Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3137352e35392e302f32342d3234203d3e203633343733.roa
File: 3138352e3137352e35392e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: QOmgY1OaG5wG6oChgfE/GAMFcB1oWmQg6jQ2HPl4Huw=
Subject key identifier: D9:C0:E3:0F:7F:3C:C7:AC:BE:2F:65:6E:0F:D7:54:CF:E8:08:9E:51
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 2EF39AE9556D55B953DAA654AEBAD60506EF0FA6
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3137352e35392e302f32342d3234203d3e203633343733.roa
Signing time: Mon 30 Dec 2024 15:41:21 +0000
ROA not before: Mon 30 Dec 2024 15:36:21 +0000
ROA not after: Mon 29 Dec 2025 15:41:21 +0000
asID: 63473
IP address blocks: 185.175.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:28:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:f3:9a:e9:55:6d:55:b9:53:da:a6:54:ae:ba:d6:05:06:ef:0f:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Dec 30 15:36:21 2024 GMT
Not After : Dec 29 15:41:21 2025 GMT
Subject: CN=D9C0E30F7F3CC7ACBE2F656E0FD754CFE8089E51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e8:b1:9f:7b:e2:05:cd:03:b7:61:53:3b:cb:
0c:98:fb:ee:9f:75:ab:f1:44:b8:0c:04:f2:d2:01:
e8:27:8e:87:dd:15:36:90:d8:63:a2:24:b1:09:e3:
c0:b2:18:a3:2b:f2:c6:a4:68:6c:db:f5:36:74:da:
c3:07:7f:60:e7:f7:74:d0:76:30:83:b8:ac:03:b5:
64:2b:95:19:cb:1b:80:95:5a:f5:ec:6a:8f:98:30:
de:b4:e3:29:ab:c3:5b:ea:c9:5b:51:06:0c:77:c0:
a6:c9:25:62:80:f3:ce:86:d7:ef:39:97:23:d5:38:
4d:7c:c2:e1:23:fe:d7:6c:95:9a:3c:a1:d3:d1:ba:
2a:ac:b2:70:6c:8c:0c:a6:50:04:6d:e5:61:5e:2f:
49:28:6b:60:53:45:5a:9a:1d:12:85:ec:41:47:4e:
f5:52:84:b4:54:37:1a:ce:7f:7c:7b:83:27:41:ef:
98:1b:38:11:c9:16:fc:e6:63:20:66:75:57:03:5e:
39:a9:24:d9:52:a5:76:af:2a:21:78:a4:e4:03:89:
59:df:ad:51:d9:69:f0:76:6a:91:da:fc:40:17:4f:
8b:28:ec:33:c1:de:2b:98:e1:b9:44:70:c0:01:5d:
2a:a6:c1:b1:bc:cb:28:72:8c:ce:d3:f2:82:70:77:
0b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:C0:E3:0F:7F:3C:C7:AC:BE:2F:65:6E:0F:D7:54:CF:E8:08:9E:51
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3137352e35392e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.59.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:76:78:9c:1c:1f:c5:d8:8e:53:c2:ab:5e:d8:05:fb:39:2d:
09:c1:ca:b2:b0:42:e2:47:0b:7c:39:2b:38:d3:73:ba:65:b1:
8a:03:01:85:6c:4a:a6:31:62:90:98:52:64:a4:41:d2:52:1b:
4b:75:f6:99:0d:a0:71:27:16:89:68:a4:e0:f2:63:46:ab:05:
e8:24:c2:bc:c9:28:43:76:72:9e:35:53:f0:9e:91:f6:6f:9b:
92:1b:fe:1a:a4:d4:ed:d8:5b:fa:3f:7a:c5:10:54:fc:8d:6a:
fa:a0:47:50:95:b8:92:59:e7:b2:53:63:0b:41:0a:49:a4:3c:
6f:fd:98:65:03:04:5f:56:93:05:cc:b4:7e:4b:5d:80:af:cb:
91:e1:9b:10:80:02:47:f7:67:26:85:94:47:28:7f:a5:57:66:
c4:c7:96:b1:a3:9f:20:db:20:06:9f:96:36:47:0f:c3:9f:2d:
d7:b9:0d:f7:cd:7f:6e:b2:18:5e:0a:58:21:29:ce:db:54:1a:
ef:5f:b3:aa:a2:d5:a7:0f:6e:3a:4e:3f:40:26:34:d5:48:d8:
58:29:1b:72:a7:dc:20:8a:7e:28:22:3b:23:db:d3:46:2e:f9:
f5:dc:8d:86:4f:5f:3d:fe:e7:4e:84:63:4e:8b:c1:3c:82:7a:
28:83:f2:a6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIULvOa6VVtVblT2qZUrrrWBQbvD6YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDEyMzAxNTM2MjFaFw0yNTEyMjkxNTQxMjFaMDMxMTAvBgNV
BAMTKEQ5QzBFMzBGN0YzQ0M3QUNCRTJGNjU2RTBGRDc1NENGRTgwODlFNTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF6LGfe+IFzQO3YVM7ywyY++6f
davxRLgMBPLSAegnjofdFTaQ2GOiJLEJ48CyGKMr8sakaGzb9TZ02sMHf2Dn93TQ
djCDuKwDtWQrlRnLG4CVWvXsao+YMN604ymrw1vqyVtRBgx3wKbJJWKA886G1+85
lyPVOE18wuEj/tdslZo8odPRuiqssnBsjAymUARt5WFeL0koa2BTRVqaHRKF7EFH
TvVShLRUNxrOf3x7gydB75gbOBHJFvzmYyBmdVcDXjmpJNlSpXavKiF4pOQDiVnf
rVHZafB2apHa/EAXT4so7DPB3iuY4blEcMABXSqmwbG8yyhyjM7T8oJwdwtPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU2cDjD388x6y+L2VuD9dUz+gInlEwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMTM3MzUyZTM1
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ua87MA0GCSqGSIb3DQEBCwUAA4IBAQCtdnicHB/F2I5Twqte2AX7OS0JwcqysELi
Rwt8OSs403O6ZbGKAwGFbEqmMWKQmFJkpEHSUhtLdfaZDaBxJxaJaKTg8mNGqwXo
JMK8yShDdnKeNVPwnpH2b5uSG/4apNTt2Fv6P3rFEFT8jWr6oEdQlbiSWeeyU2ML
QQpJpDxv/ZhlAwRfVpMFzLR+S12Ar8uR4ZsQgAJH92cmhZRHKH+lV2bEx5axo58g
2yAGn5Y2Rw/Dny3XuQ33zX9ushheClghKc7bVBrvX7OqotWnD246Tj9AJjTVSNhY
KRtyp9wgin4oIjsj29NGLvn13I2GT189/udOhGNOi8E8gnoog/Km
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:39:25 2025 by rpki-client