Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3234312e3233362e302f32322d3232203d3e20323030303634.roa
File: 3138352e3234312e3233362e302f32322d3232203d3e20323030303634.roa (raw, json)
Hash identifier: i6Q4xcf2c+OJQXBhHmNFkPOvXxrJULpWjT4VqMVcHr4=
Subject key identifier: 9B:BB:87:E0:A8:89:23:58:A7:5E:31:81:A9:68:31:E3:62:90:C1:F7
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 73D5049E2C9F21E579F682A290379E4359C93B66
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3234312e3233362e302f32322d3232203d3e20323030303634.roa
Signing time: Mon 30 Dec 2024 15:41:20 +0000
ROA not before: Mon 30 Dec 2024 15:36:20 +0000
ROA not after: Mon 29 Dec 2025 15:41:20 +0000
asID: 200064
IP address blocks: 185.241.236.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:d5:04:9e:2c:9f:21:e5:79:f6:82:a2:90:37:9e:43:59:c9:3b:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Dec 30 15:36:20 2024 GMT
Not After : Dec 29 15:41:20 2025 GMT
Subject: CN=9BBB87E0A8892358A75E3181A96831E36290C1F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8d:4f:52:58:2f:a6:85:44:7f:9f:65:93:eb:
7f:cf:a4:78:98:39:a3:a2:7c:69:a5:81:a9:b8:7f:
35:3d:b9:dc:b6:2e:e8:91:57:74:36:d7:47:1c:ba:
55:74:28:05:6a:72:d7:a5:38:95:30:79:6b:54:60:
df:58:4f:42:f1:68:4b:74:6c:f2:ed:1f:c9:6f:34:
e5:67:bf:37:b2:f2:88:01:a5:3e:db:d7:f5:66:1b:
fa:5b:f5:5a:fa:7b:ac:33:2e:92:2d:23:21:ac:95:
dd:6d:77:d6:fe:bb:19:b2:ae:0f:10:49:cc:a3:8a:
e0:68:93:e8:e6:36:f4:8c:48:cc:c8:b0:b6:0d:e8:
c7:a9:68:d1:ee:cd:d0:74:97:59:62:c5:9c:df:59:
91:f1:6d:0f:f5:93:85:79:4c:97:fa:df:c4:dd:70:
5c:e1:ef:57:e6:f5:77:2a:ca:9a:83:db:2e:46:b6:
03:c7:a3:49:ea:48:b7:65:00:f8:03:a9:15:b3:77:
b8:bf:f9:73:41:de:18:db:21:51:78:a6:2d:8a:c7:
b6:51:d5:5c:d6:e1:4c:10:b2:86:ed:1f:19:eb:92:
c0:30:90:b5:88:06:a9:30:2c:99:d3:52:f2:e0:6f:
d9:d8:f4:28:7a:99:00:43:50:18:f0:23:ec:82:e9:
8a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:BB:87:E0:A8:89:23:58:A7:5E:31:81:A9:68:31:E3:62:90:C1:F7
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3234312e3233362e302f32322d3232203d3e20323030303634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.236.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:0b:53:de:b5:09:be:42:60:21:40:66:bf:77:07:10:78:a4:
3c:64:0e:97:39:a7:b1:e7:14:50:0d:fb:69:87:d4:0c:b8:93:
4a:0b:56:dd:b5:aa:8e:bc:76:50:be:83:5b:bd:9f:b5:90:c4:
44:fb:a0:27:86:59:75:ff:9f:04:90:2a:5d:9d:17:2d:be:a6:
73:9c:40:a1:70:5b:7d:0d:ce:31:15:9e:56:b5:92:05:d8:13:
25:45:12:5c:ce:cd:69:36:11:a1:d2:cb:a4:87:b9:f8:58:3d:
84:9e:2b:18:bb:1c:2f:d1:9e:61:45:68:7e:ef:1b:97:6f:f2:
b8:52:0f:26:8e:ee:26:e5:e9:eb:cb:66:b8:64:a4:6f:61:01:
87:7d:94:cf:c6:ef:4b:cb:d3:7e:93:a6:4d:f6:e4:70:54:61:
68:50:73:7b:02:73:b7:0b:c9:d7:1e:f9:22:c2:37:29:44:b6:
ab:ad:aa:39:28:b9:21:70:ad:1a:77:10:d0:ad:82:de:46:14:
94:c3:e7:23:bd:c5:c4:5e:89:0a:b0:53:f6:01:cb:fd:62:03:
b9:48:86:ef:83:b7:13:6e:e7:10:40:17:2b:6e:cd:2b:5e:04:
58:7d:ae:20:d5:41:8d:16:d4:5f:1a:ae:1d:af:15:98:b5:07:
7f:92:b2:0e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUc9UEniyfIeV59oKikDeeQ1nJO2YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDEyMzAxNTM2MjBaFw0yNTEyMjkxNTQxMjBaMDMxMTAvBgNV
BAMTKDlCQkI4N0UwQTg4OTIzNThBNzVFMzE4MUE5NjgzMUUzNjI5MEMxRjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyjU9SWC+mhUR/n2WT63/PpHiY
OaOifGmlgam4fzU9udy2LuiRV3Q210cculV0KAVqctelOJUweWtUYN9YT0LxaEt0
bPLtH8lvNOVnvzey8ogBpT7b1/VmG/pb9Vr6e6wzLpItIyGsld1td9b+uxmyrg8Q
ScyjiuBok+jmNvSMSMzIsLYN6MepaNHuzdB0l1lixZzfWZHxbQ/1k4V5TJf638Td
cFzh71fm9XcqypqD2y5GtgPHo0nqSLdlAPgDqRWzd7i/+XNB3hjbIVF4pi2Kx7ZR
1VzW4UwQsobtHxnrksAwkLWIBqkwLJnTUvLgb9nY9Ch6mQBDUBjwI+yC6YrTAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUm7uH4KiJI1inXjGBqWgx42KQwfcwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMjM0MzEyZTMy
MzMzNjJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMyMzAzMDMwMzYzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEArnx7DANBgkqhkiG9w0BAQsFAAOCAQEAfwtT3rUJvkJgIUBmv3cHEHikPGQO
lzmnsecUUA37aYfUDLiTSgtW3bWqjrx2UL6DW72ftZDERPugJ4ZZdf+fBJAqXZ0X
Lb6mc5xAoXBbfQ3OMRWeVrWSBdgTJUUSXM7NaTYRodLLpIe5+Fg9hJ4rGLscL9Ge
YUVofu8bl2/yuFIPJo7uJuXp68tmuGSkb2EBh32Uz8bvS8vTfpOmTfbkcFRhaFBz
ewJztwvJ1x75IsI3KUS2q62qOSi5IXCtGncQ0K2C3kYUlMPnI73FxF6JCrBT9gHL
/WIDuUiG74O3E27nEEAXK27NK14EWH2uINVBjRbUXxquHa8VmLUHf5KyDg==
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:17:38 2025 by rpki-client