Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3235302e3231352e302f32342d3234203d3e20313336373837.roa
File: 3138352e3235302e3231352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: vThP83Xp8GTTyNKZD7hUpRefNSACZ1XyAjcr1/d8OH0=
Subject key identifier: DF:95:71:4F:F4:92:B0:4F:52:1D:9B:69:3A:41:B3:C9:D5:E1:61:FA
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 6312C5069F89E2D65267263BB498AC1BE89BF660
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3235302e3231352e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 20 May 2024 17:03:44 +0000
ROA not before: Mon 20 May 2024 16:58:44 +0000
ROA not after: Mon 19 May 2025 17:03:44 +0000
asID: 136787
IP address blocks: 185.250.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:12:c5:06:9f:89:e2:d6:52:67:26:3b:b4:98:ac:1b:e8:9b:f6:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: May 20 16:58:44 2024 GMT
Not After : May 19 17:03:44 2025 GMT
Subject: CN=DF95714FF492B04F521D9B693A41B3C9D5E161FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:eb:38:3f:06:02:dc:b1:7b:d0:7b:86:08:1d:
d7:13:6f:b3:cd:30:e9:42:cf:44:ed:50:4a:87:4c:
f6:23:15:50:62:4b:5d:8c:35:89:f1:a0:b6:0d:3c:
c1:74:13:a4:70:49:48:99:a7:49:88:d3:9c:db:0c:
b2:cc:5d:37:32:a8:71:43:cc:04:ba:8c:b3:48:e9:
44:70:1a:1e:4d:3f:56:ce:0b:56:8f:9f:86:f3:b6:
f2:a4:cc:a0:45:20:d4:2b:6d:82:4b:31:75:8d:b6:
c9:71:52:09:d5:bc:c2:6f:28:53:bf:37:7b:0f:2b:
5f:4f:d9:d7:dd:24:3c:6c:cd:86:c9:a4:ea:8d:45:
39:9f:51:f0:4b:eb:f8:5b:c6:d6:79:e2:0f:cc:19:
84:49:20:c0:50:f5:ea:c7:1e:5f:b2:1a:70:1e:1c:
5b:5f:48:12:e6:32:b7:4b:75:af:92:de:d6:3d:d8:
c5:f5:52:f4:14:ba:95:c6:f6:bf:e7:6e:fe:c0:7d:
8e:2d:37:8c:86:11:26:9a:e3:7f:57:fd:cd:02:cc:
a8:53:31:ae:4c:d0:56:b5:8a:5a:f7:dc:50:e3:b6:
5e:25:87:57:1f:06:af:a3:67:4f:06:3b:74:e4:50:
b8:b1:de:77:a6:14:fb:d7:5b:3e:6b:03:25:69:e7:
24:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:95:71:4F:F4:92:B0:4F:52:1D:9B:69:3A:41:B3:C9:D5:E1:61:FA
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3235302e3231352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.215.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:f4:5b:07:65:f3:05:e1:ca:8f:77:b3:a7:a7:5c:06:f1:c0:
2a:28:9f:3c:63:fc:3e:d5:da:6f:ef:9f:b8:69:f9:b5:15:80:
81:41:c4:5d:46:ed:3c:68:51:61:d2:75:6f:87:af:50:27:3a:
9f:94:ae:56:de:56:96:40:4e:6f:d1:64:e7:23:2c:f1:70:d3:
0c:1f:49:4e:59:62:6c:d9:99:27:e7:70:79:c3:c9:5f:5d:41:
9f:2f:cc:cc:a4:80:0a:9c:d4:34:2e:b2:af:8e:c6:cc:e5:0e:
a4:23:da:b5:e1:ae:02:a7:0d:75:af:99:50:34:ba:cc:78:81:
7c:25:2f:4a:b7:11:fe:2c:66:8d:d2:5d:4c:7f:12:0b:64:11:
eb:db:67:26:dc:a8:06:e9:3e:df:3c:29:f4:79:c8:08:ef:4d:
c2:29:62:20:f6:60:fa:a8:62:30:fa:b8:f0:19:d6:e7:93:c2:
23:f1:06:a0:b0:7f:d3:67:34:51:b4:4d:f7:66:b5:f4:9b:64:
d8:f8:a7:2d:03:77:53:ce:45:49:46:b8:21:4a:27:d1:e7:f0:
01:78:cc:90:36:e9:f8:69:14:d9:ee:59:88:28:a3:c4:88:8b:
bd:69:54:2b:5d:47:0f:04:db:36:3c:b4:63:8a:86:27:02:30:
18:59:49:4d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUYxLFBp+J4tZSZyY7tJisG+ib9mAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA1MjAxNjU4NDRaFw0yNTA1MTkxNzAzNDRaMDMxMTAvBgNV
BAMTKERGOTU3MTRGRjQ5MkIwNEY1MjFEOUI2OTNBNDFCM0M5RDVFMTYxRkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV6zg/BgLcsXvQe4YIHdcTb7PN
MOlCz0TtUEqHTPYjFVBiS12MNYnxoLYNPMF0E6RwSUiZp0mI05zbDLLMXTcyqHFD
zAS6jLNI6URwGh5NP1bOC1aPn4bztvKkzKBFINQrbYJLMXWNtslxUgnVvMJvKFO/
N3sPK19P2dfdJDxszYbJpOqNRTmfUfBL6/hbxtZ54g/MGYRJIMBQ9erHHl+yGnAe
HFtfSBLmMrdLda+S3tY92MX1UvQUupXG9r/nbv7AfY4tN4yGESaa439X/c0CzKhT
Ma5M0Fa1ilr33FDjtl4lh1cfBq+jZ08GO3TkULix3nemFPvXWz5rAyVp5yQpAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU35VxT/SSsE9SHZtpOkGzydXhYfowHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzODM1MmUzMjM1MzAyZTMy
MzEzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALn61zANBgkqhkiG9w0BAQsFAAOCAQEAHfRbB2XzBeHKj3ezp6dcBvHAKiif
PGP8PtXab++fuGn5tRWAgUHEXUbtPGhRYdJ1b4evUCc6n5SuVt5WlkBOb9Fk5yMs
8XDTDB9JTllibNmZJ+dwecPJX11Bny/MzKSACpzUNC6yr47GzOUOpCPateGuAqcN
da+ZUDS6zHiBfCUvSrcR/ixmjdJdTH8SC2QR69tnJtyoBuk+3zwp9HnICO9Nwili
IPZg+qhiMPq48BnW55PCI/EGoLB/02c0UbRN92a19Jtk2PinLQN3U85FSUa4IUon
0efwAXjMkDbp+GkU2e5ZiCijxIiLvWlUK11HDwTbNjy0Y4qGJwIwGFlJTQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:14:44 2024 by rpki-client on console-ams.rpki-client.org