b:74:b4:ff:08:de:b2:91:ec:
55:f7:a1:19:ca:04:fb:8c:0e:4d:e8:a3:d1:86:24:
cb:94:5e:c3:0c:8d:23:0a:4a:56:90:ba:2c:ee:58:
87:17:0b:fd:f4:68:61:1f:de:91:6a:3d:d7:75:62:
84:15:ab:b9:e2:84:37:5e:02:b3:f7:83:b5:a7:74:
7a:9b:87:43:b5:bd:b8:e1:d2:25:92:20:94:85:ca:
c8:8c:ea:d8:9c:83:2c:6e:ba:2d:2a:c4:f1:51:d7:
e3:68:fa:f0:ff:1f:6b:de:b0:8c:8f:49:30:eb:d9:
f6:ce:8d:f1:e5:dc:ae:df:7e:96:b0:bc:6a:5e:57:
17:fa:89:20:a4:5c:6f:16:35:6f:6a:41:5d:5f:2b:
a7:d6:ca:ad:18:4a:85:6a:a2:21:3b:4e:8f:35:e2:
d3:80:3c:cc:5b:6c:ca:4d:be:8a:2b:fd:b9:d3:d8:
d2:01:84:6a:02:9d:63:10:c1:4d:44:a6:57:eb:60:
a6:a4:2d:d9:a1:4e:d3:51:ad:4b:38:57:cc:23:c5:
2c:26:c1:5b:66:11:cf:11:00:40:b5:25:cb:ee:12:
42:cf:80:39:ad:72:6e:65:24:8d:4e:13:15:f1:22:
06:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:8B:A5:3C:5A:F1:30:FD:6E:AE:FA:C6:79:5D:54:2D:A6:BE:55:5F
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/352e3235332e3233342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.234.0/24
Signature Algorithm: sha256WithRSAEncryption
66:a7:bc:15:ef:d5:23:38:d9:6c:9f:9f:0f:c4:21:f4:b6:3d:
16:63:ab:e4:a2:e8:7b:65:8d:ce:7d:c1:1c:26:f2:a0:45:5d:
b2:5f:42:38:f2:0e:0b:3f:95:5d:6d:d9:b1:f3:ae:39:cc:a6:
b9:d7:56:7f:59:c0:a8:9f:94:4b:84:26:45:de:02:46:8f:56:
ef:94:12:c8:6d:1f:7d:e8:53:bc:aa:64:81:20:62:3b:b1:77:
b2:17:e4:39:5a:3e:f3:b6:e6:a5:dd:75:43:96:5b:6d:28:8c:
a4:00:9b:ca:1e:0c:58:97:e7:92:d0:36:a1:ef:be:c7:da:31:
d7:7a:75:eb:07:a1:1b:f4:00:ad:51:d6:fa:d2:b7:7e:9e:45:
63:76:53:c7:99:e6:27:e8:4f:ea:a2:f2:74:16:04:3a:6e:94:
b7:2e:be:8a:59:19:5b:b4:d3:de:d9:ef:b8:01:34:15:a3:94:
fe:c5:cd:ed:02:9c:55:e4:cb:4e:f3:41:ae:f0:b7:b0:cb:27:
56:cf:6d:84:fa:9e:5e:db:7c:d2:a8:df:20:b9:4e:73:e2:cf:
89:33:90:9a:9e:aa:8a:1b:b2:84:49:3d:86:5a:99:5d:fb:4e:
dd:7f:df:7d:cf:c4:35:35:48:77:3c:e7:5e:3d:5d:0f:a4:3e:
52:67:cc:3c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQXLgA4QGcSr+4VZQCZ4moRvdaYMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMDcxMjI4NTlaFw0yNTAyMDUxMjMzNTlaMDMxMTAvBgNV
BAMTKDdDOEJBNTNDNUFGMTMwRkQ2RUFFRkFDNjc5NUQ1NDJEQTZCRTU1NUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpYYf0/a2mtaY61eQjPCBYZoyc
YXt0tP8I3rKR7FX3oRnKBPuMDk3oo9GGJMuUXsMMjSMKSlaQuizuWIcXC/30aGEf
3pFqPdd1YoQVq7nihDdeArP3g7WndHqbh0O1vbjh0iWSIJSFysiM6ticgyxuui0q
xPFR1+No+vD/H2vesIyPSTDr2fbOjfHl3K7ffpawvGpeVxf6iSCkXG8WNW9qQV1f
K6fWyq0YSoVqoiE7To814tOAPMxbbMpNvoor/bnT2NIBhGoCnWMQwU1EplfrYKak
LdmhTtNRrUs4V8wjxSwmwVtmEc8RAEC1JcvuEkLPgDmtcm5lJI1OExXxIgatAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUfIulPFrxMP1urvrGeV1ULaa+VV8wHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzUyZTMyMzUzMzJlMzIzMzM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Bf3qMA0GCSqGSIb3DQEBCwUAA4IBAQBmp7wV79UjONlsn58PxCH0tj0WY6vkouh7
ZY3OfcEcJvKgRV2yX0I48g4LP5Vdbdmx8645zKa511Z/WcCon5RLhCZF3gJGj1bv
lBLIbR996FO8qmSBIGI7sXeyF+Q5Wj7ztual3XVDllttKIykAJvKHgxYl+eS0Dah
777H2jHXenXrB6Eb9ACtUdb60rd+nkVjdlPHmeYn6E/qovJ0FgQ6bpS3Lr6KWRlb
tNPe2e+4ATQVo5T+xc3tApxV5MtO80Gu8LewyydWz22E+p5e23zSqN8guU5z4s+J
M5CanqqKG7KEST2GWpld+07df999z8Q1NUh3POdePV0PpD5SZ8w8
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:24 2024 by rpki-client on console-fra.rpki-client.org