Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130372e302f32342d3234203d3e20323036323836.roa
File: 3138352e3234302e3130372e302f32342d3234203d3e20323036323836.roa (raw, json)
Hash identifier: uGwx7QYEVtWq3r41S0xDstrUOU9fM4LmhcP60xb6Uzo=
Subject key identifier: 86:F9:5D:35:7C:E2:36:28:F4:0C:FA:68:16:B9:67:73:29:A0:8E:61
Certificate issuer: /CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Certificate serial: 3545D04540253095FA230FAAED08478473CB7232
Authority key identifier: 8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130372e302f32342d3234203d3e20323036323836.roa
Signing time: Mon 09 Dec 2024 22:03:46 +0000
ROA not before: Mon 09 Dec 2024 21:58:46 +0000
ROA not after: Mon 08 Dec 2025 22:03:46 +0000
asID: 206286
IP address blocks: 185.240.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.mft
rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:45:d0:45:40:25:30:95:fa:23:0f:aa:ed:08:47:84:73:cb:72:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Validity
Not Before: Dec 9 21:58:46 2024 GMT
Not After : Dec 8 22:03:46 2025 GMT
Subject: CN=86F95D357CE23628F40CFA6816B9677329A08E61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fe:7b:1d:7c:5b:d3:a7:89:2e:9e:ad:8a:b3:
96:16:4c:83:1b:da:eb:6b:a4:85:76:c5:34:5c:80:
5f:87:41:79:aa:8a:c6:ea:d6:d6:7a:83:ac:79:9b:
03:92:d0:95:47:f4:f2:a0:42:55:89:b6:22:a9:e8:
bd:2f:38:e0:38:6a:8e:bc:47:9c:6b:f0:67:8c:fc:
4d:ec:dd:b4:47:43:e3:05:88:c9:d6:f5:43:26:19:
bc:96:43:4b:e8:41:f5:6d:cc:29:f8:68:7d:a1:86:
7a:4f:74:62:d5:df:ad:90:fc:81:36:19:24:90:37:
bd:0d:bf:27:e1:92:34:3a:4f:ff:4b:45:77:d2:5c:
66:a3:e7:cb:07:f6:e7:46:ca:a2:15:7c:0d:19:c1:
a3:81:1f:a3:64:d1:a1:b5:57:57:b9:0a:90:ff:39:
8d:5e:86:8f:b0:b9:96:87:6c:37:61:60:a3:fe:99:
fb:4e:3c:fb:07:48:6d:f3:19:91:ee:ad:e8:bc:65:
e5:56:22:a2:e8:03:ce:a6:0b:f1:de:94:49:c5:04:
ba:dd:cd:49:a5:78:07:cf:60:45:21:61:f1:fd:97:
32:90:06:f1:f0:67:da:84:a4:e8:ae:26:79:a6:d3:
da:85:ad:88:15:67:51:e3:ee:03:ed:ee:c4:b2:f8:
08:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:F9:5D:35:7C:E2:36:28:F4:0C:FA:68:16:B9:67:73:29:A0:8E:61
X509v3 Authority Key Identifier:
keyid:8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130372e302f32342d3234203d3e20323036323836.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.107.0/24
Signature Algorithm: sha256WithRSAEncryption
82:83:1f:d4:24:11:b6:a1:43:4a:61:99:fa:f8:63:8a:b6:4b:
3a:6f:5d:32:62:b1:ca:9d:74:1d:95:fc:ff:42:90:7e:24:b5:
6c:67:4c:13:d7:82:61:bc:85:d8:1d:10:01:f5:c3:86:41:e0:
5d:65:0d:74:f8:0d:8f:c3:1d:18:da:f1:29:50:07:9a:77:7c:
e3:c5:2e:6a:1f:ff:90:a6:67:b9:a1:0c:b0:74:8c:f6:9c:1f:
d1:97:c5:66:f2:93:d3:32:79:88:10:cb:d5:69:87:32:b4:15:
5c:01:90:61:79:31:81:ee:44:96:f0:5a:0b:18:68:e8:de:6e:
20:31:a3:e7:f2:95:26:69:29:b4:f0:d8:c0:c6:4e:37:73:52:
51:85:23:7a:01:1b:22:08:ce:bd:bf:df:4d:78:d0:06:0b:fd:
f1:e1:39:e3:eb:64:dc:d7:b0:df:2f:66:c6:33:9c:a9:73:60:
e5:f2:ac:63:a1:05:57:6a:c5:ef:65:d4:dc:a7:bf:cd:1b:73:
f3:4e:b3:f8:16:f0:6f:9b:67:4c:ce:c7:32:ab:42:62:51:52:
0f:75:78:d1:fe:61:5f:2c:13:cb:08:96:3b:57:ce:65:2a:19:
39:b4:a7:6e:58:57:c9:ab:5e:6e:6a:66:c4:a3:f3:31:04:d1:
45:f9:8e:85
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUNUXQRUAlMJX6Iw+q7QhHhHPLcjIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGMxMmI0MjczODMyYjQxNTZmZTAwOTJmNmFlN2U1YjNj
ZTIzYWQ4YjAeFw0yNDEyMDkyMTU4NDZaFw0yNTEyMDgyMjAzNDZaMDMxMTAvBgNV
BAMTKDg2Rjk1RDM1N0NFMjM2MjhGNDBDRkE2ODE2Qjk2NzczMjlBMDhFNjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI/nsdfFvTp4kunq2Ks5YWTIMb
2utrpIV2xTRcgF+HQXmqisbq1tZ6g6x5mwOS0JVH9PKgQlWJtiKp6L0vOOA4ao68
R5xr8GeM/E3s3bRHQ+MFiMnW9UMmGbyWQ0voQfVtzCn4aH2hhnpPdGLV362Q/IE2
GSSQN70NvyfhkjQ6T/9LRXfSXGaj58sH9udGyqIVfA0ZwaOBH6Nk0aG1V1e5CpD/
OY1eho+wuZaHbDdhYKP+mftOPPsHSG3zGZHurei8ZeVWIqLoA86mC/HelEnFBLrd
zUmleAfPYEUhYfH9lzKQBvHwZ9qEpOiuJnmm09qFrYgVZ1Hj7gPt7sSy+Ai3AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUhvldNXziNij0DPpoFrlncymgjmEwHwYDVR0j
BBgwFoAUjBK0JzgytBVv4Akvaufls84jrYswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGJmZDY4ODItZDZiMy00YWE4LWJjMGEtNzExZDY4YmQx
OThiLzAvOEMxMkI0MjczODMyQjQxNTZGRTAwOTJGNkFFN0U1QjNDRTIzQUQ4Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2pCSzBKemd5dEJWdjRBa3ZhdWZsczg0
anJZcy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGJmZDY4ODIt
ZDZiMy00YWE4LWJjMGEtNzExZDY4YmQxOThiLzAvMzEzODM1MmUzMjM0MzAyZTMx
MzAzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNjMyMzgzNi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnwazANBgkqhkiG9w0BAQsFAAOCAQEAgoMf1CQRtqFDSmGZ+vhjirZLOm9d
MmKxyp10HZX8/0KQfiS1bGdME9eCYbyF2B0QAfXDhkHgXWUNdPgNj8MdGNrxKVAH
mnd848Uuah//kKZnuaEMsHSM9pwf0ZfFZvKT0zJ5iBDL1WmHMrQVXAGQYXkxge5E
lvBaCxho6N5uIDGj5/KVJmkptPDYwMZON3NSUYUjegEbIgjOvb/fTXjQBgv98eE5
4+tk3New3y9mxjOcqXNg5fKsY6EFV2rF72XU3Ke/zRtz806z+Bbwb5tnTM7HMqtC
YlFSD3V40f5hXywTywiWO1fOZSoZObSnblhXyatebmpmxKPzMQTRRfmOhQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:45:48 2025 by rpki-client