Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234352e3135322e302f32342d3234203d3e20323036323833.roa
File: 3138352e3234352e3135322e302f32342d3234203d3e20323036323833.roa (raw, json)
Hash identifier: vgIEqpuRU1EMlTkr/LZ2YIW4x4hY47dEJ51K5rlQUK8=
Subject key identifier: 8C:8D:C1:8E:A1:03:EF:8E:F8:14:8E:88:5A:08:59:FA:19:5C:9F:C8
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 11A983EE16B051202C0EC16ED0EB8A7BB61FC860
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234352e3135322e302f32342d3234203d3e20323036323833.roa
Signing time: Tue 02 Apr 2024 09:29:35 +0000
ROA not before: Tue 02 Apr 2024 09:24:35 +0000
ROA not after: Tue 01 Apr 2025 09:29:35 +0000
asID: 206283
IP address blocks: 185.245.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 07:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:a9:83:ee:16:b0:51:20:2c:0e:c1:6e:d0:eb:8a:7b:b6:1f:c8:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 2 09:24:35 2024 GMT
Not After : Apr 1 09:29:35 2025 GMT
Subject: CN=8C8DC18EA103EF8EF8148E885A0859FA195C9FC8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:4d:88:ad:f7:66:bf:ca:f8:ee:29:22:e4:c5:
14:cf:21:1e:64:cb:ac:6c:f5:be:a7:db:1d:15:70:
fb:cb:31:5e:37:ab:d3:6e:77:f5:da:08:a0:d9:dd:
93:1e:b9:e1:48:e2:df:9a:c5:cd:89:f1:50:cf:f9:
61:57:64:06:3b:1e:2d:2a:a9:71:c0:a2:15:95:46:
47:dd:3c:13:47:da:bc:52:88:ae:2f:e0:b9:fd:53:
1f:61:78:a3:8c:09:c0:df:93:b6:63:8d:2c:08:90:
6a:dc:e1:2d:75:f7:3f:bd:83:aa:ab:01:a1:88:6c:
35:5b:af:2a:d7:19:e5:bd:6b:be:ab:88:3d:6f:74:
19:78:ba:31:e9:02:ef:a4:19:35:e0:30:8d:81:2d:
9b:bc:04:31:82:df:47:24:68:c2:2f:32:8d:d5:97:
00:a3:ae:7f:a5:b1:80:fe:cd:d1:b1:72:58:68:fd:
70:2b:10:62:be:19:79:de:ea:3a:10:7e:78:1f:6b:
90:d6:1e:c2:ee:40:de:c0:5a:e2:7b:29:e1:03:77:
53:7d:dc:12:f8:fe:6f:e7:bd:eb:20:05:d0:2c:68:
19:35:fd:0d:2f:9e:89:af:c8:c7:f9:06:06:73:df:
a4:8f:30:e8:a5:58:51:d0:34:f2:b8:a2:8c:68:db:
f8:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:8D:C1:8E:A1:03:EF:8E:F8:14:8E:88:5A:08:59:FA:19:5C:9F:C8
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234352e3135322e302f32342d3234203d3e20323036323833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.152.0/24
Signature Algorithm: sha256WithRSAEncryption
89:80:30:00:37:e3:e2:30:1c:dd:ba:30:cc:20:0d:13:b0:a9:
cc:86:8f:4f:c2:6d:91:42:e8:d5:d5:72:0a:20:e6:d0:a4:cd:
1f:06:09:5e:2f:c8:a9:3c:70:1a:27:34:48:81:1e:fc:a8:91:
fc:13:7c:59:1d:38:d0:fe:39:fa:c1:07:1f:63:f8:76:c6:62:
f6:0c:ca:e5:26:00:98:a3:91:20:5e:07:a2:4d:ed:ee:e0:cf:
0e:15:fc:4c:1f:3c:86:d0:46:0a:d5:83:e6:46:96:11:12:36:
d4:df:56:7e:ee:2d:a5:09:73:b9:93:e5:c4:8c:b8:3d:5f:94:
7a:e9:89:25:24:97:ce:d4:24:32:81:37:22:b9:5e:fe:61:7e:
92:c8:28:6e:25:99:ae:ec:8f:70:e3:75:f9:8a:ae:23:9b:0c:
5b:80:28:54:49:64:95:a5:b8:a6:86:d9:fc:f5:19:a3:03:67:
60:3d:fe:06:98:9b:08:bb:66:69:28:b3:53:7a:39:97:73:cf:
4a:72:c7:fa:fd:e7:bd:a7:38:e6:60:d3:13:e1:26:35:21:f0:
55:67:4f:94:c1:a6:71:f0:35:c2:2c:eb:fd:78:75:2f:f0:31:
31:2d:67:8e:b4:d0:6e:f1:64:ce:0c:f6:4e:b3:5d:08:d9:07:
fe:30:76:a6
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUEamD7hawUSAsDsFu0OuKe7YfyGAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA0MDIwOTI0MzVaFw0yNTA0MDEwOTI5MzVaMDMxMTAvBgNV
BAMTKDhDOERDMThFQTEwM0VGOEVGODE0OEU4ODVBMDg1OUZBMTk1QzlGQzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeTYit92a/yvjuKSLkxRTPIR5k
y6xs9b6n2x0VcPvLMV43q9Nud/XaCKDZ3ZMeueFI4t+axc2J8VDP+WFXZAY7Hi0q
qXHAohWVRkfdPBNH2rxSiK4v4Ln9Ux9heKOMCcDfk7ZjjSwIkGrc4S119z+9g6qr
AaGIbDVbryrXGeW9a76riD1vdBl4ujHpAu+kGTXgMI2BLZu8BDGC30ckaMIvMo3V
lwCjrn+lsYD+zdGxclho/XArEGK+GXne6joQfngfa5DWHsLuQN7AWuJ7KeEDd1N9
3BL4/m/nvesgBdAsaBk1/Q0vnomvyMf5BgZz36SPMOilWFHQNPK4ooxo2/h/AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUjI3BjqED7474FI6IWghZ+hlcn8gwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzODM1MmUzMjM0MzUyZTMx
MzUzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNjMyMzgzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALn1mDANBgkqhkiG9w0BAQsFAAOCAQEAiYAwADfj4jAc3bowzCANE7CpzIaP
T8JtkULo1dVyCiDm0KTNHwYJXi/IqTxwGic0SIEe/KiR/BN8WR040P45+sEHH2P4
dsZi9gzK5SYAmKORIF4Hok3t7uDPDhX8TB88htBGCtWD5kaWERI21N9Wfu4tpQlz
uZPlxIy4PV+UeumJJSSXztQkMoE3Irle/mF+ksgobiWZruyPcON1+YquI5sMW4Ao
VElklaW4pobZ/PUZowNnYD3+BpibCLtmaSizU3o5l3PPSnLH+v3nvac45mDTE+Em
NSHwVWdPlMGmcfA1wizr/Xh1L/AxMS1njrTQbvFkzgz2TrNdCNkH/jB2pg==
-----END CERTIFICATE-----
Generated at Wed May 1 15:29:44 2024 by rpki-client on console-fra.rpki-client.org