Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234302e3234342e302f32342d3234203d3e20313336373837.roa
File: 3138352e3234302e3234342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: gvEY9BWNoX/LG4L8b7XI5ZYcxHtZcUdGGpQWdjI0THc=
Subject key identifier: F7:5E:65:A6:86:33:D9:55:F3:D0:C7:8B:3B:49:BA:33:61:0E:25:97
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 77E7B38E187D2057DF8D6C766A26F1FCBF6F551A
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234302e3234342e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 07 Feb 2024 12:33:23 +0000
ROA not before: Wed 07 Feb 2024 12:28:23 +0000
ROA not after: Wed 05 Feb 2025 12:33:23 +0000
asID: 136787
IP address blocks: 185.240.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:e7:b3:8e:18:7d:20:57:df:8d:6c:76:6a:26:f1:fc:bf:6f:55:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 7 12:28:23 2024 GMT
Not After : Feb 5 12:33:23 2025 GMT
Subject: CN=F75E65A68633D955F3D0C78B3B49BA33610E2597
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a0:21:22:50:6a:39:62:e6:f4:0c:db:e6:a3:
64:d1:ca:69:28:1d:56:f7:1d:f2:47:b7:90:68:54:
0d:df:66:56:cb:88:ea:5b:54:70:2f:28:a7:e8:59:
f4:ed:3b:92:41:a7:e7:af:0d:7d:2b:fe:ae:61:3c:
bf:da:ea:8d:ac:a3:47:42:88:ee:a6:f6:61:49:30:
eb:4f:a3:1d:d7:88:e0:b6:fe:93:37:8c:6a:5d:a6:
93:75:b6:96:86:42:4c:80:e4:1e:60:29:a9:9a:3d:
31:76:44:aa:b6:68:59:b8:67:df:f3:0a:c9:81:2a:
d9:bd:aa:f8:89:2e:dc:9f:61:19:7c:5d:71:dd:11:
13:c2:48:14:4f:48:06:12:9f:76:a6:6c:2d:14:30:
64:05:d9:03:67:35:0a:64:4a:a8:a3:dc:a6:d6:93:
62:e5:43:25:c0:24:44:40:e6:a5:37:3f:27:76:cd:
5c:7b:0f:fe:f3:cf:dc:e7:63:fe:d4:34:03:cd:ce:
c8:78:eb:66:3f:7a:f8:f3:3d:ad:04:a7:70:76:4b:
4e:67:8e:4d:d9:6b:4a:31:f9:af:dc:e9:8f:f3:89:
1c:68:4e:c1:f7:1d:b8:3c:8c:d6:58:29:3d:80:04:
c3:97:0c:ec:50:0e:0a:b7:8c:12:22:33:db:39:46:
fe:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:5E:65:A6:86:33:D9:55:F3:D0:C7:8B:3B:49:BA:33:61:0E:25:97
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234302e3234342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.244.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:f4:38:61:c6:1c:27:f5:b6:32:53:ed:45:7b:09:bf:c9:5a:
26:db:86:8b:43:53:cf:a8:c9:a4:78:6d:45:5b:8e:aa:86:90:
f0:93:05:04:80:d5:b1:fb:ae:a3:8c:b6:d7:6b:11:f1:29:8b:
22:ca:54:be:d9:24:6d:4f:b4:82:6c:83:23:3a:ab:6a:20:21:
b9:ac:2b:95:95:1f:02:41:8d:3e:94:4e:4e:d4:71:39:ab:aa:
63:a9:1c:9b:56:80:cd:6b:cd:0f:48:4a:77:47:e6:f5:c8:97:
9a:40:03:c6:4f:9b:e0:76:eb:8c:51:74:41:8d:ba:ee:31:9f:
3a:98:b3:aa:f1:68:d1:11:d3:24:0b:23:fc:2c:27:8f:52:f3:
a1:5b:45:77:77:ef:1b:cd:ef:30:09:0f:42:66:c6:5c:e4:51:
c7:49:23:96:b0:e6:b3:33:17:6e:44:a6:41:c6:97:c0:7e:eb:
9c:da:7b:3e:87:83:d5:0a:05:bb:6c:e2:2a:d9:f0:6c:aa:aa:
6b:92:60:c6:cb:eb:14:a1:5a:14:69:ae:9d:73:34:e3:ee:5c:
f9:74:22:1e:97:41:d8:b5:10:30:ee:98:2f:bf:fc:9c:34:6d:
92:a6:89:45:d2:2c:98:22:7a:df:e6:13:b7:2b:31:05:98:9b:
86:e4:14:33
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUd+ezjhh9IFffjWx2aibx/L9vVRowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMDcxMjI4MjNaFw0yNTAyMDUxMjMzMjNaMDMxMTAvBgNV
BAMTKEY3NUU2NUE2ODYzM0Q5NTVGM0QwQzc4QjNCNDlCQTMzNjEwRTI1OTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYoCEiUGo5Yub0DNvmo2TRymko
HVb3HfJHt5BoVA3fZlbLiOpbVHAvKKfoWfTtO5JBp+evDX0r/q5hPL/a6o2so0dC
iO6m9mFJMOtPox3XiOC2/pM3jGpdppN1tpaGQkyA5B5gKamaPTF2RKq2aFm4Z9/z
CsmBKtm9qviJLtyfYRl8XXHdERPCSBRPSAYSn3ambC0UMGQF2QNnNQpkSqij3KbW
k2LlQyXAJERA5qU3Pyd2zVx7D/7zz9znY/7UNAPNzsh462Y/evjzPa0Ep3B2S05n
jk3Za0ox+a/c6Y/ziRxoTsH3Hbg8jNZYKT2ABMOXDOxQDgq3jBIiM9s5Rv5XAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU915lpoYz2VXz0MeLO0m6M2EOJZcwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzODM1MmUzMjM0MzAyZTMy
MzQzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnw9DANBgkqhkiG9w0BAQsFAAOCAQEAT/Q4YcYcJ/W2MlPtRXsJv8laJtuG
i0NTz6jJpHhtRVuOqoaQ8JMFBIDVsfuuo4y212sR8SmLIspUvtkkbU+0gmyDIzqr
aiAhuawrlZUfAkGNPpROTtRxOauqY6kcm1aAzWvND0hKd0fm9ciXmkADxk+b4Hbr
jFF0QY267jGfOpizqvFo0RHTJAsj/Cwnj1LzoVtFd3fvG83vMAkPQmbGXORRx0kj
lrDmszMXbkSmQcaXwH7rnNp7PoeD1QoFu2ziKtnwbKqqa5JgxsvrFKFaFGmunXM0
4+5c+XQiHpdB2LUQMO6YL7/8nDRtkqaJRdIsmCJ63+YTtysxBZibhuQUMw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:44 2024 by rpki-client on console-ams.rpki-client.org