Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/352e3235322e3134312e302f32342d3234203d3e20313336373837.roa
File: 352e3235322e3134312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: w+HTKPHvJWe08JlV0soxvs2/Xn9HgxiFRdjmBvr7Jmc=
Subject key identifier: 86:9D:34:B9:CC:D1:1A:40:EC:6B:9C:F1:E8:75:20:C3:76:00:21:2B
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 67DC7EF18C5825C7426EB4A4FDE09293002D59C9
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/352e3235322e3134312e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 13 Feb 2024 12:54:16 +0000
ROA not before: Tue 13 Feb 2024 12:49:16 +0000
ROA not after: Tue 11 Feb 2025 12:54:16 +0000
asID: 136787
IP address blocks: 5.252.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:dc:7e:f1:8c:58:25:c7:42:6e:b4:a4:fd:e0:92:93:00:2d:59:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Feb 13 12:49:16 2024 GMT
Not After : Feb 11 12:54:16 2025 GMT
Subject: CN=869D34B9CCD11A40EC6B9CF1E87520C37600212B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:09:0b:e5:e3:b2:44:e3:c1:e4:5a:09:90:db:
05:e3:77:36:2d:02:e0:cd:eb:8b:99:4e:ec:2c:20:
9c:28:dd:35:b9:ff:81:bb:16:8a:8e:23:e3:ce:2b:
14:af:38:ec:32:e4:1a:84:e5:d6:25:7c:35:b8:7e:
84:37:84:b2:f6:3f:ee:ec:1b:7f:42:17:f0:f9:3d:
7a:cc:95:95:f7:8e:14:aa:1e:83:c7:44:04:3a:91:
67:21:09:98:f6:32:d0:37:b6:66:2b:3d:a5:43:9a:
8f:14:3f:9c:16:dd:b2:41:fd:1b:56:d5:75:05:50:
f0:c9:ea:e4:57:21:b2:5e:32:7b:9c:09:66:0c:00:
0b:a6:cd:1a:2d:d9:b3:55:81:ab:a8:c9:c0:73:72:
a0:7d:c2:a6:d5:88:81:e2:e2:1d:c0:7f:0d:cc:6f:
1b:c1:69:92:ce:02:b7:0b:0b:2f:77:2d:f3:86:3e:
4f:7c:d3:49:5a:a5:ff:e7:7b:85:12:a6:08:3d:f6:
11:19:58:b3:ce:e5:2e:a8:44:cb:77:ab:14:05:c5:
4a:a5:f0:c1:69:d6:a0:77:a6:30:51:7e:d9:8c:78:
e5:c9:7a:4d:e1:db:c7:b1:b3:8c:bd:b9:8d:6d:1f:
09:75:80:a4:e8:61:ab:69:0f:4a:1c:2b:cb:1e:c5:
76:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:9D:34:B9:CC:D1:1A:40:EC:6B:9C:F1:E8:75:20:C3:76:00:21:2B
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/352e3235322e3134312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.141.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:26:50:0f:5b:d7:a4:34:e5:38:9e:4b:7b:22:7f:24:2f:97:
ea:43:1b:9c:f7:6d:1b:ad:71:86:fe:f1:0d:f7:a3:94:a9:bb:
d2:97:5c:ff:b9:54:53:1e:d0:bb:7c:a6:43:ad:38:5b:fd:1a:
49:b9:62:f6:5b:55:48:c1:d0:29:84:ae:d6:55:b5:9e:ad:3a:
42:45:13:2e:3b:72:4b:9c:3b:0b:d6:f5:f2:ac:83:bf:0f:39:
65:9a:f8:a9:d7:57:67:55:a9:ff:88:dd:12:83:5b:dd:5a:d4:
09:17:d0:1e:c6:47:62:9c:61:de:02:be:82:5e:33:8b:07:dd:
77:87:0b:44:f2:b7:9a:ea:8e:34:02:ea:f5:0a:3e:7a:76:9f:
37:54:a1:63:01:81:8c:9c:14:a1:49:15:bc:d1:be:77:6a:b4:
4f:26:75:8c:24:cb:ea:04:28:d8:58:f9:14:ba:f7:3c:27:39:
76:ac:f9:66:75:42:1f:48:e5:c6:9d:93:f6:14:0a:da:72:42:
3a:ea:26:49:4c:75:0b:c4:9e:8b:46:7c:22:45:5e:4c:1a:0d:
a6:3b:05:49:e6:66:d5:8d:3f:4c:1a:6a:fd:3f:a5:b1:f4:3a:
11:19:d0:6e:7f:91:f2:a4:6e:08:3e:7f:1e:ce:d6:41:c0:af:
84:c3:39:b7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZ9x+8YxYJcdCbrSk/eCSkwAtWckwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDAyMTMxMjQ5MTZaFw0yNTAyMTExMjU0MTZaMDMxMTAvBgNV
BAMTKDg2OUQzNEI5Q0NEMTFBNDBFQzZCOUNGMUU4NzUyMEMzNzYwMDIxMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKCQvl47JE48HkWgmQ2wXjdzYt
AuDN64uZTuwsIJwo3TW5/4G7FoqOI+POKxSvOOwy5BqE5dYlfDW4foQ3hLL2P+7s
G39CF/D5PXrMlZX3jhSqHoPHRAQ6kWchCZj2MtA3tmYrPaVDmo8UP5wW3bJB/RtW
1XUFUPDJ6uRXIbJeMnucCWYMAAumzRot2bNVgauoycBzcqB9wqbViIHi4h3Afw3M
bxvBaZLOArcLCy93LfOGPk9800lapf/ne4USpgg99hEZWLPO5S6oRMt3qxQFxUql
8MFp1qB3pjBRftmMeOXJek3h28exs4y9uY1tHwl1gKToYatpD0ocK8sexXZlAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUhp00uczRGkDsa5zx6HUgw3YAISswHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzUyZTMyMzUzMjJlMzEzNDMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BfyNMA0GCSqGSIb3DQEBCwUAA4IBAQCoJlAPW9ekNOU4nkt7In8kL5fqQxuc920b
rXGG/vEN96OUqbvSl1z/uVRTHtC7fKZDrThb/RpJuWL2W1VIwdAphK7WVbWerTpC
RRMuO3JLnDsL1vXyrIO/Dzllmvip11dnVan/iN0Sg1vdWtQJF9AexkdinGHeAr6C
XjOLB913hwtE8rea6o40Aur1Cj56dp83VKFjAYGMnBShSRW80b53arRPJnWMJMvq
BCjYWPkUuvc8Jzl2rPlmdUIfSOXGnZP2FArackI66iZJTHULxJ6LRnwiRV5MGg2m
OwVJ5mbVjT9MGmr9P6Wx9DoRGdBuf5HypG4IPn8eztZBwK+Ewzm3
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:49 2024 by rpki-client on console-ams.rpki-client.org