Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/352e3133332e3131382e302f32342d3234203d3e20313336373837.roa
File: 352e3133332e3131382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: EBmGkOa0H4lGfIoQOhwP+yy7HeDPUv65Del98vgV7/0=
Subject key identifier: 5B:6E:E1:20:8F:75:29:BA:37:B7:09:8B:3E:D7:EA:2D:10:4B:6A:B1
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 123A94556FC8F6DCDA6101BC98BEBC9069B0FAB0
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/352e3133332e3131382e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 13 Feb 2024 12:54:45 +0000
ROA not before: Tue 13 Feb 2024 12:49:45 +0000
ROA not after: Tue 11 Feb 2025 12:54:45 +0000
asID: 136787
IP address blocks: 5.133.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:3a:94:55:6f:c8:f6:dc:da:61:01:bc:98:be:bc:90:69:b0:fa:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Feb 13 12:49:45 2024 GMT
Not After : Feb 11 12:54:45 2025 GMT
Subject: CN=5B6EE1208F7529BA37B7098B3ED7EA2D104B6AB1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:20:a6:b5:04:d5:0e:16:e6:6d:ab:2e:4a:ab:
2d:62:99:ba:9c:1d:64:fe:be:69:82:a1:26:93:64:
03:98:fe:67:42:98:a1:13:c4:32:94:4c:a2:41:21:
ca:82:45:36:e9:26:44:f2:f6:7b:4f:d7:53:90:b0:
4b:e9:e8:7a:bd:51:29:2e:44:7c:80:1b:89:1c:77:
a7:dc:33:17:4b:d9:14:1a:90:12:bf:37:ad:b3:4c:
53:e8:64:41:16:c4:41:d5:9b:66:a0:c7:9b:fb:ac:
aa:45:fb:30:e2:dc:d6:4c:63:cf:da:fa:ed:0a:ec:
75:fe:a9:1c:c2:c7:56:61:22:8c:c7:ea:2d:9b:d0:
b7:8d:c2:a9:c0:a0:91:dd:3b:05:6c:1b:b8:02:25:
b0:2c:0f:42:47:3d:85:1f:c2:73:23:13:1b:a6:06:
c6:2f:fb:95:6c:3d:da:4a:55:e3:be:95:2c:b4:6b:
ff:38:1e:47:d3:89:44:02:18:f9:50:72:8c:af:c0:
3d:3a:4c:1e:5d:ed:55:a4:be:73:b9:bf:79:4f:d6:
a5:89:e3:97:51:ee:bb:17:17:67:2c:e0:2a:c4:dd:
27:98:8a:7b:8d:df:5a:d5:6f:29:04:a8:48:be:4b:
07:00:a8:52:8d:de:ce:2d:9c:de:c4:6f:49:54:a3:
0d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:6E:E1:20:8F:75:29:BA:37:B7:09:8B:3E:D7:EA:2D:10:4B:6A:B1
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/352e3133332e3131382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.118.0/24
Signature Algorithm: sha256WithRSAEncryption
54:1e:c1:d6:7f:8b:f1:8a:f1:73:4e:ef:bd:92:7c:bf:65:40:
75:f7:ed:45:f4:e7:d4:3d:84:bf:4b:c8:0f:9e:21:b5:f0:1d:
50:a0:c6:e0:6a:17:d8:32:7b:8b:e4:f4:8c:6a:41:db:ac:cd:
c3:36:60:6a:a8:79:ac:51:5a:bf:e0:5d:b3:0b:9f:2e:e6:e2:
81:f2:43:2a:32:fe:ad:76:37:f1:b1:bb:3a:af:7b:4c:42:31:
f1:9f:1c:e9:bc:09:90:6c:c3:fc:78:6e:e2:91:87:15:b9:7b:
c3:1c:d4:d2:9e:f7:d2:53:88:bd:a3:e7:29:b4:e2:7a:41:99:
b7:40:e9:43:df:f9:b6:69:5f:b4:40:d0:c7:1d:0d:95:7c:75:
d5:09:8a:e2:fd:51:ce:c0:d9:29:b2:12:eb:19:e3:9e:f6:fd:
dc:bd:2a:60:63:4d:4f:19:91:f1:df:b7:8c:3b:4d:45:55:03:
7f:49:23:bf:f7:6c:29:fd:e3:39:7f:37:50:31:88:1d:36:38:
52:d2:62:08:2a:d4:78:19:6f:6f:55:b5:89:a8:80:ea:27:97:
21:83:44:e9:d5:85:7a:2f:b3:16:3b:23:de:0b:13:de:95:9e:
9d:60:4a:5f:c1:e5:62:05:af:cd:d7:cb:8f:72:15:55:0f:3c:
55:a9:23:ee
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUEjqUVW/I9tzaYQG8mL68kGmw+rAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDAyMTMxMjQ5NDVaFw0yNTAyMTExMjU0NDVaMDMxMTAvBgNV
BAMTKDVCNkVFMTIwOEY3NTI5QkEzN0I3MDk4QjNFRDdFQTJEMTA0QjZBQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdIKa1BNUOFuZtqy5Kqy1imbqc
HWT+vmmCoSaTZAOY/mdCmKETxDKUTKJBIcqCRTbpJkTy9ntP11OQsEvp6Hq9USku
RHyAG4kcd6fcMxdL2RQakBK/N62zTFPoZEEWxEHVm2agx5v7rKpF+zDi3NZMY8/a
+u0K7HX+qRzCx1ZhIozH6i2b0LeNwqnAoJHdOwVsG7gCJbAsD0JHPYUfwnMjExum
BsYv+5VsPdpKVeO+lSy0a/84HkfTiUQCGPlQcoyvwD06TB5d7VWkvnO5v3lP1qWJ
45dR7rsXF2cs4CrE3SeYinuN31rVbykEqEi+SwcAqFKN3s4tnN7Eb0lUow31AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUW27hII91Kbo3twmLPtfqLRBLarEwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzUyZTMxMzMzMzJlMzEzMTM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BYV2MA0GCSqGSIb3DQEBCwUAA4IBAQBUHsHWf4vxivFzTu+9kny/ZUB19+1F9OfU
PYS/S8gPniG18B1QoMbgahfYMnuL5PSMakHbrM3DNmBqqHmsUVq/4F2zC58u5uKB
8kMqMv6tdjfxsbs6r3tMQjHxnxzpvAmQbMP8eG7ikYcVuXvDHNTSnvfSU4i9o+cp
tOJ6QZm3QOlD3/m2aV+0QNDHHQ2VfHXVCYri/VHOwNkpshLrGeOe9v3cvSpgY01P
GZHx37eMO01FVQN/SSO/92wp/eM5fzdQMYgdNjhS0mIIKtR4GW9vVbWJqIDqJ5ch
g0Tp1YV6L7MWOyPeCxPelZ6dYEpfweViBa/N18uPchVVDzxVqSPu
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:44:11 2024 by rpki-client on console-fra.rpki-client.org