Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/3138352e3234322e3138322e302f32342d3234203d3e203431373230.roa
File: 3138352e3234322e3138322e302f32342d3234203d3e203431373230.roa (raw, json)
Hash identifier: bYPPd9HcHavTcfcGpM+ulmmDEDFMIVr0C3fR7prPNz4=
Subject key identifier: 48:34:C5:F9:36:DD:86:E0:B3:8A:F3:ED:5F:90:9E:90:38:9D:8F:73
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 0B699CB144A8F0559446086AEAF01E76E73D7053
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/3138352e3234322e3138322e302f32342d3234203d3e203431373230.roa
Signing time: Sun 08 Dec 2024 11:12:44 +0000
ROA not before: Sun 08 Dec 2024 11:07:44 +0000
ROA not after: Sun 07 Dec 2025 11:12:44 +0000
asID: 41720
IP address blocks: 185.242.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Dec 2024 16:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:69:9c:b1:44:a8:f0:55:94:46:08:6a:ea:f0:1e:76:e7:3d:70:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: Dec 8 11:07:44 2024 GMT
Not After : Dec 7 11:12:44 2025 GMT
Subject: CN=4834C5F936DD86E0B38AF3ED5F909E90389D8F73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b4:9e:9a:2c:ed:f5:29:3e:81:63:6a:ab:23:
2b:65:22:69:80:15:c6:f1:28:56:ba:4f:b5:4b:93:
3b:a7:4c:1a:be:0e:76:fd:ad:b3:51:95:d9:48:0d:
6e:c4:c6:6e:99:d2:3c:db:46:2e:35:7d:d4:e4:db:
2f:9c:19:0a:7d:9f:b9:d9:68:36:5b:66:8a:89:f4:
d9:b6:66:8f:e3:9f:a0:64:30:f9:fa:a5:1b:01:b5:
61:22:e1:8b:30:fa:40:cc:68:2f:0f:56:77:37:8c:
fd:3a:31:ad:93:3f:f4:b9:c6:c4:4a:d6:cd:ff:5b:
41:0e:24:88:a4:08:ab:37:c8:bb:b0:d5:bd:61:4b:
62:46:46:5d:62:21:ed:13:32:35:9f:2e:e8:83:5b:
54:a9:6c:42:5c:e6:6f:e8:6b:f0:d1:d1:81:04:64:
8a:69:32:e3:92:3b:27:2f:e0:b8:e5:a8:c8:a7:61:
af:bf:d6:6f:f3:68:da:95:9f:17:da:5a:03:a0:19:
e1:0d:79:94:b2:69:e9:bd:da:40:e9:ee:3b:58:22:
59:55:29:7c:10:fa:40:82:f5:88:97:04:ef:2d:58:
49:07:f3:35:a2:d8:d0:3a:43:2c:30:f6:ea:36:eb:
81:48:5f:8e:35:7f:84:4f:19:fb:9b:2e:34:18:d9:
32:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:34:C5:F9:36:DD:86:E0:B3:8A:F3:ED:5F:90:9E:90:38:9D:8F:73
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/3138352e3234322e3138322e302f32342d3234203d3e203431373230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.182.0/24
Signature Algorithm: sha256WithRSAEncryption
88:8f:06:64:39:41:f1:77:c0:e7:d9:d8:01:c0:58:e2:ca:71:
fe:6f:fd:4a:d1:ac:60:98:72:a0:be:b4:3c:31:75:80:57:c7:
85:a1:1e:d1:78:e0:96:83:e4:e0:ef:41:ef:c1:83:4a:a3:ab:
24:ae:a2:83:92:b0:95:bb:61:8c:ff:a3:3e:e2:d1:b5:03:42:
ad:2a:3a:54:79:74:d3:c6:49:24:3e:e3:72:38:99:87:1f:ac:
dd:18:a8:55:4e:b6:74:77:16:44:a8:2c:d9:2f:5c:60:e2:50:
b9:e5:25:22:a8:36:13:20:78:9a:c4:07:19:af:9d:c9:04:c0:
90:10:a7:e7:4a:ad:6b:c2:36:22:8b:31:6c:01:2c:c0:ca:85:
0a:12:69:24:c4:97:c7:2a:fe:c4:8a:d6:1c:91:f6:48:93:fa:
18:af:cf:1e:b4:d9:8b:6e:c3:be:77:85:d5:71:4c:fb:ce:22:
5c:dd:90:fb:ae:84:9e:2c:b2:07:f7:50:3e:f6:67:aa:5e:e6:
2f:8c:4c:ba:8d:bd:20:45:9e:c7:34:b3:9b:64:de:ac:4b:78:
1d:06:67:36:6a:f7:8d:86:f2:f9:05:ec:87:a1:ac:84:7f:40:
36:56:25:df:27:2d:83:83:37:a8:41:00:f0:9f:4f:87:c3:ef:
72:89:15:e9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUC2mcsUSo8FWURghq6vAeduc9cFMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNDEyMDgxMTA3NDRaFw0yNTEyMDcxMTEyNDRaMDMxMTAvBgNV
BAMTKDQ4MzRDNUY5MzZERDg2RTBCMzhBRjNFRDVGOTA5RTkwMzg5RDhGNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqtJ6aLO31KT6BY2qrIytlImmA
FcbxKFa6T7VLkzunTBq+Dnb9rbNRldlIDW7Exm6Z0jzbRi41fdTk2y+cGQp9n7nZ
aDZbZoqJ9Nm2Zo/jn6BkMPn6pRsBtWEi4Ysw+kDMaC8PVnc3jP06Ma2TP/S5xsRK
1s3/W0EOJIikCKs3yLuw1b1hS2JGRl1iIe0TMjWfLuiDW1SpbEJc5m/oa/DR0YEE
ZIppMuOSOycv4LjlqMinYa+/1m/zaNqVnxfaWgOgGeENeZSyaem92kDp7jtYIllV
KXwQ+kCC9YiXBO8tWEkH8zWi2NA6Qyww9uo264FIX441f4RPGfubLjQY2TJ7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUSDTF+TbdhuCzivPtX5CekDidj3MwHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzEzODM1MmUzMjM0MzIyZTMx
MzgzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzEzNzMyMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC58rYwDQYJKoZIhvcNAQELBQADggEBAIiPBmQ5QfF3wOfZ2AHAWOLKcf5v/UrR
rGCYcqC+tDwxdYBXx4WhHtF44JaD5ODvQe/Bg0qjqySuooOSsJW7YYz/oz7i0bUD
Qq0qOlR5dNPGSSQ+43I4mYcfrN0YqFVOtnR3FkSoLNkvXGDiULnlJSKoNhMgeJrE
BxmvnckEwJAQp+dKrWvCNiKLMWwBLMDKhQoSaSTEl8cq/sSK1hyR9kiT+hivzx60
2Ytuw753hdVxTPvOIlzdkPuuhJ4ssgf3UD72Z6pe5i+MTLqNvSBFnsc0s5tk3qxL
eB0GZzZq942G8vkF7IehrIR/QDZWJd8nLYODN6hBAPCfT4fD73KJFek=
-----END CERTIFICATE-----
Generated at Thu Dec 26 00:27:59 2024 by rpki-client on console-ams.rpki-client.org