Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3235302e3231342e302f32342d3234203d3e20313336373837.roa
File: 3138352e3235302e3231342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: Lqk6SanR+B4Wrgp6qG3KwJ5R9qc78f2NRIm2+BBfoCM=
Subject key identifier: EC:A7:6A:C9:47:39:C2:9A:B0:0B:F7:C2:3B:E1:BA:39:FC:51:7E:C9
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 4E190885D6A7122C746583416EAA9319D2E5CD91
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3235302e3231342e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:52:48 +0000
ROA not before: Mon 26 Feb 2024 08:47:48 +0000
ROA not after: Mon 24 Feb 2025 08:52:48 +0000
asID: 136787
IP address blocks: 185.250.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:19:08:85:d6:a7:12:2c:74:65:83:41:6e:aa:93:19:d2:e5:cd:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:48 2024 GMT
Not After : Feb 24 08:52:48 2025 GMT
Subject: CN=ECA76AC94739C29AB00BF7C23BE1BA39FC517EC9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3d:f2:e7:80:e2:08:68:22:87:80:9a:3c:13:
b6:b4:73:62:d1:05:e7:ee:5a:3a:63:92:2f:2e:68:
b0:f1:2f:19:01:e3:66:0d:c7:c5:70:50:24:98:85:
23:1f:3a:a7:b0:55:1e:80:9f:10:3e:33:37:6d:c6:
26:36:6e:60:27:75:c9:d5:11:cf:33:ba:4b:24:56:
73:a9:e4:8a:fd:4a:24:f1:b9:b9:13:c1:e6:30:70:
30:bd:62:18:2f:2f:62:22:2e:72:40:4b:ed:6d:28:
2d:41:0f:2c:1e:4f:61:89:a4:ea:6f:08:00:8f:d9:
c1:40:0d:78:60:2b:57:78:f8:16:95:dc:ad:06:b7:
58:4f:9a:ee:eb:b3:df:80:99:7a:de:da:4a:91:d5:
ea:c6:4e:82:e0:fa:4c:85:44:cd:8e:fa:7d:2b:08:
7b:ec:da:6f:53:f9:61:7a:2e:20:1c:ad:c5:72:d7:
18:75:54:5d:7c:96:db:94:ec:fe:be:de:d6:ca:88:
20:91:67:86:d9:5a:9b:24:40:83:3e:55:a9:1c:a1:
25:5b:e2:82:33:7b:ba:38:8f:5e:8c:20:64:81:04:
04:b2:3e:6e:d4:55:c4:fc:63:f4:1a:07:52:f4:ab:
9d:06:aa:17:76:22:21:d3:f5:f1:31:c1:5a:36:60:
56:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:A7:6A:C9:47:39:C2:9A:B0:0B:F7:C2:3B:E1:BA:39:FC:51:7E:C9
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3235302e3231342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.214.0/24
Signature Algorithm: sha256WithRSAEncryption
44:5a:98:f9:64:7c:f4:c3:47:cf:a5:e2:7c:31:53:c3:98:c8:
ca:78:83:ed:8b:98:b8:b7:56:c2:ce:c5:a8:93:ae:c9:32:60:
59:b4:82:10:7f:7d:17:6d:12:ea:d3:7f:3e:8f:07:24:af:b7:
55:9e:1a:4f:9f:a8:76:c7:a6:18:93:73:69:ae:e5:1f:ff:82:
ac:63:17:3d:5c:07:ef:68:42:fc:00:18:9b:b9:79:d5:64:33:
72:1e:c4:ef:c9:cb:31:8f:4f:0e:40:fb:6c:fe:93:a9:98:c3:
fa:64:e3:b7:ac:ea:e6:5f:f3:90:e9:54:55:84:d2:7d:77:ff:
ff:7f:bc:44:08:89:1f:71:e3:41:8e:c9:bc:2f:6c:23:b2:4a:
5d:3a:47:a0:04:85:66:7d:64:c9:63:27:94:db:c6:ac:bd:01:
4b:30:56:2a:56:62:e3:54:30:8c:2f:ec:78:34:48:ce:13:28:
39:9f:43:14:8b:e0:7d:b5:54:2a:9b:8b:5d:95:e1:ad:ce:08:
65:13:23:b1:64:a7:37:10:36:be:ef:ec:fb:1c:25:33:a3:dd:
27:67:33:ab:5e:e4:c8:8b:3a:83:7a:3a:f1:b2:e6:39:7a:5d:
4f:85:72:29:ee:78:52:71:f9:ac:55:9f:5e:45:9c:25:32:6b:
35:5c:73:b5
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUThkIhdanEix0ZYNBbqqTGdLlzZEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NDhaFw0yNTAyMjQwODUyNDhaMDMxMTAvBgNV
BAMTKEVDQTc2QUM5NDczOUMyOUFCMDBCRjdDMjNCRTFCQTM5RkM1MTdFQzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5PfLngOIIaCKHgJo8E7a0c2LR
BefuWjpjki8uaLDxLxkB42YNx8VwUCSYhSMfOqewVR6AnxA+MzdtxiY2bmAndcnV
Ec8zukskVnOp5Ir9SiTxubkTweYwcDC9YhgvL2IiLnJAS+1tKC1BDyweT2GJpOpv
CACP2cFADXhgK1d4+BaV3K0Gt1hPmu7rs9+AmXre2kqR1erGToLg+kyFRM2O+n0r
CHvs2m9T+WF6LiAcrcVy1xh1VF18ltuU7P6+3tbKiCCRZ4bZWpskQIM+VakcoSVb
4oIze7o4j16MIGSBBASyPm7UVcT8Y/QaB1L0q50Gqhd2IiHT9fExwVo2YFbJAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU7KdqyUc5wpqwC/fCO+G6OfxRfskwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzODM1MmUzMjM1MzAyZTMy
MzEzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALn61jANBgkqhkiG9w0BAQsFAAOCAQEARFqY+WR89MNHz6XifDFTw5jIyniD
7YuYuLdWws7FqJOuyTJgWbSCEH99F20S6tN/Po8HJK+3VZ4aT5+odsemGJNzaa7l
H/+CrGMXPVwH72hC/AAYm7l51WQzch7E78nLMY9PDkD7bP6TqZjD+mTjt6zq5l/z
kOlUVYTSfXf//3+8RAiJH3HjQY7JvC9sI7JKXTpHoASFZn1kyWMnlNvGrL0BSzBW
KlZi41QwjC/seDRIzhMoOZ9DFIvgfbVUKpuLXZXhrc4IZRMjsWSnNxA2vu/s+xwl
M6PdJ2czq17kyIs6g3o68bLmOXpdT4VyKe54UnH5rFWfXkWcJTJrNVxztQ==
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:22 2024 by rpki-client on console-fra.rpki-client.org