Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3235302e3231332e302f32342d3234203d3e20313336373837.roa
File: 3138352e3235302e3231332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: xYMdds0iHJdMDRGVh8oKre3STn7i6hYVHPl74OpMR/E=
Subject key identifier: E7:65:EC:FB:9E:20:2B:40:F1:C1:C2:88:8D:0B:72:60:1B:4A:1D:54
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 2C025CB4D1AFA0D64CD8A8C8D168C55920A646CC
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3235302e3231332e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 02 Mar 2024 21:54:35 +0000
ROA not before: Sat 02 Mar 2024 21:49:35 +0000
ROA not after: Sat 01 Mar 2025 21:54:35 +0000
asID: 136787
IP address blocks: 185.250.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:02:5c:b4:d1:af:a0:d6:4c:d8:a8:c8:d1:68:c5:59:20:a6:46:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Mar 2 21:49:35 2024 GMT
Not After : Mar 1 21:54:35 2025 GMT
Subject: CN=E765ECFB9E202B40F1C1C2888D0B72601B4A1D54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4e:73:fb:8f:f5:f8:d6:18:2c:fe:28:1f:8b:
91:52:9c:86:fc:22:a5:df:bf:28:ab:d0:fb:ed:13:
bd:94:e6:69:c9:48:58:7e:59:72:f6:5f:87:7c:04:
be:1d:06:e4:fb:31:7a:03:08:5c:8f:95:e0:3d:84:
f2:42:30:b0:d7:ea:b3:ea:1c:6d:1f:37:e2:15:4f:
f8:5d:7b:9b:e7:39:da:fe:98:08:08:9c:9b:91:78:
65:2f:e2:5a:1a:58:d2:df:0a:44:71:fe:aa:b2:38:
3e:db:35:66:9c:35:2c:b0:9c:de:5f:60:a6:bd:43:
72:d4:5c:bb:87:8f:a2:4c:7b:f7:6a:d1:66:2d:5c:
52:d7:0e:b6:65:5f:98:ee:22:b9:81:d2:85:d9:68:
06:29:02:14:27:38:18:63:3f:2f:a5:c0:05:5e:e5:
9a:e5:4f:c9:d7:66:0c:06:ad:61:4d:5a:88:bd:61:
9a:ae:55:8c:ac:e2:21:df:7b:1c:02:14:24:59:2a:
ee:ae:3a:0e:36:83:d6:ec:14:06:3a:6d:76:51:f9:
24:9a:19:84:5e:18:79:bb:41:ed:c6:93:4c:ef:9b:
76:fd:e3:6d:fc:d2:4e:64:5e:df:61:b4:df:15:91:
ed:f9:7e:16:37:90:39:6c:4c:89:81:9d:50:8b:97:
e7:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:65:EC:FB:9E:20:2B:40:F1:C1:C2:88:8D:0B:72:60:1B:4A:1D:54
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3235302e3231332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.213.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:a2:48:36:9e:43:94:8b:9e:8d:54:62:69:d5:f4:a0:2b:0b:
e2:a6:f1:93:be:35:1c:d6:0c:eb:38:65:54:93:ab:db:aa:24:
3a:3d:48:02:04:fa:61:ee:18:72:cd:d8:d5:57:6e:a0:3c:5f:
3c:4c:67:95:66:87:37:a2:74:9d:5f:df:e7:cf:5a:55:ad:c7:
04:ce:1a:01:24:07:34:54:3e:98:03:b4:ac:bd:b9:f0:4a:04:
41:40:d2:c5:c7:b8:66:c6:ac:cb:fb:e9:33:81:30:8e:7b:05:
6b:ae:38:f4:25:10:aa:40:e5:8d:b4:50:c4:f3:50:c5:6f:60:
1a:69:f9:61:2e:e1:bb:f0:62:78:bd:b0:fd:91:d8:ca:f0:ca:
d5:76:dc:dd:bf:10:3c:bb:c5:2a:70:0e:1a:fa:23:48:2a:b7:
4c:f5:87:ab:42:1b:08:10:c9:bf:69:cf:78:8d:8d:dc:62:e4:
1e:b6:e0:68:e9:15:23:01:a2:fd:f5:a5:63:99:4c:dd:20:2c:
46:28:cf:b2:5c:d2:30:92:1c:f7:95:a1:62:4a:6b:69:ba:f1:
f4:98:19:1d:05:bc:f6:b7:2f:46:12:25:4b:e7:cc:28:f7:7c:
95:c9:09:99:1f:d5:5d:be:1b:59:09:15:b3:de:25:a5:ad:9c:
ad:7b:5e:08
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIULAJctNGvoNZM2KjI0WjFWSCmRswwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAzMDIyMTQ5MzVaFw0yNTAzMDEyMTU0MzVaMDMxMTAvBgNV
BAMTKEU3NjVFQ0ZCOUUyMDJCNDBGMUMxQzI4ODhEMEI3MjYwMUI0QTFENTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDTnP7j/X41hgs/igfi5FSnIb8
IqXfvyir0PvtE72U5mnJSFh+WXL2X4d8BL4dBuT7MXoDCFyPleA9hPJCMLDX6rPq
HG0fN+IVT/hde5vnOdr+mAgInJuReGUv4loaWNLfCkRx/qqyOD7bNWacNSywnN5f
YKa9Q3LUXLuHj6JMe/dq0WYtXFLXDrZlX5juIrmB0oXZaAYpAhQnOBhjPy+lwAVe
5ZrlT8nXZgwGrWFNWoi9YZquVYys4iHfexwCFCRZKu6uOg42g9bsFAY6bXZR+SSa
GYReGHm7Qe3Gk0zvm3b942380k5kXt9htN8Vke35fhY3kDlsTImBnVCLl+cbAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU52Xs+54gK0DxwcKIjQtyYBtKHVQwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzODM1MmUzMjM1MzAyZTMy
MzEzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALn61TANBgkqhkiG9w0BAQsFAAOCAQEASqJINp5DlIuejVRiadX0oCsL4qbx
k741HNYM6zhlVJOr26okOj1IAgT6Ye4Ycs3Y1VduoDxfPExnlWaHN6J0nV/f589a
Va3HBM4aASQHNFQ+mAO0rL258EoEQUDSxce4Zsasy/vpM4EwjnsFa6449CUQqkDl
jbRQxPNQxW9gGmn5YS7hu/BieL2w/ZHYyvDK1Xbc3b8QPLvFKnAOGvojSCq3TPWH
q0IbCBDJv2nPeI2N3GLkHrbgaOkVIwGi/fWlY5lM3SAsRijPslzSMJIc95WhYkpr
abrx9JgZHQW89rcvRhIlS+fMKPd8lckJmR/VXb4bWQkVs94lpa2crXteCA==
-----END CERTIFICATE-----
Generated at Wed May 8 11:32:57 2024 by rpki-client on console-ams.rpki-client.org