Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3138352e3132342e302f32342d3234203d3e20323034313730.roa
File: 3138352e3138352e3132342e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: c38g53ooYEjEpklV3dU9ZX9QIMQpq9sRKDNtNQdwYMg=
Subject key identifier: 0D:93:81:86:F4:CB:43:47:65:37:D7:2C:D3:E7:72:1E:94:9B:78:4D
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 1B6439C15892A3134330EA4F9401626075978168
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3138352e3132342e302f32342d3234203d3e20323034313730.roa
Signing time: Mon 30 Dec 2024 15:41:23 +0000
ROA not before: Mon 30 Dec 2024 15:36:23 +0000
ROA not after: Mon 29 Dec 2025 15:41:23 +0000
asID: 204170
IP address blocks: 185.185.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:64:39:c1:58:92:a3:13:43:30:ea:4f:94:01:62:60:75:97:81:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Dec 30 15:36:23 2024 GMT
Not After : Dec 29 15:41:23 2025 GMT
Subject: CN=0D938186F4CB43476537D72CD3E7721E949B784D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d7:c1:2e:c1:fe:d0:ed:08:df:48:fe:94:2e:
14:bd:f7:42:60:76:40:ac:0f:3e:ad:20:e5:79:a1:
01:c4:4e:e8:5d:e5:ef:0f:6b:89:d0:c5:11:75:9c:
c4:81:13:d1:9a:39:81:b0:f0:62:de:fd:ee:cd:47:
53:31:e6:17:50:a7:b7:b9:02:a2:77:94:95:8f:26:
09:68:f9:4a:84:e2:e7:e7:fc:94:53:99:53:c4:01:
d2:96:42:89:e8:a0:4a:02:c3:29:01:9a:40:28:67:
e6:58:c3:52:3f:63:cb:99:7f:b4:17:4e:89:fe:46:
89:e6:97:0c:8e:d9:58:0c:cc:c9:89:9e:4c:ad:31:
37:a5:87:ae:81:22:6e:43:ed:cb:60:de:87:f7:21:
9a:b9:1c:00:53:33:db:83:1b:15:86:54:7a:1a:b4:
cf:34:f9:a3:90:39:b8:04:14:ad:6a:0f:f5:29:e2:
27:38:35:0d:ac:8b:c7:52:bf:a3:f4:cc:1f:9a:48:
3e:88:0e:69:67:24:ce:42:52:c3:2d:9a:8f:1f:0e:
2f:fa:90:87:fd:7c:58:7d:99:1d:0c:8b:d4:96:2b:
18:94:39:c2:b8:fb:c9:37:e3:20:6c:aa:7f:0c:d4:
dc:bb:72:a5:1e:8c:18:df:e8:e3:15:c6:40:d9:f9:
9a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:93:81:86:F4:CB:43:47:65:37:D7:2C:D3:E7:72:1E:94:9B:78:4D
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3138352e3132342e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.124.0/24
Signature Algorithm: sha256WithRSAEncryption
79:c5:a7:92:93:0a:5e:2f:6a:87:ec:27:35:01:67:77:59:8a:
e0:69:fa:58:3d:6c:d7:bd:00:d4:f1:c1:fa:c1:49:e4:c0:8b:
28:47:e2:dd:37:3a:3a:1b:7f:a5:d6:e9:bd:05:06:49:7d:b6:
8d:85:0a:e5:bc:b1:d1:cd:6a:84:d5:ab:d3:c0:09:5a:1d:45:
93:bb:31:93:04:2f:9d:fc:46:42:63:ac:01:cf:90:39:73:64:
77:f6:7e:47:43:ca:69:38:41:7c:14:df:a5:c9:a0:2e:8a:a6:
c4:4e:70:9d:4d:f0:a3:4b:ed:80:75:4a:48:ea:14:78:90:8d:
90:fb:40:6d:49:45:c9:5b:99:23:22:4a:b3:33:e0:be:8e:75:
84:b6:81:60:b1:b0:a1:20:78:1a:ab:74:78:09:14:ce:47:eb:
50:b5:ad:c9:16:9b:86:51:f3:ad:6d:46:e6:85:be:d0:55:30:
e9:1d:17:63:ec:40:be:a5:d8:11:5d:89:7c:31:a9:a4:00:cc:
ba:f2:21:8c:28:1a:1d:4e:a8:95:ad:da:65:eb:b4:b2:b7:74:
60:c6:5b:6d:0a:c2:07:cd:d9:7d:7e:69:0f:93:63:6a:07:a1:
54:ff:d7:b6:2d:2c:db:42:81:31:09:71:ba:d3:9b:7a:91:18:
db:bb:84:5b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUG2Q5wViSoxNDMOpPlAFiYHWXgWgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDEyMzAxNTM2MjNaFw0yNTEyMjkxNTQxMjNaMDMxMTAvBgNV
BAMTKDBEOTM4MTg2RjRDQjQzNDc2NTM3RDcyQ0QzRTc3MjFFOTQ5Qjc4NEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDW18Euwf7Q7QjfSP6ULhS990Jg
dkCsDz6tIOV5oQHETuhd5e8Pa4nQxRF1nMSBE9GaOYGw8GLe/e7NR1Mx5hdQp7e5
AqJ3lJWPJglo+UqE4ufn/JRTmVPEAdKWQonooEoCwykBmkAoZ+ZYw1I/Y8uZf7QX
Ton+RonmlwyO2VgMzMmJnkytMTelh66BIm5D7ctg3of3IZq5HABTM9uDGxWGVHoa
tM80+aOQObgEFK1qD/Up4ic4NQ2si8dSv6P0zB+aSD6IDmlnJM5CUsMtmo8fDi/6
kIf9fFh9mR0Mi9SWKxiUOcK4+8k34yBsqn8M1Ny7cqUejBjf6OMVxkDZ+ZrBAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUDZOBhvTLQ0dlN9cs0+dyHpSbeE0wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMTM4MzUyZTMx
MzIzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALm5fDANBgkqhkiG9w0BAQsFAAOCAQEAecWnkpMKXi9qh+wnNQFnd1mK4Gn6
WD1s170A1PHB+sFJ5MCLKEfi3Tc6Oht/pdbpvQUGSX22jYUK5byx0c1qhNWr08AJ
Wh1Fk7sxkwQvnfxGQmOsAc+QOXNkd/Z+R0PKaThBfBTfpcmgLoqmxE5wnU3wo0vt
gHVKSOoUeJCNkPtAbUlFyVuZIyJKszPgvo51hLaBYLGwoSB4Gqt0eAkUzkfrULWt
yRabhlHzrW1G5oW+0FUw6R0XY+xAvqXYEV2JfDGppADMuvIhjCgaHU6ola3aZeu0
srd0YMZbbQrCB83ZfX5pD5NjagehVP/Xti0s20KBMQlxutObepEY27uEWw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:55:46 2025 by rpki-client