Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/3138352e3234322e3138322e302f32342d3234203d3e20323035323139.roa
File: 3138352e3234322e3138322e302f32342d3234203d3e20323035323139.roa (raw, json)
Hash identifier: AhCF4sqO4Q0Rso5PdcIaUsrbWs9QVBfzYdCmt5CoiRg=
Subject key identifier: DF:6E:73:5D:C1:F2:21:D2:AE:6D:FC:53:05:6E:ED:17:0A:B0:2A:4E
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 1FD9EF51B4A5F29A311C0CC79514CA4B13A573AE
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/3138352e3234322e3138322e302f32342d3234203d3e20323035323139.roa
Signing time: Thu 22 Aug 2024 15:50:09 +0000
ROA not before: Thu 22 Aug 2024 15:45:09 +0000
ROA not after: Thu 21 Aug 2025 15:50:09 +0000
asID: 205219
IP address blocks: 185.242.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Nov 2024 15:27:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:d9:ef:51:b4:a5:f2:9a:31:1c:0c:c7:95:14:ca:4b:13:a5:73:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: Aug 22 15:45:09 2024 GMT
Not After : Aug 21 15:50:09 2025 GMT
Subject: CN=DF6E735DC1F221D2AE6DFC53056EED170AB02A4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2b:b0:d2:dc:4b:1c:67:93:bd:bb:05:09:34:
58:1a:c1:b8:84:55:97:97:41:fe:b9:6d:c7:df:63:
0e:4d:7c:4d:b8:2b:51:3b:08:42:3f:3e:5f:b9:0d:
24:aa:49:b4:ee:85:90:d6:32:82:c1:d8:91:48:aa:
52:3a:fa:54:5c:20:09:30:0d:1d:c3:1a:54:07:05:
d8:06:94:85:c1:d0:d5:b7:88:7f:e2:c7:49:df:11:
9e:eb:46:bd:e0:2b:13:f8:6b:03:9b:9a:c6:1f:b7:
dd:bc:e1:58:74:3f:1c:55:93:b0:77:75:cb:3c:d8:
4e:cf:51:37:d5:08:7b:8d:22:20:e4:95:25:ec:e1:
b8:05:6a:69:19:7e:42:d1:dc:75:80:40:d7:dc:8c:
b4:fe:b8:c3:62:34:2f:42:bb:02:99:d8:1c:83:55:
c1:b7:f7:4d:b0:61:f1:da:81:5d:4a:c8:5d:f6:37:
7b:4c:af:0d:67:21:83:ac:5c:d4:25:16:c3:88:b5:
a9:b0:0c:dd:cc:b7:ee:ee:2c:02:8d:c5:a8:d1:32:
92:19:4c:a1:96:c5:3b:7e:ab:ca:47:ce:a2:2b:ee:
72:31:ee:c3:ca:7e:a0:3f:2f:97:b6:88:8d:60:10:
cc:b3:be:13:d3:b6:6d:e2:f1:41:0f:58:86:92:34:
d6:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:6E:73:5D:C1:F2:21:D2:AE:6D:FC:53:05:6E:ED:17:0A:B0:2A:4E
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/3138352e3234322e3138322e302f32342d3234203d3e20323035323139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.182.0/24
Signature Algorithm: sha256WithRSAEncryption
94:4f:d6:7d:71:7b:e6:a2:7a:6a:0c:7a:19:cb:40:eb:33:86:
d5:0b:c7:8a:bd:d5:24:2d:8c:a8:ca:68:e3:ad:53:6c:1f:1d:
3d:b4:1b:46:11:fb:a1:16:29:d8:e8:d0:ac:e4:eb:b2:c6:1f:
23:e1:00:cc:bd:e8:c3:cd:6c:92:82:b3:dd:df:b4:13:50:9c:
f5:61:08:97:60:38:d8:4d:67:91:c4:9f:16:8c:ea:8f:cb:9b:
23:52:a4:25:52:00:ea:3e:22:a3:1e:b0:00:7f:25:b4:2a:36:
16:fb:35:fe:e3:c2:83:58:41:5e:74:af:97:97:5a:79:b6:b9:
78:ca:68:18:d8:c9:a2:ca:34:9c:9d:d6:a2:df:5c:93:e4:04:
73:65:f3:89:f6:10:45:9d:7b:83:a0:86:1f:39:a2:36:38:81:
fe:98:c9:70:ae:cb:9f:1d:e7:c8:94:e4:a1:69:04:b4:e8:c9:
cd:24:5b:fa:c6:34:d9:f5:40:b8:d0:13:66:f9:36:a2:23:a3:
be:ff:62:59:e8:a6:26:a5:80:91:6d:ec:ed:dd:13:a6:55:d1:
49:13:54:8b:85:31:b2:f3:37:ac:75:f5:af:e8:9e:d7:b8:57:
14:81:45:c2:24:61:f5:fb:52:b6:2f:51:1e:c1:ae:da:e6:c3:
10:80:3c:df
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUH9nvUbSl8poxHAzHlRTKSxOlc64wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNDA4MjIxNTQ1MDlaFw0yNTA4MjExNTUwMDlaMDMxMTAvBgNV
BAMTKERGNkU3MzVEQzFGMjIxRDJBRTZERkM1MzA1NkVFRDE3MEFCMDJBNEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCLK7DS3EscZ5O9uwUJNFgawbiE
VZeXQf65bcffYw5NfE24K1E7CEI/Pl+5DSSqSbTuhZDWMoLB2JFIqlI6+lRcIAkw
DR3DGlQHBdgGlIXB0NW3iH/ix0nfEZ7rRr3gKxP4awObmsYft9284Vh0PxxVk7B3
dcs82E7PUTfVCHuNIiDklSXs4bgFamkZfkLR3HWAQNfcjLT+uMNiNC9CuwKZ2ByD
VcG3902wYfHagV1KyF32N3tMrw1nIYOsXNQlFsOItamwDN3Mt+7uLAKNxajRMpIZ
TKGWxTt+q8pHzqIr7nIx7sPKfqA/L5e2iI1gEMyzvhPTtm3i8UEPWIaSNNZ3AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU325zXcHyIdKubfxTBW7tFwqwKk4wHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzEzODM1MmUzMjM0MzIyZTMx
MzgzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNTMyMzEzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnytjANBgkqhkiG9w0BAQsFAAOCAQEAlE/WfXF75qJ6agx6GctA6zOG1QvH
ir3VJC2MqMpo461TbB8dPbQbRhH7oRYp2OjQrOTrssYfI+EAzL3ow81skoKz3d+0
E1Cc9WEIl2A42E1nkcSfFozqj8ubI1KkJVIA6j4iox6wAH8ltCo2Fvs1/uPCg1hB
XnSvl5daeba5eMpoGNjJoso0nJ3Wot9ck+QEc2XzifYQRZ17g6CGHzmiNjiB/pjJ
cK7Lnx3nyJTkoWkEtOjJzSRb+sY02fVAuNATZvk2oiOjvv9iWeimJqWAkW3s7d0T
plXRSRNUi4UxsvM3rHX1r+ie17hXFIFFwiRh9ftSti9RHsGu2ubDEIA83w==
-----END CERTIFICATE-----
Generated at Thu Nov 21 00:11:00 2024 by rpki-client on console-ams.rpki-client.org