Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234352e3135332e302f32342d3234203d3e20323036323833.roa
File: 3138352e3234352e3135332e302f32342d3234203d3e20323036323833.roa (raw, json)
Hash identifier: NJJCpBK74Q3OmKmCKVw3acF2sRojFSOari2DDRfsAbc=
Subject key identifier: 18:66:60:24:C5:A0:B2:BA:95:A4:B4:CF:B8:F1:F6:73:32:4F:AC:D9
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 674936A463AFC3EC5B0FEC2AC6D90AB78E7C1C71
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234352e3135332e302f32342d3234203d3e20323036323833.roa
Signing time: Tue 02 Apr 2024 09:29:43 +0000
ROA not before: Tue 02 Apr 2024 09:24:43 +0000
ROA not after: Tue 01 Apr 2025 09:29:43 +0000
asID: 206283
IP address blocks: 185.245.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 07:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:49:36:a4:63:af:c3:ec:5b:0f:ec:2a:c6:d9:0a:b7:8e:7c:1c:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 2 09:24:43 2024 GMT
Not After : Apr 1 09:29:43 2025 GMT
Subject: CN=18666024C5A0B2BA95A4B4CFB8F1F673324FACD9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:93:89:6b:6f:4b:91:9d:90:e2:a4:e5:8d:6a:
f7:30:ea:1e:9e:63:fc:01:c4:00:cf:6d:d9:ed:89:
5d:41:a5:6d:1c:91:7a:fe:ec:9b:17:e0:c6:32:84:
8f:3e:c7:6e:6d:b4:6c:90:5b:67:e6:0d:3c:9a:26:
72:57:04:f9:cb:e3:d4:46:68:b5:bd:be:7e:50:d6:
2e:f5:e6:f7:87:25:12:d7:23:07:af:82:58:aa:b8:
ff:78:97:c9:1b:53:9f:c5:07:38:9d:be:5b:f7:74:
3c:b5:3b:65:43:18:cb:1d:7d:d5:a7:29:57:e6:e9:
ad:81:71:63:38:4b:aa:ad:45:fd:9f:23:32:e7:87:
c9:48:38:7e:89:d7:d9:90:ef:3d:49:37:1e:32:82:
e5:1d:28:84:1f:21:d7:f0:31:61:3f:d8:9b:eb:87:
9c:d0:5f:4d:fb:8e:a6:f8:49:50:38:2c:2c:4f:c4:
8f:c5:7e:d8:ab:ec:37:e1:fb:94:a3:98:d3:f5:02:
5b:bb:d8:1b:fc:cf:89:ba:15:f3:f1:7d:ed:9e:cb:
cc:29:bf:30:77:a8:5f:9a:16:2e:86:97:bd:6c:e7:
19:d1:39:57:f9:22:e4:82:8b:8f:7e:87:92:8e:fa:
3d:2c:98:de:27:7e:44:ee:3f:ee:8e:30:fa:58:45:
59:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:66:60:24:C5:A0:B2:BA:95:A4:B4:CF:B8:F1:F6:73:32:4F:AC:D9
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3234352e3135332e302f32342d3234203d3e20323036323833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.153.0/24
Signature Algorithm: sha256WithRSAEncryption
64:da:9e:de:c5:75:b8:a6:1b:eb:df:2e:6d:9d:06:75:a7:27:
16:88:b6:ff:a4:2d:70:5b:11:3b:f5:4e:05:82:b4:72:b5:b2:
43:8b:2c:b9:c5:e6:40:9e:be:ff:cd:e6:37:97:94:4f:1b:31:
4b:95:33:95:01:57:60:d9:84:38:33:c7:26:b5:00:d6:4f:9f:
f1:b0:f3:85:47:b2:0c:e2:f8:2d:fa:27:d8:8b:fe:d2:9c:2f:
87:65:df:ee:ff:63:c3:de:23:64:d7:c6:ef:00:52:c8:6d:58:
cb:72:34:9d:20:f2:48:5a:12:1e:1b:a3:f5:e4:20:c3:7a:14:
90:56:60:7f:65:7b:62:b5:ab:1f:11:c7:2a:b2:c9:ee:17:19:
a4:f4:4b:ad:66:ae:18:83:9e:6e:ef:66:6f:56:92:e2:90:a3:
27:e3:01:81:23:97:99:69:8e:1c:23:76:8c:10:de:fc:12:3c:
f3:18:16:e7:39:32:2e:0a:b6:57:f2:ff:ae:dc:28:46:a9:d3:
1e:53:e2:a7:3e:e6:3d:a1:d1:a5:2d:97:43:15:2b:f5:33:3c:
ac:22:a0:02:80:d0:68:ea:c8:e9:9f:f4:d4:ba:4b:60:64:0f:
03:fc:5e:f3:97:0c:fe:c0:cc:a9:53:67:87:ea:02:6f:13:b5:
f3:17:80:dc
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUZ0k2pGOvw+xbD+wqxtkKt458HHEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA0MDIwOTI0NDNaFw0yNTA0MDEwOTI5NDNaMDMxMTAvBgNV
BAMTKDE4NjY2MDI0QzVBMEIyQkE5NUE0QjRDRkI4RjFGNjczMzI0RkFDRDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHk4lrb0uRnZDipOWNavcw6h6e
Y/wBxADPbdntiV1BpW0ckXr+7JsX4MYyhI8+x25ttGyQW2fmDTyaJnJXBPnL49RG
aLW9vn5Q1i715veHJRLXIwevgliquP94l8kbU5/FBzidvlv3dDy1O2VDGMsdfdWn
KVfm6a2BcWM4S6qtRf2fIzLnh8lIOH6J19mQ7z1JNx4yguUdKIQfIdfwMWE/2Jvr
h5zQX037jqb4SVA4LCxPxI/Fftir7Dfh+5SjmNP1Alu72Bv8z4m6FfPxfe2ey8wp
vzB3qF+aFi6Gl71s5xnROVf5IuSCi49+h5KO+j0smN4nfkTuP+6OMPpYRVl/AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUGGZgJMWgsrqVpLTPuPH2czJPrNkwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzODM1MmUzMjM0MzUyZTMx
MzUzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNjMyMzgzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALn1mTANBgkqhkiG9w0BAQsFAAOCAQEAZNqe3sV1uKYb698ubZ0GdacnFoi2
/6QtcFsRO/VOBYK0crWyQ4ssucXmQJ6+/83mN5eUTxsxS5UzlQFXYNmEODPHJrUA
1k+f8bDzhUeyDOL4Lfon2Iv+0pwvh2Xf7v9jw94jZNfG7wBSyG1Yy3I0nSDySFoS
Hhuj9eQgw3oUkFZgf2V7YrWrHxHHKrLJ7hcZpPRLrWauGIOebu9mb1aS4pCjJ+MB
gSOXmWmOHCN2jBDe/BI88xgW5zkyLgq2V/L/rtwoRqnTHlPipz7mPaHRpS2XQxUr
9TM8rCKgAoDQaOrI6Z/01LpLYGQPA/xe85cM/sDMqVNnh+oCbxO18xeA3A==
-----END CERTIFICATE-----
Generated at Wed May 1 14:46:46 2024 by rpki-client on console-ams.rpki-client.org