Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/352e3138322e33342e302f32342d3234203d3e20323039323432.roa
File: 352e3138322e33342e302f32342d3234203d3e20323039323432.roa (raw, json)
Hash identifier: xspSll0BQUeozVnmGywyisbjI+EixBGiovmViEcBn1Y=
Subject key identifier: 72:0C:62:82:13:F6:9F:A8:7C:08:B5:4C:27:E0:D5:CD:B9:F0:83:A7
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 6E0D57CD894CB49E23981569047780A26EC32168
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/352e3138322e33342e302f32342d3234203d3e20323039323432.roa
Signing time: Thu 07 Nov 2024 20:05:31 +0000
ROA not before: Thu 07 Nov 2024 20:00:31 +0000
ROA not after: Thu 06 Nov 2025 20:05:31 +0000
asID: 209242
IP address blocks: 5.182.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:0d:57:cd:89:4c:b4:9e:23:98:15:69:04:77:80:a2:6e:c3:21:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Nov 7 20:00:31 2024 GMT
Not After : Nov 6 20:05:31 2025 GMT
Subject: CN=720C628213F69FA87C08B54C27E0D5CDB9F083A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:04:36:d8:b6:6e:15:40:ef:87:67:f9:b8:cb:
19:ff:94:5a:07:c6:13:0b:49:4a:ea:46:d2:d5:bd:
ab:d9:32:94:16:70:76:e0:f4:ed:e3:a6:11:76:7f:
08:b7:e7:40:d8:6b:f3:8f:44:ed:c6:ec:8f:73:9e:
36:e4:7d:47:85:2d:05:28:91:14:25:e2:4a:4e:ed:
dd:ef:2e:ce:4b:ef:85:f8:a3:8c:5e:12:46:21:a0:
64:85:c9:27:e0:2e:37:09:cd:22:50:d8:f5:7c:c3:
5c:73:63:6d:43:a2:9a:69:fe:e4:6c:f9:72:50:24:
6e:dd:f0:9e:8c:65:b4:f1:aa:c4:88:aa:8f:3f:c5:
bc:5e:57:4e:05:0b:68:5b:80:c3:b4:9c:a8:44:f2:
dc:2b:86:f5:fe:48:fe:39:0a:99:60:3a:54:1a:75:
a0:5d:22:f4:51:5c:ff:bd:17:65:d7:30:de:6e:64:
0d:80:63:db:52:65:d5:18:95:8b:9a:56:1a:5e:ae:
84:2e:a0:f3:96:76:8c:91:f4:44:6d:9d:90:5f:be:
09:91:19:26:df:a1:82:71:72:c2:36:d2:91:3d:fc:
fe:4b:c3:6c:9f:97:2c:57:7d:ba:f3:2c:6b:20:8e:
ff:23:db:72:69:11:a7:79:fc:16:a1:f9:a6:10:43:
a7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:0C:62:82:13:F6:9F:A8:7C:08:B5:4C:27:E0:D5:CD:B9:F0:83:A7
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/352e3138322e33342e302f32342d3234203d3e20323039323432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.34.0/24
Signature Algorithm: sha256WithRSAEncryption
36:46:71:f7:32:74:43:c7:58:8a:cf:aa:f6:44:34:ce:ba:97:
8e:9e:cf:75:2c:ab:77:8f:b3:b6:41:71:90:fb:88:97:40:ce:
9a:1a:88:13:0a:a7:29:94:4e:0e:c8:72:05:2a:ef:a9:6f:dd:
71:e6:f6:c8:8b:86:ec:4a:e6:d6:2c:eb:fd:85:ff:62:36:f9:
5f:75:d5:3d:9e:b1:07:13:66:92:27:7e:9b:32:c3:14:7f:2b:
a7:3f:32:7a:ec:ba:f0:82:5c:a6:fa:a4:91:dd:13:b6:34:a7:
eb:3e:f0:f4:71:e2:1f:3d:b6:83:76:b7:5b:96:6f:3a:3a:a5:
39:36:6d:7d:8b:f6:90:97:3e:c0:dd:9e:7d:34:5c:b6:d6:ec:
13:99:c2:d0:86:92:72:f0:d1:f0:ab:63:66:59:2d:b2:8c:ad:
15:8f:1e:54:93:2c:b1:3c:56:1e:d1:6a:67:cf:fa:46:5d:1b:
02:99:90:f9:3b:52:fc:8c:25:6d:23:af:1b:e5:ba:17:45:aa:
bf:b1:e3:f7:59:3c:8b:0d:70:78:79:98:ed:58:e5:97:b1:3b:
fa:b7:4e:17:2c:2c:08:c2:09:0a:ed:80:ef:18:15:4f:e6:40:
88:77:a9:d7:e4:bb:f2:d9:20:89:17:91:1e:dc:67:8c:c2:66:
0a:b0:25:7e
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUbg1XzYlMtJ4jmBVpBHeAom7DIWgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDExMDcyMDAwMzFaFw0yNTExMDYyMDA1MzFaMDMxMTAvBgNV
BAMTKDcyMEM2MjgyMTNGNjlGQTg3QzA4QjU0QzI3RTBENUNEQjlGMDgzQTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoBDbYtm4VQO+HZ/m4yxn/lFoH
xhMLSUrqRtLVvavZMpQWcHbg9O3jphF2fwi350DYa/OPRO3G7I9znjbkfUeFLQUo
kRQl4kpO7d3vLs5L74X4o4xeEkYhoGSFySfgLjcJzSJQ2PV8w1xzY21Doppp/uRs
+XJQJG7d8J6MZbTxqsSIqo8/xbxeV04FC2hbgMO0nKhE8twrhvX+SP45CplgOlQa
daBdIvRRXP+9F2XXMN5uZA2AY9tSZdUYlYuaVhperoQuoPOWdoyR9ERtnZBfvgmR
GSbfoYJxcsI20pE9/P5Lw2yflyxXfbrzLGsgjv8j23JpEad5/Bah+aYQQ6etAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUcgxighP2n6h8CLVMJ+DVzbnwg6cwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzUyZTMxMzgzMjJlMzMzNDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzOTMyMzQzMi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAW2
IjANBgkqhkiG9w0BAQsFAAOCAQEANkZx9zJ0Q8dYis+q9kQ0zrqXjp7PdSyrd4+z
tkFxkPuIl0DOmhqIEwqnKZRODshyBSrvqW/dceb2yIuG7Erm1izr/YX/Yjb5X3XV
PZ6xBxNmkid+mzLDFH8rpz8yeuy68IJcpvqkkd0TtjSn6z7w9HHiHz22g3a3W5Zv
OjqlOTZtfYv2kJc+wN2efTRcttbsE5nC0IaScvDR8KtjZlktsoytFY8eVJMssTxW
HtFqZ8/6Rl0bApmQ+TtS/IwlbSOvG+W6F0Wqv7Hj91k8iw1weHmY7Vjll7E7+rdO
FywsCMIJCu2A7xgVT+ZAiHep1+S78tkgiReRHtxnjMJmCrAlfg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:17 2024 by rpki-client on console-fra.rpki-client.org