Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3235352e3132382e302f32342d3234203d3e20313336373837.roa
File: 3138352e3235352e3132382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: YpHyyFbM44NvewSqLbeziqi7kWam79hi4w2qLhX8eVw=
Subject key identifier: 6A:9E:EC:21:49:EC:92:0E:44:F3:4B:E9:89:38:9D:29:BC:F5:09:5D
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 483F8338F8DB0B510E3DC218EEF0CA3CF5A691FC
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3235352e3132382e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:17 +0000
ROA not before: Mon 01 Apr 2024 13:58:17 +0000
ROA not after: Mon 31 Mar 2025 14:03:17 +0000
asID: 136787
IP address blocks: 185.255.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:3f:83:38:f8:db:0b:51:0e:3d:c2:18:ee:f0:ca:3c:f5:a6:91:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 1 13:58:17 2024 GMT
Not After : Mar 31 14:03:17 2025 GMT
Subject: CN=6A9EEC2149EC920E44F34BE989389D29BCF5095D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:56:f4:a2:4b:07:01:f9:82:38:eb:b7:78:ef:
b1:86:25:5f:87:6c:7f:a0:3b:31:c8:95:04:0d:19:
83:9b:0f:58:e1:ff:11:07:d3:a2:d8:51:c4:d4:c1:
9c:d1:60:97:37:d6:e3:7b:a6:e6:66:5d:28:04:14:
47:56:fc:46:04:99:4a:d7:ae:1b:62:f3:6b:ab:01:
6d:4e:43:e9:af:d9:4d:52:fb:31:e3:45:e1:cc:08:
a7:70:7b:0c:cd:aa:4d:a0:99:fb:31:56:a7:69:80:
4d:70:1d:83:9f:7a:61:18:fa:1c:93:87:04:e1:37:
54:69:46:16:80:61:c1:90:0c:88:09:96:45:98:87:
62:17:65:41:04:e1:15:13:b7:c8:9a:1a:70:9d:d8:
92:38:44:d7:db:7f:fc:e1:53:95:81:45:74:bc:f2:
19:da:1e:65:21:4f:74:fb:43:b6:d6:32:3f:09:c1:
a0:81:26:8f:a7:c5:01:16:a6:8f:24:fa:71:d1:32:
3e:e7:43:ca:87:b2:b2:b3:a7:64:d3:24:db:8a:9f:
d7:24:41:79:06:bc:bd:a6:05:af:5a:6f:51:4d:21:
b3:cb:ff:e3:1e:b7:0a:5d:62:26:98:21:c3:cc:55:
59:14:3f:fc:7d:88:bc:5e:5d:fc:1b:a2:db:26:37:
79:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:9E:EC:21:49:EC:92:0E:44:F3:4B:E9:89:38:9D:29:BC:F5:09:5D
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3235352e3132382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.128.0/24
Signature Algorithm: sha256WithRSAEncryption
46:dc:ee:3d:f4:45:e3:ea:c5:d8:84:69:ff:fc:82:6c:31:35:
79:a8:40:5e:30:e7:8d:61:3e:8d:2d:f3:12:3e:65:d4:1e:75:
4d:f5:4f:d7:83:e1:ff:8b:fa:c0:ce:b3:88:fb:b1:c3:1e:b8:
4f:dc:51:98:64:e1:aa:c3:21:f5:86:89:ba:e6:52:c0:c3:5e:
c6:df:21:f1:cc:1c:40:94:44:3b:4d:81:b2:c9:3c:92:2c:3f:
21:b2:28:22:16:82:47:b4:bd:b6:00:82:3f:2b:c1:b6:92:29:
81:94:c9:d6:1b:d6:b7:5e:0b:a4:c1:0c:e6:a0:83:2f:c9:55:
aa:04:fb:46:73:8a:b8:b6:a8:44:8f:2a:69:48:74:81:13:a2:
b6:56:c3:a3:25:13:0c:7d:bc:bb:bb:9a:d6:db:61:e4:39:9c:
8c:54:02:e7:79:c6:7b:8e:ed:d7:15:a2:20:a3:48:e3:fc:37:
4d:53:68:b9:8b:ff:65:2e:e4:f8:7b:6a:c6:21:35:86:93:4a:
b9:11:fe:f8:17:b9:b6:96:25:47:d2:06:6c:93:57:e0:e5:1c:
62:01:b9:9d:35:89:4f:8c:b4:5a:19:1a:7b:25:71:d9:e0:7d:
81:40:96:7a:0e:9e:26:80:b2:0a:16:c6:4c:a7:ff:b9:77:81:
a4:d9:cd:c1
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUSD+DOPjbC1EOPcIY7vDKPPWmkfwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA0MDExMzU4MTdaFw0yNTAzMzExNDAzMTdaMDMxMTAvBgNV
BAMTKDZBOUVFQzIxNDlFQzkyMEU0NEYzNEJFOTg5Mzg5RDI5QkNGNTA5NUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIVvSiSwcB+YI467d477GGJV+H
bH+gOzHIlQQNGYObD1jh/xEH06LYUcTUwZzRYJc31uN7puZmXSgEFEdW/EYEmUrX
rhti82urAW1OQ+mv2U1S+zHjReHMCKdwewzNqk2gmfsxVqdpgE1wHYOfemEY+hyT
hwThN1RpRhaAYcGQDIgJlkWYh2IXZUEE4RUTt8iaGnCd2JI4RNfbf/zhU5WBRXS8
8hnaHmUhT3T7Q7bWMj8JwaCBJo+nxQEWpo8k+nHRMj7nQ8qHsrKzp2TTJNuKn9ck
QXkGvL2mBa9ab1FNIbPL/+MetwpdYiaYIcPMVVkUP/x9iLxeXfwbotsmN3mTAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUap7sIUnskg5E80vpiTidKbz1CV0wHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzODM1MmUzMjM1MzUyZTMx
MzIzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALn/gDANBgkqhkiG9w0BAQsFAAOCAQEARtzuPfRF4+rF2IRp//yCbDE1eahA
XjDnjWE+jS3zEj5l1B51TfVP14Ph/4v6wM6ziPuxwx64T9xRmGThqsMh9YaJuuZS
wMNext8h8cwcQJREO02Bssk8kiw/IbIoIhaCR7S9tgCCPyvBtpIpgZTJ1hvWt14L
pMEM5qCDL8lVqgT7RnOKuLaoRI8qaUh0gROitlbDoyUTDH28u7ua1tth5DmcjFQC
53nGe47t1xWiIKNI4/w3TVNouYv/ZS7k+HtqxiE1hpNKuRH++Be5tpYlR9IGbJNX
4OUcYgG5nTWJT4y0WhkaeyVx2eB9gUCWeg6eJoCyChbGTKf/uXeBpNnNwQ==
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:52 2024 by rpki-client on console-ams.rpki-client.org