Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/352e3235322e3134332e302f32342d3234203d3e20313336373837.roa
File: 352e3235322e3134332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 0FqSZJHXXG0brwjvh4/Wyrjm1kXKFiE2DLjbFwIhYlY=
Subject key identifier: 6F:56:E9:00:C7:83:C9:DD:B2:77:B3:4A:60:37:2C:EE:BA:DF:A9:91
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 40019072FFBBAE431EB71D645680114CCB29E665
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/352e3235322e3134332e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 13 Feb 2024 12:54:19 +0000
ROA not before: Tue 13 Feb 2024 12:49:19 +0000
ROA not after: Tue 11 Feb 2025 12:54:19 +0000
asID: 136787
IP address blocks: 5.252.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 16:15:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:01:90:72:ff:bb:ae:43:1e:b7:1d:64:56:80:11:4c:cb:29:e6:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Feb 13 12:49:19 2024 GMT
Not After : Feb 11 12:54:19 2025 GMT
Subject: CN=6F56E900C783C9DDB277B34A60372CEEBADFA991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:29:cb:cb:a6:3b:a4:02:5a:5f:df:99:ad:41:
b2:9f:af:b7:cb:2c:db:d1:ad:19:be:0a:37:c7:11:
2b:81:50:de:00:7f:da:f2:e7:2e:b0:d6:08:dc:a2:
d5:24:3c:32:f6:21:ee:ab:cc:3e:e9:3a:78:3b:5c:
3a:08:ed:7d:7a:1d:41:df:3e:49:f9:2c:f1:58:16:
c0:82:db:cf:77:87:89:6a:b9:4f:c7:8a:e6:ac:37:
b0:d5:53:b4:41:61:e4:11:b9:74:e3:64:69:dc:71:
de:6d:1e:de:67:1b:79:11:b0:ba:03:9e:b0:c5:a3:
27:a0:5e:00:20:04:20:ee:7c:1a:e3:ad:fd:2c:5e:
7d:df:56:bf:12:72:f3:2e:cb:80:3a:f2:9e:fa:b9:
11:17:7a:f5:c5:f0:56:dc:3c:28:1e:d3:4b:52:74:
4b:a8:58:a9:d1:6c:01:1d:f6:d4:04:18:60:83:ea:
90:df:5b:36:ce:55:7b:3a:55:d4:22:94:b3:d7:9e:
d4:3c:9d:7f:4a:83:64:ff:72:40:a9:40:8f:2e:5a:
5d:ee:fa:39:f6:e7:ad:16:6d:58:0d:53:87:5f:00:
86:ac:21:b5:49:10:43:01:35:c8:b0:9b:cc:f2:50:
83:9f:88:bb:5d:2d:43:dc:b9:0b:63:2d:0f:ae:ff:
aa:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:56:E9:00:C7:83:C9:DD:B2:77:B3:4A:60:37:2C:EE:BA:DF:A9:91
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/352e3235322e3134332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.143.0/24
Signature Algorithm: sha256WithRSAEncryption
20:9f:23:77:77:ff:56:8d:9f:71:3f:24:75:45:91:c8:02:7b:
c5:5f:cb:24:69:70:c7:26:ca:a6:b1:99:7e:4f:7c:04:53:45:
0d:0a:cf:e0:6b:a8:9f:e0:00:5e:05:ed:59:f6:54:20:47:a1:
e7:e4:03:02:a5:f6:2d:df:f4:5f:aa:9d:71:cf:10:ec:b8:5e:
6d:58:90:4f:26:f8:b7:6f:98:32:60:a3:60:cd:94:6e:f9:ae:
af:e0:b6:35:f9:af:85:2e:e1:d5:9f:d3:86:b5:2e:38:2b:13:
85:43:8e:31:b5:12:60:0e:59:6a:75:d8:0b:b1:2c:af:5c:19:
db:24:5b:4c:f9:e8:ab:5f:50:e9:cd:b1:8f:89:74:2f:b4:a6:
be:21:0c:ff:7c:e0:a9:dd:5c:50:e2:cd:c5:51:a4:3b:25:45:
16:a0:2e:c2:ed:7e:c1:4a:98:f7:4c:2f:f7:c4:f7:41:76:7f:
00:54:cb:75:02:3c:fb:ef:73:fb:e5:30:df:3d:6f:87:aa:d5:
26:c7:83:23:13:ad:e7:21:1e:0b:e6:ce:09:f8:b9:d5:a0:05:
c6:fe:bf:6a:23:a6:d5:d3:0c:6d:5d:b2:cf:e2:04:14:cb:eb:
2c:37:f5:05:74:95:dd:39:6d:21:4f:f0:c9:60:16:2f:c7:5e:
a9:ad:56:d9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQAGQcv+7rkMetx1kVoARTMsp5mUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDAyMTMxMjQ5MTlaFw0yNTAyMTExMjU0MTlaMDMxMTAvBgNV
BAMTKDZGNTZFOTAwQzc4M0M5RERCMjc3QjM0QTYwMzcyQ0VFQkFERkE5OTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgKcvLpjukAlpf35mtQbKfr7fL
LNvRrRm+CjfHESuBUN4Af9ry5y6w1gjcotUkPDL2Ie6rzD7pOng7XDoI7X16HUHf
Pkn5LPFYFsCC2893h4lquU/HiuasN7DVU7RBYeQRuXTjZGnccd5tHt5nG3kRsLoD
nrDFoyegXgAgBCDufBrjrf0sXn3fVr8ScvMuy4A68p76uREXevXF8FbcPCge00tS
dEuoWKnRbAEd9tQEGGCD6pDfWzbOVXs6VdQilLPXntQ8nX9Kg2T/ckCpQI8uWl3u
+jn2560WbVgNU4dfAIasIbVJEEMBNciwm8zyUIOfiLtdLUPcuQtjLQ+u/6qTAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUb1bpAMeDyd2yd7NKYDcs7rrfqZEwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzUyZTMyMzUzMjJlMzEzNDMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BfyPMA0GCSqGSIb3DQEBCwUAA4IBAQAgnyN3d/9WjZ9xPyR1RZHIAnvFX8skaXDH
JsqmsZl+T3wEU0UNCs/ga6if4ABeBe1Z9lQgR6Hn5AMCpfYt3/Rfqp1xzxDsuF5t
WJBPJvi3b5gyYKNgzZRu+a6v4LY1+a+FLuHVn9OGtS44KxOFQ44xtRJgDllqddgL
sSyvXBnbJFtM+eirX1DpzbGPiXQvtKa+IQz/fOCp3VxQ4s3FUaQ7JUUWoC7C7X7B
Spj3TC/3xPdBdn8AVMt1Ajz773P75TDfPW+HqtUmx4MjE63nIR4L5s4J+LnVoAXG
/r9qI6bV0wxtXbLP4gQUy+ssN/UFdJXdOW0hT/DJYBYvx16prVbZ
-----END CERTIFICATE-----
Generated at Tue May 7 23:39:21 2024 by rpki-client on console-ams.rpki-client.org