Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234332e31322e302f32342d3234203d3e20323036323833.roa
File: 3138352e3234332e31322e302f32342d3234203d3e20323036323833.roa (raw, json)
Hash identifier: 1S12gSPOiTW6tod4MWgMjb3TXRyB+kTLDgt75jFSeuw=
Subject key identifier: CE:E5:67:7E:00:F0:3E:12:F9:ED:22:56:0A:2F:E1:71:6B:FE:87:A4
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 37BA722744583B28E3C0369A167A4E37E50B993F
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234332e31322e302f32342d3234203d3e20323036323833.roa
Signing time: Tue 02 Apr 2024 09:29:04 +0000
ROA not before: Tue 02 Apr 2024 09:24:04 +0000
ROA not after: Tue 01 Apr 2025 09:29:04 +0000
asID: 206283
IP address blocks: 185.243.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 07:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:ba:72:27:44:58:3b:28:e3:c0:36:9a:16:7a:4e:37:e5:0b:99:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 2 09:24:04 2024 GMT
Not After : Apr 1 09:29:04 2025 GMT
Subject: CN=CEE5677E00F03E12F9ED22560A2FE1716BFE87A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:42:03:f4:14:30:22:12:7f:17:23:25:23:69:
85:78:6a:16:77:06:7f:b1:13:f8:99:2a:70:92:f6:
80:70:35:ad:e3:ec:30:fa:5d:d3:e9:a0:83:43:5b:
10:c0:8a:68:df:8c:9d:81:2e:6f:5a:9d:49:e4:d6:
aa:81:a5:b5:f6:f1:47:58:c3:3d:c4:08:bc:5e:14:
80:83:62:a1:9e:8c:72:bf:0b:26:57:ca:a9:e4:1b:
50:16:88:65:09:97:5b:17:29:c9:2d:62:2e:0b:d8:
35:96:75:e4:4a:7f:ef:d1:d8:31:84:09:79:45:c5:
5d:11:a7:27:b6:5b:23:64:da:0b:50:4f:51:10:4f:
21:54:13:f7:01:b9:dd:bf:b5:e7:8f:62:cd:a4:5f:
cc:62:cb:0e:a7:c7:1f:71:5b:27:d1:b3:53:7c:2d:
cf:d0:98:53:62:cd:da:1e:5e:32:df:06:f2:11:13:
0f:c8:3d:80:42:15:34:14:52:86:3c:e5:cb:57:b0:
aa:0f:4f:1a:cb:dc:65:bb:2f:07:c2:05:7f:9b:a4:
b7:47:99:d3:18:2f:a3:c0:8a:36:5d:6a:75:ac:5d:
d0:dd:40:3a:35:55:ad:57:2f:c2:dc:6a:a1:aa:43:
92:eb:e9:7a:5d:9f:78:54:fc:35:08:68:0c:fd:0c:
0e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:E5:67:7E:00:F0:3E:12:F9:ED:22:56:0A:2F:E1:71:6B:FE:87:A4
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234332e31322e302f32342d3234203d3e20323036323833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.12.0/24
Signature Algorithm: sha256WithRSAEncryption
44:8a:bf:78:3f:c5:57:7a:37:ba:86:26:6e:9c:2b:31:fe:e7:
eb:9e:b0:36:de:09:b7:b5:44:65:86:b2:c7:df:7a:59:f8:72:
d1:f6:82:72:2d:53:b2:8c:b4:e0:b2:f0:c5:6c:b5:2d:e9:cb:
0f:a1:21:80:5d:7a:67:24:1b:04:1c:27:53:15:0c:e4:cb:d2:
8c:35:dc:93:19:ee:8f:c4:69:ee:d9:89:45:63:3c:62:64:c2:
6c:5f:78:f3:c9:e6:a3:55:15:31:2a:d1:e8:e5:5e:70:45:f8:
8a:2d:e5:55:1f:25:4a:29:85:bd:cc:09:f1:8f:61:9a:08:8b:
33:c9:35:c5:9d:72:0d:42:68:20:aa:cd:6b:44:98:ee:ba:50:
62:2c:a6:1d:2d:5f:f1:3f:91:2f:4e:15:ff:f0:b8:d8:bd:41:
ee:28:97:5b:97:4a:9c:56:65:67:9c:db:e3:d8:50:c3:29:31:
28:0a:2e:ba:52:ca:3b:e9:45:f0:f5:3c:ae:02:82:e1:7d:6a:
71:aa:76:1f:8c:8b:48:f2:72:97:b9:b4:e2:a4:01:ea:21:3c:
3b:08:bb:8d:5c:55:82:77:4f:6a:3a:9b:11:c5:2c:ee:14:89:
ea:fe:06:d0:1d:9d:a3:07:e0:21:3a:b1:41:17:f3:b5:da:e9:
07:e5:bd:8b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUN7pyJ0RYOyjjwDaaFnpON+ULmT8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA0MDIwOTI0MDRaFw0yNTA0MDEwOTI5MDRaMDMxMTAvBgNV
BAMTKENFRTU2NzdFMDBGMDNFMTJGOUVEMjI1NjBBMkZFMTcxNkJGRTg3QTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6QgP0FDAiEn8XIyUjaYV4ahZ3
Bn+xE/iZKnCS9oBwNa3j7DD6XdPpoINDWxDAimjfjJ2BLm9anUnk1qqBpbX28UdY
wz3ECLxeFICDYqGejHK/CyZXyqnkG1AWiGUJl1sXKcktYi4L2DWWdeRKf+/R2DGE
CXlFxV0Rpye2WyNk2gtQT1EQTyFUE/cBud2/teePYs2kX8xiyw6nxx9xWyfRs1N8
Lc/QmFNizdoeXjLfBvIREw/IPYBCFTQUUoY85ctXsKoPTxrL3GW7LwfCBX+bpLdH
mdMYL6PAijZdanWsXdDdQDo1Va1XL8LcaqGqQ5Lr6Xpdn3hU/DUIaAz9DA65AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUzuVnfgDwPhL57SJWCi/hcWv+h6QwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzODM1MmUzMjM0MzMyZTMx
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzMjM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC58wwwDQYJKoZIhvcNAQELBQADggEBAESKv3g/xVd6N7qGJm6cKzH+5+uesDbe
Cbe1RGWGssffeln4ctH2gnItU7KMtOCy8MVstS3pyw+hIYBdemckGwQcJ1MVDOTL
0ow13JMZ7o/Eae7ZiUVjPGJkwmxfePPJ5qNVFTEq0ejlXnBF+Iot5VUfJUophb3M
CfGPYZoIizPJNcWdcg1CaCCqzWtEmO66UGIsph0tX/E/kS9OFf/wuNi9Qe4ol1uX
SpxWZWec2+PYUMMpMSgKLrpSyjvpRfD1PK4CguF9anGqdh+Mi0jycpe5tOKkAeoh
PDsIu41cVYJ3T2o6mxHFLO4Uier+BtAdnaMH4CE6sUEX87Xa6QflvYs=
-----END CERTIFICATE-----
Generated at Wed May 1 15:29:44 2024 by rpki-client on console-fra.rpki-client.org