Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234332e31332e302f32342d3234203d3e20313938323437.roa
File: 3138352e3234332e31332e302f32342d3234203d3e20313938323437.roa (raw, json)
Hash identifier: f7aBzVUXWIeGGNpkmtDaB8bbFg5ZCTK0eymw+2IyuHs=
Subject key identifier: 0B:C4:A6:1C:E7:27:2A:5A:F1:5C:B3:C2:F2:96:11:D6:16:F1:2E:E2
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 696E92B5CD01D9EE74280A0C20AC4BD2799AE9D7
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234332e31332e302f32342d3234203d3e20313938323437.roa
Signing time: Tue 02 Apr 2024 09:28:52 +0000
ROA not before: Tue 02 Apr 2024 09:23:52 +0000
ROA not after: Tue 01 Apr 2025 09:28:52 +0000
asID: 198247
IP address blocks: 185.243.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:6e:92:b5:cd:01:d9:ee:74:28:0a:0c:20:ac:4b:d2:79:9a:e9:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 2 09:23:52 2024 GMT
Not After : Apr 1 09:28:52 2025 GMT
Subject: CN=0BC4A61CE7272A5AF15CB3C2F29611D616F12EE2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c5:b5:31:7e:24:07:f5:c7:d7:97:53:98:4b:
f4:d3:b6:b6:6e:d8:1a:4c:41:7f:1e:c4:9f:7a:d5:
34:6c:33:7f:65:ff:f7:62:45:bf:f6:bb:51:aa:29:
f2:a6:be:1c:82:57:96:70:36:1a:7d:05:74:cf:da:
27:06:47:a6:b5:90:d6:b5:8a:0c:64:6b:10:8e:ec:
9e:17:bf:89:b1:22:5d:bd:77:d0:ce:e0:b8:eb:3b:
14:68:11:a3:e1:c6:6f:07:01:a0:95:a6:09:70:4d:
f8:58:6d:ec:78:c3:62:63:d3:6e:d2:91:6f:32:37:
60:a4:4b:0c:33:34:c9:16:5b:da:10:1f:d7:2e:88:
23:2a:1e:08:be:71:10:7e:a9:18:35:f4:cd:fa:9e:
d4:64:30:0e:d0:29:80:29:1b:c8:c1:4a:e8:33:02:
ac:3f:04:09:3d:5b:a6:38:c9:6b:cc:b6:cd:33:93:
e5:a5:1e:df:d7:70:7f:ae:37:b1:0b:e8:d6:79:79:
f1:ba:28:4e:44:13:34:a8:33:8f:b6:a1:47:00:e1:
c5:aa:31:86:00:e4:b7:34:bc:1e:45:6d:93:13:04:
0d:39:a4:d3:f5:e1:48:42:3a:d4:b1:74:97:4d:21:
c8:8d:87:b4:b6:c1:85:7c:61:25:06:63:13:6b:1c:
3e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:C4:A6:1C:E7:27:2A:5A:F1:5C:B3:C2:F2:96:11:D6:16:F1:2E:E2
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234332e31332e302f32342d3234203d3e20313938323437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.13.0/24
Signature Algorithm: sha256WithRSAEncryption
11:a8:ae:ca:5c:3f:9a:bb:0e:8d:33:bc:53:26:5d:cf:66:be:
ba:6a:f5:f8:56:df:0e:85:ba:81:c9:5e:bd:8f:f4:ee:52:56:
27:63:bf:b3:eb:cc:5b:4d:59:b8:3d:dc:bf:4d:61:9d:42:5f:
98:cb:95:e4:bc:8d:8c:6b:03:69:96:b7:34:9b:15:98:dc:fa:
f4:28:1c:37:57:bf:b3:12:57:ef:34:dd:00:76:53:fe:33:ac:
5a:33:b7:d6:32:09:c2:32:0c:0d:21:ed:15:6e:0d:d8:af:fd:
ac:a9:89:d7:52:b1:7a:fa:fa:b8:76:ab:5d:32:43:86:49:b4:
8e:f9:81:19:1d:87:00:ac:27:e2:8c:ed:9c:75:1d:32:30:a8:
d2:2d:5f:e6:23:f3:35:21:09:1d:33:7f:0d:02:93:99:b1:f5:
d0:03:69:90:de:25:d6:84:b4:d2:85:fe:62:d2:42:4f:e7:8e:
0d:23:33:41:76:fa:06:51:d3:29:04:6b:11:80:5f:86:b8:68:
3b:07:5f:f4:ea:ac:86:65:4c:20:4f:ce:82:83:bf:ee:cb:36:
73:c4:0a:0e:2b:0a:47:37:62:7e:b6:e0:ab:4d:59:4f:d8:8c:
72:e1:c8:10:73:78:09:a8:61:7a:75:63:24:43:dc:5f:b0:a2:
cf:9f:35:1c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUaW6Stc0B2e50KAoMIKxL0nma6dcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA0MDIwOTIzNTJaFw0yNTA0MDEwOTI4NTJaMDMxMTAvBgNV
BAMTKDBCQzRBNjFDRTcyNzJBNUFGMTVDQjNDMkYyOTYxMUQ2MTZGMTJFRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRxbUxfiQH9cfXl1OYS/TTtrZu
2BpMQX8exJ961TRsM39l//diRb/2u1GqKfKmvhyCV5ZwNhp9BXTP2icGR6a1kNa1
igxkaxCO7J4Xv4mxIl29d9DO4LjrOxRoEaPhxm8HAaCVpglwTfhYbex4w2Jj027S
kW8yN2CkSwwzNMkWW9oQH9cuiCMqHgi+cRB+qRg19M36ntRkMA7QKYApG8jBSugz
Aqw/BAk9W6Y4yWvMts0zk+WlHt/XcH+uN7EL6NZ5efG6KE5EEzSoM4+2oUcA4cWq
MYYA5Lc0vB5FbZMTBA05pNP14UhCOtSxdJdNIciNh7S2wYV8YSUGYxNrHD61AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUC8SmHOcnKlrxXLPC8pYR1hbxLuIwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzODM1MmUzMjM0MzMyZTMx
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzgzMjM0Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC58w0wDQYJKoZIhvcNAQELBQADggEBABGorspcP5q7Do0zvFMmXc9mvrpq9fhW
3w6FuoHJXr2P9O5SVidjv7PrzFtNWbg93L9NYZ1CX5jLleS8jYxrA2mWtzSbFZjc
+vQoHDdXv7MSV+803QB2U/4zrFozt9YyCcIyDA0h7RVuDdiv/aypiddSsXr6+rh2
q10yQ4ZJtI75gRkdhwCsJ+KM7Zx1HTIwqNItX+Yj8zUhCR0zfw0Ck5mx9dADaZDe
JdaEtNKF/mLSQk/njg0jM0F2+gZR0ykEaxGAX4a4aDsHX/TqrIZlTCBPzoKDv+7L
NnPECg4rCkc3Yn624KtNWU/YjHLhyBBzeAmoYXp1YyRD3F+wos+fNRw=
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:14 2024 by rpki-client on console-fra.rpki-client.org