Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/352e3235332e3233362e302f32322d3232203d3e20323033303631.roa
File: 352e3235332e3233362e302f32322d3232203d3e20323033303631.roa (raw, json)
Hash identifier: 93NMtH6wizdu1+svLIWdGvsPVkXF1bLX0EINlSvAy/M=
Subject key identifier: 17:C9:3D:AC:6A:13:2A:B0:79:BA:33:07:AC:5F:55:3B:C2:8A:BF:4D
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 0E976FDA37E63D6073F7DB07EB8DDB3AEB7F50E6
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/352e3235332e3233362e302f32322d3232203d3e20323033303631.roa
Signing time: Mon 26 Feb 2024 08:52:44 +0000
ROA not before: Mon 26 Feb 2024 08:47:44 +0000
ROA not after: Mon 24 Feb 2025 08:52:44 +0000
asID: 203061
IP address blocks: 5.253.236.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:97:6f:da:37:e6:3d:60:73:f7:db:07:eb:8d:db:3a:eb:7f:50:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Feb 26 08:47:44 2024 GMT
Not After : Feb 24 08:52:44 2025 GMT
Subject: CN=17C93DAC6A132AB079BA3307AC5F553BC28ABF4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:0a:e8:28:91:8d:f4:8c:9c:9d:12:c3:c2:75:
ed:da:40:62:03:05:00:bb:ca:41:42:be:f3:18:83:
dd:8a:31:7c:89:6e:e7:9a:42:02:25:a7:55:3e:2d:
32:97:8b:be:9a:3d:f6:b4:d3:af:b3:4e:5e:fc:92:
13:b6:74:28:ad:d2:f9:eb:85:17:9c:d9:3f:40:4c:
4e:f1:3f:62:e2:94:92:e0:aa:a0:7b:94:26:0f:71:
43:0e:7f:3b:e0:6e:fc:14:54:c2:8f:1a:81:a7:08:
23:29:09:74:30:62:da:c0:9f:46:1c:58:12:41:ae:
6b:0e:62:25:97:ba:fe:10:61:a3:ce:d5:65:e1:86:
31:0a:cd:91:e0:64:f4:5f:5b:c7:09:f9:49:95:b5:
9b:11:72:ea:fe:68:62:c9:b9:41:72:e2:c8:6a:b0:
5b:ff:dc:c7:f7:70:00:64:fc:60:7e:48:9d:1c:1f:
b0:27:5f:d5:5e:1b:e1:31:3c:d2:29:8e:8f:74:57:
0c:87:34:7b:48:70:e5:b5:33:f2:53:15:7c:d9:a0:
99:1a:7d:27:70:73:43:52:56:53:97:f5:b2:6e:35:
19:d3:63:c2:1b:2e:06:47:b9:a1:02:bd:88:14:d2:
38:44:fc:3c:75:f7:0a:ab:54:9f:36:0f:46:3d:cf:
60:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:C9:3D:AC:6A:13:2A:B0:79:BA:33:07:AC:5F:55:3B:C2:8A:BF:4D
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/352e3235332e3233362e302f32322d3232203d3e20323033303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.236.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:ce:bc:a1:7d:d0:37:a2:90:86:3f:23:e9:e7:b8:34:9c:41:
d8:65:9f:a7:41:aa:e3:d0:6e:60:c4:95:bf:71:33:27:ee:95:
fb:1c:b0:5b:5c:33:e9:85:72:34:67:33:c1:d8:18:62:e7:22:
cc:10:a3:23:bc:97:df:4b:dc:bf:cb:53:29:2e:cf:8e:65:e4:
6a:ef:6e:37:55:b8:24:1c:81:5c:9d:7b:82:14:fd:bb:01:9e:
a5:0f:58:79:18:75:50:45:84:96:b1:ff:08:72:ac:6d:21:5f:
61:2a:b8:67:ce:b3:ee:55:76:76:5b:66:d7:1c:2a:d7:0e:f9:
5a:c2:d8:be:1b:96:a2:ca:1d:a3:a1:a1:ea:0d:7c:82:ef:cd:
64:7f:94:79:f5:c2:2e:1f:5b:6c:e0:f8:c9:6d:1c:d6:25:b1:
31:ae:f8:aa:c5:f3:a6:14:5a:d6:6d:48:4a:07:d1:9e:e1:19:
80:4f:df:80:4b:56:69:ee:9d:55:30:2e:98:59:44:00:fd:05:
06:2b:47:4d:e5:fd:8d:94:32:86:33:e4:e2:01:1e:5f:b3:8b:
02:1e:93:1a:2c:0c:5a:10:0d:25:4e:85:ac:ef:9a:5b:4b:dd:
1e:dc:44:5a:4f:d9:40:23:cc:93:b6:9e:a6:59:50:7a:9e:2f:
08:10:bf:f0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDpdv2jfmPWBz99sH643bOut/UOYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDAyMjYwODQ3NDRaFw0yNTAyMjQwODUyNDRaMDMxMTAvBgNV
BAMTKDE3QzkzREFDNkExMzJBQjA3OUJBMzMwN0FDNUY1NTNCQzI4QUJGNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtCugokY30jJydEsPCde3aQGID
BQC7ykFCvvMYg92KMXyJbueaQgIlp1U+LTKXi76aPfa006+zTl78khO2dCit0vnr
hRec2T9ATE7xP2LilJLgqqB7lCYPcUMOfzvgbvwUVMKPGoGnCCMpCXQwYtrAn0Yc
WBJBrmsOYiWXuv4QYaPO1WXhhjEKzZHgZPRfW8cJ+UmVtZsRcur+aGLJuUFy4shq
sFv/3Mf3cABk/GB+SJ0cH7AnX9VeG+ExPNIpjo90VwyHNHtIcOW1M/JTFXzZoJka
fSdwc0NSVlOX9bJuNRnTY8IbLgZHuaECvYgU0jhE/Dx19wqrVJ82D0Y9z2DBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUF8k9rGoTKrB5ujMHrF9VO8KKv00wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzUyZTMyMzUzMzJlMzIzMzM2
MmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzMDMzMzAzNjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
Bf3sMA0GCSqGSIb3DQEBCwUAA4IBAQCbzryhfdA3opCGPyPp57g0nEHYZZ+nQarj
0G5gxJW/cTMn7pX7HLBbXDPphXI0ZzPB2Bhi5yLMEKMjvJffS9y/y1MpLs+OZeRq
7243VbgkHIFcnXuCFP27AZ6lD1h5GHVQRYSWsf8IcqxtIV9hKrhnzrPuVXZ2W2bX
HCrXDvlawti+G5aiyh2joaHqDXyC781kf5R59cIuH1ts4PjJbRzWJbExrviqxfOm
FFrWbUhKB9Ge4RmAT9+AS1Zp7p1VMC6YWUQA/QUGK0dN5f2NlDKGM+TiAR5fs4sC
HpMaLAxaEA0lToWs75pbS90e3ERaT9lAI8yTtp6mWVB6ni8IEL/w
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:14:45 2024 by rpki-client on console-ams.rpki-client.org