Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/352e3235332e3233362e302f32322d3232203d3e20323033303631.roa
File: 352e3235332e3233362e302f32322d3232203d3e20323033303631.roa (raw, json)
Hash identifier: 1kxVZrsHdxIRRyNuPiUV0dBv8CjS/75Ck2tMISya4sA=
Subject key identifier: 0A:6B:11:D7:6C:E1:53:93:BB:30:9F:30:F0:C6:6B:F2:D3:B4:E1:47
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 456E78FF8530886CE020DE9B01428C028BFD47D1
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/352e3235332e3233362e302f32322d3232203d3e20323033303631.roa
Signing time: Mon 27 Jan 2025 09:44:47 +0000
ROA not before: Mon 27 Jan 2025 09:39:47 +0000
ROA not after: Mon 26 Jan 2026 09:44:47 +0000
asID: 203061
IP address blocks: 5.253.236.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:28:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:6e:78:ff:85:30:88:6c:e0:20:de:9b:01:42:8c:02:8b:fd:47:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jan 27 09:39:47 2025 GMT
Not After : Jan 26 09:44:47 2026 GMT
Subject: CN=0A6B11D76CE15393BB309F30F0C66BF2D3B4E147
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:43:ef:4e:41:cc:2a:c6:fb:8e:2c:e6:4b:a1:
80:61:43:dc:0b:0f:2a:12:26:fc:1d:56:0c:f1:e5:
fa:32:95:11:c4:ba:8e:7d:7f:fa:61:d6:c9:be:53:
b3:03:35:2e:25:0d:f1:1b:c5:b4:ec:3f:3f:12:b4:
38:53:f2:38:7b:6a:7e:a3:37:35:8b:8e:1e:1e:38:
74:3b:46:6d:fe:06:a4:e5:f3:e3:85:fe:78:5a:22:
02:46:4a:cf:15:46:b9:c8:85:94:cc:12:19:bf:94:
33:d4:fc:57:26:03:52:e4:ae:43:e6:d9:94:63:30:
33:bd:be:db:27:34:47:3b:37:01:26:2b:c3:02:e0:
f5:c6:3f:4d:4a:26:ea:02:a2:c5:9b:0e:05:a6:43:
c1:20:92:14:ae:6a:35:0f:4c:36:07:03:29:a9:df:
00:cf:a4:a3:6c:6e:2f:75:b2:06:7e:d2:e9:b8:df:
5f:87:c5:92:a9:3c:5a:99:c4:63:80:fc:b0:e7:5f:
f1:33:fa:fb:22:28:72:19:66:0c:b5:39:76:12:d7:
90:d7:66:3e:8a:5c:a6:01:1f:3b:18:6d:08:88:72:
1e:ab:68:0e:36:4a:6d:72:ab:03:a4:5b:cf:89:8a:
1a:82:76:1e:08:d3:d2:c3:4d:9c:56:a0:20:7f:da:
30:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:6B:11:D7:6C:E1:53:93:BB:30:9F:30:F0:C6:6B:F2:D3:B4:E1:47
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/352e3235332e3233362e302f32322d3232203d3e20323033303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.236.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:fe:4d:54:5c:8e:a6:1c:8d:a7:9c:55:1b:52:c4:2f:22:34:
d2:5b:a9:48:9e:f4:ec:46:43:cf:06:11:d2:41:51:4f:f2:42:
ec:c3:dc:06:e0:58:8d:38:b8:7f:9a:f9:65:c4:6e:7d:ae:7c:
2d:de:30:b4:86:ad:ef:d0:d4:93:dd:08:a6:68:3c:7f:12:aa:
bf:3c:c8:54:a3:45:4e:4e:86:3e:ba:01:b3:58:d8:09:4b:9e:
ed:f4:8e:4b:56:0f:45:c7:2c:92:d2:bc:2d:58:53:3d:06:19:
6e:af:51:ac:25:20:03:5e:2b:e8:a9:7b:a1:eb:e6:10:61:ae:
d7:2c:da:6b:65:9b:3e:a9:d1:12:d8:c5:14:4f:9a:55:95:78:
73:a5:57:83:8d:5c:85:cd:10:3e:db:83:57:1e:e2:04:84:97:
f1:f7:67:6f:a6:d1:87:a6:00:20:e3:eb:b8:51:e4:36:d2:09:
37:16:24:bb:87:e2:2f:87:1b:00:33:5f:97:57:75:6a:1e:02:
b2:df:70:40:3f:28:59:9d:2e:6c:b0:3f:2c:94:e1:ba:86:bf:
13:03:e0:a1:01:54:a2:c1:65:14:2e:db:7b:be:68:6f:a1:0a:
a9:5d:35:f5:eb:77:d9:b6:71:a8:f4:57:a8:1f:27:2b:7d:57:
20:3f:a6:c3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURW54/4UwiGzgIN6bAUKMAov9R9EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAxMjcwOTM5NDdaFw0yNjAxMjYwOTQ0NDdaMDMxMTAvBgNV
BAMTKDBBNkIxMUQ3NkNFMTUzOTNCQjMwOUYzMEYwQzY2QkYyRDNCNEUxNDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSQ+9OQcwqxvuOLOZLoYBhQ9wL
DyoSJvwdVgzx5foylRHEuo59f/ph1sm+U7MDNS4lDfEbxbTsPz8StDhT8jh7an6j
NzWLjh4eOHQ7Rm3+BqTl8+OF/nhaIgJGSs8VRrnIhZTMEhm/lDPU/FcmA1LkrkPm
2ZRjMDO9vtsnNEc7NwEmK8MC4PXGP01KJuoCosWbDgWmQ8EgkhSuajUPTDYHAymp
3wDPpKNsbi91sgZ+0um431+HxZKpPFqZxGOA/LDnX/Ez+vsiKHIZZgy1OXYS15DX
Zj6KXKYBHzsYbQiIch6raA42Sm1yqwOkW8+JihqCdh4I09LDTZxWoCB/2jCxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUCmsR12zhU5O7MJ8w8MZr8tO04UcwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzUyZTMyMzUzMzJlMzIzMzM2
MmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzMDMzMzAzNjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
Bf3sMA0GCSqGSIb3DQEBCwUAA4IBAQA6/k1UXI6mHI2nnFUbUsQvIjTSW6lInvTs
RkPPBhHSQVFP8kLsw9wG4FiNOLh/mvllxG59rnwt3jC0hq3v0NST3QimaDx/Eqq/
PMhUo0VOToY+ugGzWNgJS57t9I5LVg9FxyyS0rwtWFM9Bhlur1GsJSADXivoqXuh
6+YQYa7XLNprZZs+qdES2MUUT5pVlXhzpVeDjVyFzRA+24NXHuIEhJfx92dvptGH
pgAg4+u4UeQ20gk3FiS7h+IvhxsAM1+XV3VqHgKy33BAPyhZnS5ssD8slOG6hr8T
A+ChAVSiwWUULtt7vmhvoQqpXTX163fZtnGo9FeoHycrfVcgP6bD
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:33:59 2025 by rpki-client