Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234302e3234372e302f32342d3234203d3e20313336373837.roa
File: 3138352e3234302e3234372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: cYtyDOwS5Z/1iDjUZqvmeGFQmAOEX8Ek+IeEOHWAQh8=
Subject key identifier: 4B:D3:3E:A0:A2:B4:17:96:CC:25:1C:CF:76:9B:FF:4A:72:2F:F2:33
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 1D42C16215B5C484538634B3D0A20C282C3D9CAA
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234302e3234372e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 07 Feb 2024 12:33:27 +0000
ROA not before: Wed 07 Feb 2024 12:28:27 +0000
ROA not after: Wed 05 Feb 2025 12:33:27 +0000
asID: 136787
IP address blocks: 185.240.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:42:c1:62:15:b5:c4:84:53:86:34:b3:d0:a2:0c:28:2c:3d:9c:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 7 12:28:27 2024 GMT
Not After : Feb 5 12:33:27 2025 GMT
Subject: CN=4BD33EA0A2B41796CC251CCF769BFF4A722FF233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:6f:9a:e4:64:15:62:15:21:82:8d:f1:ba:63:
95:e3:c8:c9:f3:51:7c:97:47:7f:07:95:b5:43:04:
7a:36:87:eb:62:10:05:a9:be:37:75:6d:72:2e:43:
a6:13:21:43:bd:5d:4b:c0:38:cc:d6:1b:4b:87:17:
8a:5e:a8:61:d3:93:dd:26:85:38:37:ea:ef:16:bd:
c2:f5:27:7c:d6:11:25:f8:23:c0:9b:12:2b:f7:0d:
6d:32:74:1e:cd:1e:d6:98:7b:7e:e1:65:9b:f4:ec:
e6:bf:67:f7:eb:07:0a:aa:ca:88:38:64:7f:8f:40:
65:56:52:7f:17:24:3b:28:74:1d:af:42:4d:f0:e8:
a0:52:f3:0e:c9:cd:fa:56:40:9b:49:fa:ee:0d:5d:
e4:49:ef:ef:de:dc:21:f7:e7:99:4b:9b:a1:f6:2e:
d2:3a:d8:39:44:2e:24:4b:e3:d1:da:22:d6:40:c9:
37:10:6d:ee:ae:97:4d:6f:78:60:04:5a:62:51:43:
c3:43:62:3c:b3:d8:aa:4b:bf:78:e5:14:a2:40:68:
6b:e0:21:83:94:c7:e4:57:63:55:67:81:f3:43:ed:
3d:5f:79:80:83:e9:a4:31:cd:72:bc:6d:11:6e:1f:
13:17:dd:ac:31:7f:18:20:1c:05:db:34:c9:2d:bd:
37:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:D3:3E:A0:A2:B4:17:96:CC:25:1C:CF:76:9B:FF:4A:72:2F:F2:33
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234302e3234372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.247.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:36:aa:ca:43:59:fd:5c:2c:ee:b7:b3:73:6f:ee:c1:5c:ce:
e2:da:58:f8:ab:f7:c1:bb:ea:6f:f5:1c:01:d6:ab:80:b8:d3:
78:a8:c8:45:13:fb:a4:51:ce:11:d6:22:b8:37:da:c6:21:fd:
37:5d:d2:69:f7:bc:5b:00:c7:49:a1:b8:be:36:50:d9:af:ee:
a9:75:80:f1:e1:d6:45:01:fa:78:54:f2:4e:0d:64:73:5c:74:
a8:bb:bc:43:01:ed:52:68:a0:65:df:0a:5d:9e:0a:39:94:b3:
2e:d2:85:8d:49:1d:c7:89:d8:55:b6:3a:fe:4d:cc:18:e9:d2:
a7:97:81:71:8c:3d:a8:18:0a:23:25:25:79:25:04:0b:d9:ca:
e8:28:b1:db:61:c6:c7:ca:6b:c3:fd:c6:47:74:c2:73:03:48:
7e:d9:38:3c:f3:fd:ed:b8:c8:f9:3e:b7:a9:6b:a0:e5:15:51:
71:be:ba:8e:7c:94:4a:46:c9:0d:47:a3:3e:f5:20:57:7d:e9:
ba:62:aa:c4:62:3f:84:21:bc:df:a5:d5:11:d8:6d:e5:0b:e2:
08:fc:72:34:98:34:e7:c8:e6:c2:20:2d:30:4c:bb:e3:e2:e4:
68:7d:21:0e:ef:3c:d4:9e:b4:64:4f:e3:14:76:1d:a2:36:74:
17:aa:5f:35
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUHULBYhW1xIRThjSz0KIMKCw9nKowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMDcxMjI4MjdaFw0yNTAyMDUxMjMzMjdaMDMxMTAvBgNV
BAMTKDRCRDMzRUEwQTJCNDE3OTZDQzI1MUNDRjc2OUJGRjRBNzIyRkYyMzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTb5rkZBViFSGCjfG6Y5XjyMnz
UXyXR38HlbVDBHo2h+tiEAWpvjd1bXIuQ6YTIUO9XUvAOMzWG0uHF4peqGHTk90m
hTg36u8WvcL1J3zWESX4I8CbEiv3DW0ydB7NHtaYe37hZZv07Oa/Z/frBwqqyog4
ZH+PQGVWUn8XJDsodB2vQk3w6KBS8w7JzfpWQJtJ+u4NXeRJ7+/e3CH355lLm6H2
LtI62DlELiRL49HaItZAyTcQbe6ul01veGAEWmJRQ8NDYjyz2KpLv3jlFKJAaGvg
IYOUx+RXY1VngfND7T1feYCD6aQxzXK8bRFuHxMX3awxfxggHAXbNMktvTc3AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUS9M+oKK0F5bMJRzPdpv/SnIv8jMwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzODM1MmUzMjM0MzAyZTMy
MzQzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnw9zANBgkqhkiG9w0BAQsFAAOCAQEAHzaqykNZ/Vws7rezc2/uwVzO4tpY
+Kv3wbvqb/UcAdargLjTeKjIRRP7pFHOEdYiuDfaxiH9N13Safe8WwDHSaG4vjZQ
2a/uqXWA8eHWRQH6eFTyTg1kc1x0qLu8QwHtUmigZd8KXZ4KOZSzLtKFjUkdx4nY
VbY6/k3MGOnSp5eBcYw9qBgKIyUleSUEC9nK6Cix22HGx8prw/3GR3TCcwNIftk4
PPP97bjI+T63qWug5RVRcb66jnyUSkbJDUejPvUgV33pumKqxGI/hCG836XVEdht
5QviCPxyNJg058jmwiAtMEy74+LkaH0hDu881J60ZE/jFHYdojZ0F6pfNQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org