Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3235352e3132392e302f32342d3234203d3e20313336373837.roa
File: 3138352e3235352e3132392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: sfbitq1J2gbERwIUWTip/VviI17HNUQjvgqUeOhZYlE=
Subject key identifier: 8F:1D:F0:5B:E7:24:14:DA:30:A3:65:7F:05:A0:FC:A3:FB:88:F0:6A
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 7AB4C58FC6A63AACAA8374301EC52B21DAAF3171
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3235352e3132392e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:17 +0000
ROA not before: Mon 01 Apr 2024 13:58:17 +0000
ROA not after: Mon 31 Mar 2025 14:03:17 +0000
asID: 136787
IP address blocks: 185.255.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:b4:c5:8f:c6:a6:3a:ac:aa:83:74:30:1e:c5:2b:21:da:af:31:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 1 13:58:17 2024 GMT
Not After : Mar 31 14:03:17 2025 GMT
Subject: CN=8F1DF05BE72414DA30A3657F05A0FCA3FB88F06A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:06:8a:48:f1:39:5f:65:0f:51:2e:40:37:4d:
ea:f8:17:11:1f:9b:14:70:2d:ce:11:9e:c8:73:bc:
a4:a1:d2:9c:7e:20:3c:a5:75:d3:be:e2:19:d0:8d:
01:2a:c9:64:fd:c1:4d:aa:b8:dc:17:91:0f:27:2d:
a3:07:61:a1:9b:8f:c7:de:99:7a:67:81:14:fb:32:
83:25:0d:47:49:50:ed:c7:b4:0e:16:e1:6b:40:6e:
e9:13:81:6d:be:55:4e:0f:a3:72:9c:8b:98:f4:d7:
f6:f9:dd:c4:a0:a7:da:bb:ee:d9:69:1b:15:72:c7:
45:ac:16:a4:1b:ea:69:22:d1:71:10:87:34:06:c0:
6e:06:c1:2d:31:13:a7:f7:44:c6:97:38:80:a2:cb:
87:79:56:f5:f6:2d:92:db:c5:36:61:da:c1:18:2b:
91:6f:29:61:30:ae:69:09:18:17:73:a7:ed:7f:1c:
bd:1f:14:da:7f:d1:32:d5:b4:58:3d:35:3a:09:ea:
7a:4e:0b:dd:45:90:ca:a6:9e:a7:d3:bd:32:ae:3a:
16:7e:bc:7a:57:bc:de:05:c9:00:3e:cc:ad:1f:94:
98:dd:f1:12:22:2f:58:a0:83:3b:dd:a9:08:59:13:
c7:81:d7:93:0a:b7:d7:b0:d0:35:46:97:58:80:e2:
a7:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:1D:F0:5B:E7:24:14:DA:30:A3:65:7F:05:A0:FC:A3:FB:88:F0:6A
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3235352e3132392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.129.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:c0:c5:32:42:12:2a:44:22:13:d5:77:d0:41:a9:cc:2b:3e:
05:1a:7f:48:6f:9d:99:b3:8a:c5:3e:fa:35:ea:64:d5:e7:52:
9c:10:5f:d2:f5:40:4c:79:47:a1:2d:f0:fc:e6:55:15:2f:f9:
cd:13:92:c2:1a:96:f3:15:00:e5:44:70:25:4a:d9:ad:cf:51:
57:22:11:fe:b6:a1:38:d7:a3:ed:e5:d4:85:fc:bb:6d:96:78:
62:4e:d7:d0:b9:81:c4:0a:ed:65:f4:3e:b2:29:71:2e:b6:ef:
87:a4:46:4e:11:10:3a:3b:9c:aa:e3:b9:e0:ed:94:11:b3:f7:
9a:8b:dc:02:37:47:c2:0b:25:c0:3e:ef:5e:81:d3:f0:3c:ff:
3b:87:a4:da:39:d5:d6:e3:95:26:f0:de:9d:e6:84:cd:81:b6:
10:1f:95:ea:52:a5:3c:04:c3:8c:8a:34:f9:2e:83:f1:3c:cd:
d2:b9:bc:bf:ed:54:d4:06:51:0d:22:86:ef:7f:b3:12:eb:ba:
99:42:1c:13:f3:6f:02:63:01:9e:eb:ce:f5:32:64:ed:b7:59:
ad:99:f1:ec:8d:cc:86:66:47:88:a0:4b:89:40:bd:f0:60:2c:
5d:85:f3:31:b5:67:49:d4:61:f8:d1:b4:d3:b8:2b:eb:47:4a:
40:a9:1b:11
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUerTFj8amOqyqg3QwHsUrIdqvMXEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA0MDExMzU4MTdaFw0yNTAzMzExNDAzMTdaMDMxMTAvBgNV
BAMTKDhGMURGMDVCRTcyNDE0REEzMEEzNjU3RjA1QTBGQ0EzRkI4OEYwNkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFBopI8TlfZQ9RLkA3Ter4FxEf
mxRwLc4RnshzvKSh0px+IDylddO+4hnQjQEqyWT9wU2quNwXkQ8nLaMHYaGbj8fe
mXpngRT7MoMlDUdJUO3HtA4W4WtAbukTgW2+VU4Po3Kci5j01/b53cSgp9q77tlp
GxVyx0WsFqQb6mki0XEQhzQGwG4GwS0xE6f3RMaXOICiy4d5VvX2LZLbxTZh2sEY
K5FvKWEwrmkJGBdzp+1/HL0fFNp/0TLVtFg9NToJ6npOC91FkMqmnqfTvTKuOhZ+
vHpXvN4FyQA+zK0flJjd8RIiL1iggzvdqQhZE8eB15MKt9ew0DVGl1iA4qfpAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUjx3wW+ckFNowo2V/BaD8o/uI8GowHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzODM1MmUzMjM1MzUyZTMx
MzIzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALn/gTANBgkqhkiG9w0BAQsFAAOCAQEAmsDFMkISKkQiE9V30EGpzCs+BRp/
SG+dmbOKxT76Nepk1edSnBBf0vVATHlHoS3w/OZVFS/5zROSwhqW8xUA5URwJUrZ
rc9RVyIR/rahONej7eXUhfy7bZZ4Yk7X0LmBxArtZfQ+silxLrbvh6RGThEQOjuc
quO54O2UEbP3movcAjdHwgslwD7vXoHT8Dz/O4ek2jnV1uOVJvDeneaEzYG2EB+V
6lKlPATDjIo0+S6D8TzN0rm8v+1U1AZRDSKG73+zEuu6mUIcE/NvAmMBnuvO9TJk
7bdZrZnx7I3MhmZHiKBLiUC98GAsXYXzMbVnSdRh+NG007gr60dKQKkbEQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:44 2024 by rpki-client on console-ams.rpki-client.org