Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/352e3138332e382e302f32322d3234203d3e203437353833.roa
File: 352e3138332e382e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: q4fOZL7DIRy7/8x2Xj4BpYGe1r8DkBraAb6k1RuOSBo=
Subject key identifier: 8E:84:04:58:F0:5A:2F:1B:67:63:08:33:28:0D:47:80:C2:E3:8F:49
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0AB697B231DAFB790F6B7C2FA548DE3D2E6D1F27
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/352e3138332e382e302f32322d3234203d3e203437353833.roa
Signing time: Mon 27 Jan 2025 09:45:07 +0000
ROA not before: Mon 27 Jan 2025 09:40:07 +0000
ROA not after: Mon 26 Jan 2026 09:45:07 +0000
asID: 47583
IP address blocks: 5.183.8.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:b6:97:b2:31:da:fb:79:0f:6b:7c:2f:a5:48:de:3d:2e:6d:1f:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:07 2025 GMT
Not After : Jan 26 09:45:07 2026 GMT
Subject: CN=8E840458F05A2F1B67630833280D4780C2E38F49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:65:45:6f:56:54:dc:d1:09:0e:65:07:71:9b:
3f:ad:94:10:f6:e1:13:80:18:93:bc:8b:7c:1d:84:
d5:63:7e:53:b3:80:b0:ac:83:ac:ea:2c:45:dc:7d:
2f:8c:c5:b7:53:d8:df:c9:99:62:8b:2a:87:77:21:
35:80:ca:b8:e0:8e:ed:de:3a:f9:08:db:ce:ed:fb:
84:43:d9:98:9d:e4:3e:f6:74:8e:a2:50:82:f5:1d:
c9:ca:22:a2:f5:34:29:46:a7:00:0c:42:29:7e:f5:
e4:23:7b:1b:b0:00:e1:60:e9:8e:f8:71:90:24:66:
f4:2a:9b:0c:40:4b:31:f3:3c:2c:7d:b0:b4:7b:bb:
aa:60:3b:a3:ad:51:7a:4d:0b:bc:49:be:36:59:44:
4a:65:52:b7:b4:1d:7c:e6:c2:9a:04:91:d6:1f:f7:
6b:b9:e1:98:99:fc:f3:9b:7e:8d:6d:1b:f0:24:e4:
2a:f4:15:56:fd:a1:8e:b5:c7:93:9d:4f:1f:93:34:
7c:2a:6a:10:60:ba:6f:1e:63:9e:58:6e:95:0e:a8:
e2:19:86:fc:32:ed:65:8e:11:d6:de:0d:8b:b1:b8:
93:b9:7b:bd:e7:52:70:f9:25:ab:61:fd:33:82:c9:
66:50:48:ef:21:4e:20:0b:e6:06:18:12:17:8a:e7:
31:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:84:04:58:F0:5A:2F:1B:67:63:08:33:28:0D:47:80:C2:E3:8F:49
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/352e3138332e382e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.8.0/22
Signature Algorithm: sha256WithRSAEncryption
07:c4:99:da:52:2e:35:b5:d5:0a:80:6f:d1:51:da:72:a0:22:
41:7f:de:13:e0:73:79:29:c0:3d:8c:0d:d4:a8:27:82:dd:6b:
0e:30:cb:a4:8e:7a:dd:9b:d4:3e:0b:af:87:93:54:85:89:62:
9b:35:2a:a5:36:59:ba:71:87:8c:9c:38:3f:be:1f:c4:4f:52:
ed:53:a9:db:0f:b0:03:8e:de:8f:e1:4f:0f:11:84:d5:e4:b6:
20:22:7f:12:b6:be:7b:49:2c:c6:b8:dc:df:52:fd:9f:56:04:
a2:30:fb:a7:6c:d2:84:b9:20:12:83:f3:84:1f:b3:6b:08:f6:
9d:73:08:5d:dd:49:6b:63:a3:ca:37:49:ec:89:3e:01:ab:8a:
2c:c4:e2:29:ba:f8:b1:75:75:24:26:56:a3:8d:d0:34:94:e2:
dc:86:97:35:f6:d3:e2:6e:2c:23:24:e8:86:9d:ee:ec:10:6c:
3a:0c:25:45:a2:04:d9:b0:8a:62:fc:a0:3a:3a:55:7f:0e:ba:
ac:ef:c8:0e:b3:5a:db:ef:75:13:d6:85:a1:a0:cb:4f:69:d8:
05:03:68:33:1c:7b:df:bc:1e:4f:17:3a:53:55:d3:b2:28:57:
2c:42:78:0c:81:dc:e8:16:24:dd:70:26:b0:4f:ac:f4:33:1f:
07:0c:ad:54
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUCraXsjHa+3kPa3wvpUjePS5tHycwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDdaFw0yNjAxMjYwOTQ1MDdaMDMxMTAvBgNV
BAMTKDhFODQwNDU4RjA1QTJGMUI2NzYzMDgzMzI4MEQ0NzgwQzJFMzhGNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvZUVvVlTc0QkOZQdxmz+tlBD2
4ROAGJO8i3wdhNVjflOzgLCsg6zqLEXcfS+MxbdT2N/JmWKLKod3ITWAyrjgju3e
OvkI287t+4RD2Zid5D72dI6iUIL1HcnKIqL1NClGpwAMQil+9eQjexuwAOFg6Y74
cZAkZvQqmwxASzHzPCx9sLR7u6pgO6OtUXpNC7xJvjZZREplUre0HXzmwpoEkdYf
92u54ZiZ/PObfo1tG/Ak5Cr0FVb9oY61x5OdTx+TNHwqahBgum8eY55YbpUOqOIZ
hvwy7WWOEdbeDYuxuJO5e73nUnD5Jath/TOCyWZQSO8hTiAL5gYYEheK5zFJAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUjoQEWPBaLxtnYwgzKA1HgMLjj0kwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzUyZTMxMzgzMzJlMzgyZTMw
MmYzMjMyMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbcIMA0G
CSqGSIb3DQEBCwUAA4IBAQAHxJnaUi41tdUKgG/RUdpyoCJBf94T4HN5KcA9jA3U
qCeC3WsOMMukjnrdm9Q+C6+Hk1SFiWKbNSqlNlm6cYeMnDg/vh/ET1LtU6nbD7AD
jt6P4U8PEYTV5LYgIn8Str57SSzGuNzfUv2fVgSiMPunbNKEuSASg/OEH7NrCPad
cwhd3UlrY6PKN0nsiT4Bq4osxOIpuvixdXUkJlajjdA0lOLchpc19tPibiwjJOiG
ne7sEGw6DCVFogTZsIpi/KA6OlV/Drqs78gOs1rb73UT1oWhoMtPadgFA2gzHHvf
vB5PFzpTVdOyKFcsQngMgdzoFiTdcCawT6z0Mx8HDK1U
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:00:42 2025 by rpki-client