Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3138332e3138332e302f32342d3234203d3e20323034313730.roa
File: 3138352e3138332e3138332e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: ZCEJrLwhoC7HJ+5NvQEAaOBzEiAA7k7nRIjyNiU/68U=
Subject key identifier: 73:3E:77:84:48:3B:9E:46:C2:69:55:E9:A8:FE:84:2F:1F:DC:57:85
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 24148D1214D223959B29F9B55BA4294A34642AA5
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3138332e3138332e302f32342d3234203d3e20323034313730.roa
Signing time: Mon 30 Dec 2024 15:41:17 +0000
ROA not before: Mon 30 Dec 2024 15:36:17 +0000
ROA not after: Mon 29 Dec 2025 15:41:17 +0000
asID: 204170
IP address blocks: 185.183.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 07:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:14:8d:12:14:d2:23:95:9b:29:f9:b5:5b:a4:29:4a:34:64:2a:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Dec 30 15:36:17 2024 GMT
Not After : Dec 29 15:41:17 2025 GMT
Subject: CN=733E7784483B9E46C26955E9A8FE842F1FDC5785
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:7f:48:e9:63:5c:ce:4c:3e:bd:e3:71:7a:1e:
e7:6d:0c:81:a5:ee:dc:f4:3e:b6:da:e2:87:25:66:
06:0d:1b:33:41:89:01:09:d3:3e:45:7e:a3:4a:8e:
cd:ab:aa:07:ff:5f:00:9e:91:7f:5c:ee:27:9a:df:
47:c0:a5:bd:7e:c5:35:ab:39:9e:26:da:fc:1e:e6:
f8:56:d4:94:63:34:10:f3:57:85:6c:9e:a8:64:d7:
d4:24:7c:82:76:07:c1:0f:5d:4c:6c:ed:f5:2f:53:
af:04:39:c5:af:b6:a0:42:95:04:0c:a9:22:06:1a:
0d:39:bd:ce:e5:bd:a3:7a:a2:10:db:58:47:ae:4a:
f5:ff:24:c3:ee:71:51:b9:cd:7c:33:fc:dc:83:84:
b0:50:ef:86:76:d0:c7:59:d0:a5:72:9f:e3:16:9e:
55:d0:25:72:25:26:83:43:83:25:07:38:e1:2b:9d:
70:b1:14:11:18:c5:b6:c1:c5:22:8b:f2:ef:c1:c7:
ed:44:0b:39:1b:79:d0:80:7f:83:6e:d9:19:7c:5e:
72:2d:d4:92:30:df:e9:da:9f:7c:13:42:44:9f:df:
66:d1:36:8e:a8:3d:6c:a7:7e:af:ed:9c:3c:c8:62:
dd:79:38:3b:b3:20:3d:c8:a0:eb:c4:5f:a0:12:e7:
0c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:3E:77:84:48:3B:9E:46:C2:69:55:E9:A8:FE:84:2F:1F:DC:57:85
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3138332e3138332e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.183.183.0/24
Signature Algorithm: sha256WithRSAEncryption
82:ce:4e:19:32:b5:7e:59:05:a5:d0:d2:bf:7b:82:90:1d:32:
41:3c:5b:74:8f:a6:1e:f4:1e:34:df:70:47:29:e6:b3:6d:b0:
37:4a:82:b0:4f:24:9e:5c:55:ae:da:94:68:19:c9:72:84:2c:
29:8f:29:bc:40:06:f2:1f:21:79:6f:35:12:33:e2:21:c9:85:
82:fa:ca:ca:23:e7:ae:d3:49:8a:cc:d0:ab:4e:44:a0:6d:83:
c0:d4:69:17:f0:7b:2f:70:79:b7:4b:f2:19:18:a0:72:1c:4a:
df:36:85:05:7a:7e:28:ee:25:1c:10:71:ca:55:8a:f8:9f:fb:
6d:6b:6f:9e:c1:c4:79:13:9c:97:1e:6a:62:eb:b6:34:eb:2c:
a2:b0:0a:a4:fb:a4:a9:0c:8b:8c:b6:cd:e1:0e:98:2d:13:04:
e7:29:91:68:d5:6b:29:dc:49:56:77:3b:83:7e:3e:c9:38:23:
87:80:9d:2e:c9:76:21:64:7b:6b:ca:9f:e5:f6:c2:4b:1f:4c:
c1:66:63:2c:8d:38:51:72:16:a3:20:7a:32:b2:3f:a7:f5:02:
9d:39:3a:5a:4e:f4:55:55:25:d3:02:0e:9a:33:c7:70:23:75:
da:e4:8c:4a:c2:3d:10:39:40:fb:03:34:77:80:8f:fd:03:86:
22:21:a6:cc
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUJBSNEhTSI5WbKfm1W6QpSjRkKqUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDEyMzAxNTM2MTdaFw0yNTEyMjkxNTQxMTdaMDMxMTAvBgNV
BAMTKDczM0U3Nzg0NDgzQjlFNDZDMjY5NTVFOUE4RkU4NDJGMUZEQzU3ODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkf0jpY1zOTD6943F6HudtDIGl
7tz0Prba4oclZgYNGzNBiQEJ0z5FfqNKjs2rqgf/XwCekX9c7iea30fApb1+xTWr
OZ4m2vwe5vhW1JRjNBDzV4Vsnqhk19QkfIJ2B8EPXUxs7fUvU68EOcWvtqBClQQM
qSIGGg05vc7lvaN6ohDbWEeuSvX/JMPucVG5zXwz/NyDhLBQ74Z20MdZ0KVyn+MW
nlXQJXIlJoNDgyUHOOErnXCxFBEYxbbBxSKL8u/Bx+1ECzkbedCAf4Nu2Rl8XnIt
1JIw3+nan3wTQkSf32bRNo6oPWynfq/tnDzIYt15ODuzID3IoOvEX6AS5wxdAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUcz53hEg7nkbCaVXpqP6ELx/cV4UwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMTM4MzMyZTMx
MzgzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALm3tzANBgkqhkiG9w0BAQsFAAOCAQEAgs5OGTK1flkFpdDSv3uCkB0yQTxb
dI+mHvQeNN9wRynms22wN0qCsE8knlxVrtqUaBnJcoQsKY8pvEAG8h8heW81EjPi
IcmFgvrKyiPnrtNJiszQq05EoG2DwNRpF/B7L3B5t0vyGRigchxK3zaFBXp+KO4l
HBBxylWK+J/7bWtvnsHEeROclx5qYuu2NOssorAKpPukqQyLjLbN4Q6YLRME5ymR
aNVrKdxJVnc7g34+yTgjh4CdLsl2IWR7a8qf5fbCSx9MwWZjLI04UXIWoyB6MrI/
p/UCnTk6Wk70VVUl0wIOmjPHcCN12uSMSsI9EDlA+wM0d4CP/QOGIiGmzA==
-----END CERTIFICATE-----
Generated at Wed Apr 9 11:15:47 2025 by rpki-client