Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/352e3235332e3232372e302f32342d3234203d3e20323035363539.roa
File: 352e3235332e3232372e302f32342d3234203d3e20323035363539.roa (raw, json)
Hash identifier: cLoSK5kclX/LiwAnJxR6FLqQ2tGnc3rPLwL72qI/i8E=
Subject key identifier: D0:1B:B4:54:33:22:CD:05:FA:CF:D6:F0:2E:21:68:9F:EB:10:6C:74
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5E271906D31724FD93317A84370CB0E1832D86B0
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/352e3235332e3232372e302f32342d3234203d3e20323035363539.roa
Signing time: Wed 02 Apr 2025 12:45:57 +0000
ROA not before: Wed 02 Apr 2025 12:40:57 +0000
ROA not after: Wed 01 Apr 2026 12:45:57 +0000
asID: 205659
IP address blocks: 5.253.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:27:19:06:d3:17:24:fd:93:31:7a:84:37:0c:b0:e1:83:2d:86:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 2 12:40:57 2025 GMT
Not After : Apr 1 12:45:57 2026 GMT
Subject: CN=D01BB4543322CD05FACFD6F02E21689FEB106C74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:2f:38:a5:89:f8:43:d6:38:7a:8d:64:02:f5:
3f:09:ee:ec:3a:6f:1f:08:96:2f:5e:cd:3a:4b:2e:
bf:fd:a9:39:cb:45:2e:03:50:13:e3:8f:a4:50:52:
1a:36:29:9d:fc:09:cc:f1:6a:ac:a5:9f:b7:46:10:
6e:ae:50:f3:e1:5d:83:7c:d1:23:48:c9:70:0d:cc:
62:6e:5a:55:6c:60:bc:1a:b3:6d:ae:10:63:94:90:
fe:8b:34:7b:52:62:94:26:69:b3:84:2e:c5:99:d7:
d0:52:a3:95:71:5f:f4:c0:70:21:87:2c:8e:65:57:
a2:58:4f:6e:91:1b:80:58:c3:72:75:f4:97:5e:95:
ff:06:06:2e:f1:95:ee:51:54:10:e9:ef:0c:ab:01:
4a:52:91:2e:f5:1f:6d:11:59:79:0f:12:38:16:2d:
1a:db:8d:8a:cb:95:bf:3f:ed:29:38:02:f2:c9:ad:
47:96:61:03:b2:df:18:a3:eb:e3:1e:5a:19:7f:20:
1c:b9:59:49:93:1c:05:f7:9a:ca:56:c1:48:56:7d:
4e:4f:9c:b9:00:93:6f:62:69:e8:57:0f:48:6a:16:
15:74:81:fc:c2:79:25:9c:31:f1:bb:2f:ff:c0:eb:
e4:e0:9b:94:95:84:d1:07:84:50:ca:33:db:8d:dc:
b3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:1B:B4:54:33:22:CD:05:FA:CF:D6:F0:2E:21:68:9F:EB:10:6C:74
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/352e3235332e3232372e302f32342d3234203d3e20323035363539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.227.0/24
Signature Algorithm: sha256WithRSAEncryption
11:b1:f6:c0:bc:6a:52:31:78:9e:c7:3c:08:81:37:ea:d8:3c:
58:b9:de:c0:ac:ad:c2:15:41:92:8a:48:38:7a:d7:b1:03:9a:
3c:7f:60:34:e4:7a:3a:d8:5a:63:7c:b9:6e:e2:1a:db:bd:0e:
67:93:49:1e:a9:58:ad:b8:46:7b:92:e0:c6:b6:da:98:b4:5b:
55:60:5e:63:39:6b:24:b1:ec:e0:a9:f1:59:d0:39:30:57:f2:
99:0d:92:a5:4d:ff:b5:90:27:62:05:ea:6b:38:7d:11:68:fe:
72:63:9f:61:a7:ff:91:14:8d:06:aa:7c:34:72:74:e0:53:e3:
b4:e2:13:6a:58:12:47:a0:ec:a3:3d:b6:a9:bb:fa:64:62:54:
aa:2d:a5:6f:45:cc:99:50:77:ae:39:4b:1d:03:16:34:73:a3:
f1:97:24:e4:a8:a0:b9:7a:9e:9a:6d:15:d2:53:26:8a:50:00:
af:bc:89:32:a8:51:f7:90:87:19:27:d9:78:1f:8a:a7:32:44:
4f:10:63:54:98:fe:ac:32:de:d6:87:35:83:84:a9:3e:2a:7c:
5a:66:2d:1f:c7:ad:06:e2:5d:01:79:38:08:c6:44:ce:10:6e:
42:e8:2e:b6:24:aa:f9:ba:27:a0:2c:28:ad:86:6f:a0:dc:37:
75:87:7d:7c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXicZBtMXJP2TMXqENwyw4YMthrAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA0MDIxMjQwNTdaFw0yNjA0MDExMjQ1NTdaMDMxMTAvBgNV
BAMTKEQwMUJCNDU0MzMyMkNEMDVGQUNGRDZGMDJFMjE2ODlGRUIxMDZDNzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD1LzilifhD1jh6jWQC9T8J7uw6
bx8Ili9ezTpLLr/9qTnLRS4DUBPjj6RQUho2KZ38Cczxaqyln7dGEG6uUPPhXYN8
0SNIyXANzGJuWlVsYLwas22uEGOUkP6LNHtSYpQmabOELsWZ19BSo5VxX/TAcCGH
LI5lV6JYT26RG4BYw3J19Jdelf8GBi7xle5RVBDp7wyrAUpSkS71H20RWXkPEjgW
LRrbjYrLlb8/7Sk4AvLJrUeWYQOy3xij6+MeWhl/IBy5WUmTHAX3mspWwUhWfU5P
nLkAk29iaehXD0hqFhV0gfzCeSWcMfG7L//A6+Tgm5SVhNEHhFDKM9uN3LOpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU0Bu0VDMizQX6z9bwLiFon+sQbHQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzUyZTMyMzUzMzJlMzIzMjM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM1MzYzNTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Bf3jMA0GCSqGSIb3DQEBCwUAA4IBAQARsfbAvGpSMXiexzwIgTfq2DxYud7ArK3C
FUGSikg4etexA5o8f2A05Ho62FpjfLlu4hrbvQ5nk0keqVituEZ7kuDGttqYtFtV
YF5jOWsksezgqfFZ0DkwV/KZDZKlTf+1kCdiBeprOH0RaP5yY59hp/+RFI0Gqnw0
cnTgU+O04hNqWBJHoOyjPbapu/pkYlSqLaVvRcyZUHeuOUsdAxY0c6PxlyTkqKC5
ep6abRXSUyaKUACvvIkyqFH3kIcZJ9l4H4qnMkRPEGNUmP6sMt7WhzWDhKk+Knxa
Zi0fx60G4l0BeTgIxkTOEG5C6C62JKr5uiegLCithm+g3Dd1h318
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:10:45 2025 by rpki-client