Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234332e31342e302f32342d3234203d3e20323036323833.roa
File: 3138352e3234332e31342e302f32342d3234203d3e20323036323833.roa (raw, json)
Hash identifier: OvZlzU5UsJWJiRjAFX+mK6dYRHenN4C1de4yGSE2XQ8=
Subject key identifier: 4C:E6:4B:EB:3B:9E:C4:EC:99:32:12:64:26:8B:95:6D:DF:59:74:75
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 1B717AAA9D85A65AA7F26C788F159AD3320D56D3
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234332e31342e302f32342d3234203d3e20323036323833.roa
Signing time: Tue 02 Apr 2024 09:29:18 +0000
ROA not before: Tue 02 Apr 2024 09:24:18 +0000
ROA not after: Tue 01 Apr 2025 09:29:18 +0000
asID: 206283
IP address blocks: 185.243.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:71:7a:aa:9d:85:a6:5a:a7:f2:6c:78:8f:15:9a:d3:32:0d:56:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 2 09:24:18 2024 GMT
Not After : Apr 1 09:29:18 2025 GMT
Subject: CN=4CE64BEB3B9EC4EC99321264268B956DDF597475
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ab:66:e0:7c:d7:5d:c1:9c:27:ce:c4:69:36:
91:2c:7a:33:e5:1d:c0:e6:8e:aa:51:12:eb:9e:e1:
f5:94:bb:cd:bd:48:de:3f:f8:52:80:93:1a:66:e2:
f7:2d:c6:21:f2:78:76:61:69:b0:25:1a:ab:8b:66:
f5:09:bb:08:3a:ce:41:e0:7b:f3:a7:d7:a4:10:49:
ac:c4:01:76:96:93:6b:67:51:69:94:26:20:24:12:
e9:50:a8:43:bb:ed:94:99:48:cb:71:13:3a:a1:81:
88:9c:01:c0:99:41:c2:af:02:c0:59:b8:74:16:a8:
27:aa:03:8b:46:2e:7a:e0:12:59:d7:35:d9:23:63:
bb:09:71:c4:a6:35:f5:35:ba:c5:1e:63:12:a8:aa:
43:fd:4b:82:a5:4a:91:81:11:10:70:5d:9d:9f:b0:
dc:b4:aa:4e:d6:51:13:c2:7a:5b:95:5e:ce:85:6b:
1e:0a:95:8f:7f:a8:99:a5:ae:5b:d6:c7:94:10:bd:
46:57:7b:c9:51:4f:09:0b:47:f2:6e:84:9c:de:c9:
bb:42:ac:69:0c:6a:71:09:82:0e:5f:07:7e:9d:ce:
b0:56:73:81:bf:08:eb:1a:53:e2:6c:e9:22:22:0f:
aa:a4:a4:38:5a:a7:a8:9d:b0:1a:f5:09:ae:43:de:
e9:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:E6:4B:EB:3B:9E:C4:EC:99:32:12:64:26:8B:95:6D:DF:59:74:75
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234332e31342e302f32342d3234203d3e20323036323833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.14.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:13:74:74:34:fa:7f:8b:c3:d6:50:01:a1:8e:75:d6:fa:f2:
40:5e:75:bf:70:e4:73:ed:5d:52:c0:64:40:78:b8:9b:41:47:
b5:01:25:90:d3:44:f2:13:bf:a5:71:05:ff:03:17:c9:5f:aa:
b5:52:f7:b8:1a:e0:d4:53:37:f8:4c:ff:70:a7:b8:8f:ef:a7:
fd:ae:95:a5:38:23:29:d5:f4:69:93:d3:76:96:a4:2e:86:10:
e1:45:9a:a5:fc:12:e2:3f:43:54:49:2d:20:dd:cc:b5:1b:d8:
e4:fc:bf:32:70:d8:19:fc:70:9e:76:f0:98:6c:12:a4:67:63:
1d:1a:58:6c:e7:ce:36:2b:19:d8:0c:31:a0:12:64:46:7d:73:
e9:70:c5:73:af:41:e7:5a:c2:e3:6c:90:b7:ab:1c:62:d4:62:
8e:cd:4c:87:50:b6:7d:32:89:9d:20:17:1f:77:4c:2f:e0:4c:
04:37:e1:bd:65:4b:80:41:f2:e6:a3:d0:3b:38:c2:21:43:19:
4b:21:09:d6:e7:76:7a:48:aa:a6:47:88:00:a9:63:32:3a:d2:
4a:05:2e:40:70:4a:fe:9a:88:39:e5:1a:35:f2:4b:a4:cf:a4:
a6:94:7f:4b:30:cc:a5:45:f3:a3:53:42:37:7d:fa:e9:84:c6:
ba:12:3a:aa
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUG3F6qp2Fplqn8mx4jxWa0zINVtMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA0MDIwOTI0MThaFw0yNTA0MDEwOTI5MThaMDMxMTAvBgNV
BAMTKDRDRTY0QkVCM0I5RUM0RUM5OTMyMTI2NDI2OEI5NTZEREY1OTc0NzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyq2bgfNddwZwnzsRpNpEsejPl
HcDmjqpREuue4fWUu829SN4/+FKAkxpm4vctxiHyeHZhabAlGquLZvUJuwg6zkHg
e/On16QQSazEAXaWk2tnUWmUJiAkEulQqEO77ZSZSMtxEzqhgYicAcCZQcKvAsBZ
uHQWqCeqA4tGLnrgElnXNdkjY7sJccSmNfU1usUeYxKoqkP9S4KlSpGBERBwXZ2f
sNy0qk7WURPCeluVXs6Fax4KlY9/qJmlrlvWx5QQvUZXe8lRTwkLR/JuhJzeybtC
rGkManEJgg5fB36dzrBWc4G/COsaU+Js6SIiD6qkpDhap6idsBr1Ca5D3uljAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUTOZL6zuexOyZMhJkJouVbd9ZdHUwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzODM1MmUzMjM0MzMyZTMx
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzMjM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC58w4wDQYJKoZIhvcNAQELBQADggEBAGsTdHQ0+n+Lw9ZQAaGOddb68kBedb9w
5HPtXVLAZEB4uJtBR7UBJZDTRPITv6VxBf8DF8lfqrVS97ga4NRTN/hM/3CnuI/v
p/2ulaU4IynV9GmT03aWpC6GEOFFmqX8EuI/Q1RJLSDdzLUb2OT8vzJw2Bn8cJ52
8JhsEqRnYx0aWGznzjYrGdgMMaASZEZ9c+lwxXOvQedawuNskLerHGLUYo7NTIdQ
tn0yiZ0gFx93TC/gTAQ34b1lS4BB8uaj0Ds4wiFDGUshCdbndnpIqqZHiACpYzI6
0koFLkBwSv6aiDnlGjXyS6TPpKaUf0swzKVF86NTQjd9+umExroSOqo=
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:14 2024 by rpki-client on console-fra.rpki-client.org