Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234302e3234362e302f32342d3234203d3e20313336373837.roa
File: 3138352e3234302e3234362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: Xej4aISK5/J/V7/BwgxGhyf7FaCStl+msSxVsbB1Hrk=
Subject key identifier: BF:95:24:C3:39:B4:09:ED:56:E1:B1:C0:D6:19:4E:EC:F7:38:6F:B1
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 687D5351CF60E88B39EC3CD54C1067163C57CEC6
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234302e3234362e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 07 Feb 2024 12:33:25 +0000
ROA not before: Wed 07 Feb 2024 12:28:25 +0000
ROA not after: Wed 05 Feb 2025 12:33:25 +0000
asID: 136787
IP address blocks: 185.240.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:7d:53:51:cf:60:e8:8b:39:ec:3c:d5:4c:10:67:16:3c:57:ce:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 7 12:28:25 2024 GMT
Not After : Feb 5 12:33:25 2025 GMT
Subject: CN=BF9524C339B409ED56E1B1C0D6194EECF7386FB1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:d5:34:e7:fc:95:5b:62:0d:0b:ef:37:d4:bb:
3e:6c:7f:ef:5c:ec:a2:56:2d:12:8b:03:db:bb:e1:
da:34:8f:8e:e5:f8:01:59:a3:e7:e1:85:9b:6a:94:
36:6b:6a:b1:e9:26:18:fd:58:15:11:c8:0a:37:24:
34:93:96:11:1c:f8:3c:b7:8a:8e:63:9a:4f:70:6e:
7c:b0:74:4b:5d:98:76:84:89:23:b8:9a:18:46:cf:
51:8a:5a:30:f5:99:3d:fd:a5:79:71:14:6a:35:8d:
76:93:a1:09:32:8b:e2:b8:09:e6:42:4f:8e:d7:bd:
2c:c4:bf:21:5f:fb:a0:09:6c:6a:27:52:0b:5d:3f:
50:40:3b:2e:41:fa:34:7f:18:12:15:66:d9:26:3a:
66:4c:f8:a5:14:6e:9c:75:1e:70:5f:c1:36:e1:b7:
fe:73:6b:98:67:92:09:f1:96:9d:bd:ff:b8:bb:cb:
2a:79:e8:2e:ce:4e:ce:9f:0a:b8:16:68:2c:d7:be:
36:71:7b:66:6f:2f:06:c3:3d:ce:09:29:8a:28:26:
98:39:91:26:9b:78:18:bc:59:38:71:6f:c5:51:41:
0a:51:88:7f:63:40:1f:f8:4a:51:8e:2b:0a:af:90:
81:04:90:24:25:66:bd:42:b7:c2:a6:e3:b7:a1:17:
18:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:95:24:C3:39:B4:09:ED:56:E1:B1:C0:D6:19:4E:EC:F7:38:6F:B1
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234302e3234362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.246.0/24
Signature Algorithm: sha256WithRSAEncryption
82:14:14:5d:55:6e:66:f7:4f:0a:f8:98:f1:86:ea:f6:cb:c6:
f3:c1:f4:62:01:78:d1:34:da:30:ac:f7:7b:cd:36:3d:5f:60:
48:83:f1:8b:56:56:d4:75:1d:3b:b5:b3:39:d4:c9:4a:be:d5:
69:9c:74:05:3e:80:14:59:ad:7e:1e:66:b5:b3:9f:21:ee:e4:
a5:b2:8f:1a:f7:ee:28:e5:43:2f:c6:34:c8:ee:22:81:da:3e:
03:4c:ea:30:04:d5:ff:e6:d0:61:bc:c3:03:23:80:94:de:7f:
1b:b2:25:11:8f:3d:fb:6d:53:2a:36:c0:29:8c:3e:68:d4:cc:
56:91:06:03:c2:d5:76:f6:46:0b:99:be:e1:96:28:48:35:f4:
c9:d5:0c:1c:b1:48:5c:27:a4:c1:5c:61:93:78:b8:9d:4a:0e:
6e:08:10:b1:6f:82:ff:1e:00:76:5b:ea:75:f5:90:f7:b5:4b:
93:43:14:6f:77:50:9f:b1:26:ce:35:26:56:8b:7f:9d:bf:7e:
b9:a6:51:7f:9d:48:0f:7b:c3:5e:bb:8f:dc:f3:0b:a5:56:61:
6c:d2:dd:f9:e3:39:99:1f:a1:b8:c3:ae:21:49:bb:8b:8e:6c:
89:bf:2b:e5:09:5e:75:8b:7f:91:ef:72:53:4e:b1:58:d8:ed:
26:eb:22:b1
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUaH1TUc9g6Is57DzVTBBnFjxXzsYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMDcxMjI4MjVaFw0yNTAyMDUxMjMzMjVaMDMxMTAvBgNV
BAMTKEJGOTUyNEMzMzlCNDA5RUQ1NkUxQjFDMEQ2MTk0RUVDRjczODZGQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDt1TTn/JVbYg0L7zfUuz5sf+9c
7KJWLRKLA9u74do0j47l+AFZo+fhhZtqlDZrarHpJhj9WBURyAo3JDSTlhEc+Dy3
io5jmk9wbnywdEtdmHaEiSO4mhhGz1GKWjD1mT39pXlxFGo1jXaToQkyi+K4CeZC
T47XvSzEvyFf+6AJbGonUgtdP1BAOy5B+jR/GBIVZtkmOmZM+KUUbpx1HnBfwTbh
t/5za5hnkgnxlp29/7i7yyp56C7OTs6fCrgWaCzXvjZxe2ZvLwbDPc4JKYooJpg5
kSabeBi8WThxb8VRQQpRiH9jQB/4SlGOKwqvkIEEkCQlZr1Ct8Km47ehFxgXAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUv5Ukwzm0Ce1W4bHA1hlO7Pc4b7EwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzODM1MmUzMjM0MzAyZTMy
MzQzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnw9jANBgkqhkiG9w0BAQsFAAOCAQEAghQUXVVuZvdPCviY8Ybq9svG88H0
YgF40TTaMKz3e802PV9gSIPxi1ZW1HUdO7WzOdTJSr7VaZx0BT6AFFmtfh5mtbOf
Ie7kpbKPGvfuKOVDL8Y0yO4igdo+A0zqMATV/+bQYbzDAyOAlN5/G7IlEY89+21T
KjbAKYw+aNTMVpEGA8LVdvZGC5m+4ZYoSDX0ydUMHLFIXCekwVxhk3i4nUoObggQ
sW+C/x4AdlvqdfWQ97VLk0MUb3dQn7EmzjUmVot/nb9+uaZRf51ID3vDXruP3PML
pVZhbNLd+eM5mR+huMOuIUm7i45sib8r5QledYt/ke9yU06xWNjtJusisQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:14:44 2024 by rpki-client on console-ams.rpki-client.org