Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/352e3235332e3232372e302f32342d3234203d3e20323035363539.roa
File: 352e3235332e3232372e302f32342d3234203d3e20323035363539.roa (raw, json)
Hash identifier: RKN0uT4YrepmQmXL/wHyvw23NU1mg8IX3G3kdfysB64=
Subject key identifier: F7:30:77:FB:87:71:A4:D3:11:6D:EF:85:1A:3F:1B:3E:91:F7:A1:7A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 168C521A1CE7D9CB9A3A84E2F40A6F8B909FBD3E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/352e3235332e3232372e302f32342d3234203d3e20323035363539.roa
Signing time: Wed 01 May 2024 12:03:34 +0000
ROA not before: Wed 01 May 2024 11:58:34 +0000
ROA not after: Wed 30 Apr 2025 12:03:34 +0000
asID: 205659
IP address blocks: 5.253.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:8c:52:1a:1c:e7:d9:cb:9a:3a:84:e2:f4:0a:6f:8b:90:9f:bd:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 1 11:58:34 2024 GMT
Not After : Apr 30 12:03:34 2025 GMT
Subject: CN=F73077FB8771A4D3116DEF851A3F1B3E91F7A17A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3b:fb:0a:bc:a3:33:84:b4:cb:36:e0:0f:55:
e9:5c:88:28:bb:d7:b5:db:b8:53:7e:46:ee:06:6b:
b8:43:b8:d0:38:3e:11:0a:28:e8:53:24:e8:f5:22:
d5:2b:e9:e1:ea:59:30:15:a2:3c:ff:45:bf:f5:3a:
92:cc:ad:c0:cf:28:45:32:97:56:4b:d9:c6:2f:8c:
77:99:f3:16:d0:54:e3:d9:65:33:92:bf:00:0c:02:
71:8c:b7:ca:b6:f9:5c:c7:63:38:a3:e0:31:ed:4f:
ad:ac:6d:92:cd:58:38:9a:3c:a5:73:a4:1e:3a:e3:
d3:1f:c2:8c:68:0f:00:3f:d4:25:8f:46:c7:62:64:
a3:c1:1d:6a:61:60:c7:a1:77:06:cd:a8:19:57:72:
55:40:c3:cb:06:37:4c:80:83:2a:33:1b:17:4f:f3:
72:d5:46:5a:87:fd:02:0a:e3:0b:6b:3d:1f:30:da:
c1:4e:64:a3:f5:e8:e6:04:f7:b2:a5:6f:de:15:e8:
3f:e9:8e:a1:40:04:23:f2:23:18:ca:26:01:e5:fc:
ed:c8:23:fa:51:45:55:c7:ed:a3:fd:28:91:a3:11:
6d:a8:14:a1:5f:bb:fa:42:e8:6d:3a:0a:af:9f:ab:
a6:dc:d0:63:8b:aa:4c:c1:35:15:8d:a5:21:d3:68:
76:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:30:77:FB:87:71:A4:D3:11:6D:EF:85:1A:3F:1B:3E:91:F7:A1:7A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/352e3235332e3232372e302f32342d3234203d3e20323035363539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.227.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:ec:0a:4d:11:8f:e9:86:e5:5f:8b:a3:86:d0:d1:51:d6:bd:
37:95:a8:a3:91:00:df:6e:1e:02:93:74:e7:00:fc:4b:a0:3c:
53:f2:c2:8a:42:ec:aa:b7:44:56:e7:49:f2:bf:9b:4d:6f:f3:
64:bd:d5:da:c9:6d:d9:5c:1a:05:3c:ed:09:9d:33:42:a5:ec:
00:2d:7d:d4:6e:57:9b:92:9c:c9:77:19:14:d7:c8:25:84:8a:
d0:4c:65:91:8f:67:c0:31:ce:14:61:81:72:c1:41:ac:64:a5:
52:5d:b6:f1:e5:fa:13:65:f3:26:27:02:31:40:d3:60:d0:5f:
44:4e:d9:67:66:e4:5b:cc:e8:b6:c2:c6:3e:e4:63:48:0b:7b:
3d:35:b2:0b:69:03:60:6e:01:fc:e1:7d:9c:db:ae:21:52:de:
4e:82:5e:82:ca:77:fd:a9:c5:eb:f0:5c:f9:29:e3:a9:d9:a2:
12:10:ee:ab:d9:8f:9f:c3:55:29:6c:e7:86:f0:e7:98:dc:1a:
c4:2b:6d:02:0b:eb:e9:b5:64:6c:1f:8b:c1:fd:b4:48:c2:ac:
19:9a:62:ec:cf:b3:d7:f4:6a:24:36:09:7f:a1:c2:78:04:16:
28:39:fc:f3:1b:b0:dd:14:7a:3c:15:09:d8:0b:5c:d3:b9:71:
a5:5d:67:37
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFoxSGhzn2cuaOoTi9Apvi5CfvT4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MDExMTU4MzRaFw0yNTA0MzAxMjAzMzRaMDMxMTAvBgNV
BAMTKEY3MzA3N0ZCODc3MUE0RDMxMTZERUY4NTFBM0YxQjNFOTFGN0ExN0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnO/sKvKMzhLTLNuAPVelciCi7
17XbuFN+Ru4Ga7hDuNA4PhEKKOhTJOj1ItUr6eHqWTAVojz/Rb/1OpLMrcDPKEUy
l1ZL2cYvjHeZ8xbQVOPZZTOSvwAMAnGMt8q2+VzHYzij4DHtT62sbZLNWDiaPKVz
pB4649MfwoxoDwA/1CWPRsdiZKPBHWphYMehdwbNqBlXclVAw8sGN0yAgyozGxdP
83LVRlqH/QIK4wtrPR8w2sFOZKP16OYE97Klb94V6D/pjqFABCPyIxjKJgHl/O3I
I/pRRVXH7aP9KJGjEW2oFKFfu/pC6G06Cq+fq6bc0GOLqkzBNRWNpSHTaHarAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU9zB3+4dxpNMRbe+FGj8bPpH3oXowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzUyZTMyMzUzMzJlMzIzMjM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM1MzYzNTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Bf3jMA0GCSqGSIb3DQEBCwUAA4IBAQAs7ApNEY/phuVfi6OG0NFR1r03laijkQDf
bh4Ck3TnAPxLoDxT8sKKQuyqt0RW50nyv5tNb/NkvdXayW3ZXBoFPO0JnTNCpewA
LX3UblebkpzJdxkU18glhIrQTGWRj2fAMc4UYYFywUGsZKVSXbbx5foTZfMmJwIx
QNNg0F9ETtlnZuRbzOi2wsY+5GNIC3s9NbILaQNgbgH84X2c264hUt5Ogl6Cynf9
qcXr8Fz5KeOp2aISEO6r2Y+fw1UpbOeG8OeY3BrEK20CC+vptWRsH4vB/bRIwqwZ
mmLsz7PX9GokNgl/ocJ4BBYoOfzzG7DdFHo8FQnYC1zTuXGlXWc3
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:50 2024 by rpki-client on console-ams.rpki-client.org