Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3139372e33302e302f32342d3234203d3e203633343733.roa
File: 3138352e3139372e33302e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: FxYJeJHR+DAr3sD6BKa5AKgkf58MJRW31c2bAjFeNS0=
Subject key identifier: 6F:AA:4C:6F:3E:7A:3F:AC:3C:1E:81:65:E6:16:79:FA:B6:8A:CA:2F
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 690D5D5EEDCB8A2C22DBDE73399F7DAAFF24EF6B
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3139372e33302e302f32342d3234203d3e203633343733.roa
Signing time: Mon 30 Dec 2024 15:41:21 +0000
ROA not before: Mon 30 Dec 2024 15:36:21 +0000
ROA not after: Mon 29 Dec 2025 15:41:21 +0000
asID: 63473
IP address blocks: 185.197.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 14:33:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:0d:5d:5e:ed:cb:8a:2c:22:db:de:73:39:9f:7d:aa:ff:24:ef:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Dec 30 15:36:21 2024 GMT
Not After : Dec 29 15:41:21 2025 GMT
Subject: CN=6FAA4C6F3E7A3FAC3C1E8165E61679FAB68ACA2F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c6:20:ca:c5:60:98:56:2d:74:d2:59:31:51:
d9:64:ee:c7:b3:00:ad:71:73:aa:3c:79:7b:c4:9d:
d1:e7:63:97:55:1c:bb:a0:f8:33:f4:71:7e:6c:90:
74:f9:15:36:ff:07:98:98:c4:48:1d:da:7c:0e:5a:
52:7e:95:25:ca:95:c9:22:cd:4a:ce:cc:06:2b:31:
2c:11:4e:d2:39:a9:26:0d:dd:83:87:d4:10:af:ee:
44:8c:88:e0:b6:07:59:ab:b8:f0:3d:94:4a:4f:88:
28:9f:a4:7b:38:6c:c7:13:3c:49:12:21:25:e4:13:
92:9d:57:01:d0:b0:c5:6c:a7:6f:33:67:ce:3b:c5:
07:d9:d4:fa:60:2a:cd:53:59:3c:ec:9e:10:25:a9:
4a:f7:3d:35:cd:08:7b:e1:32:09:67:45:c4:37:9a:
3d:a5:52:00:4f:c3:dc:4d:c4:46:9d:c0:2e:64:37:
9a:d2:ac:d0:68:20:e6:87:19:dc:9f:12:44:cd:84:
5f:4c:13:fa:81:4d:c5:46:13:9e:9a:39:dc:58:2c:
8f:a8:27:78:d7:df:d4:7a:60:50:4d:d4:bb:35:4f:
d9:b7:c0:40:0d:70:9a:24:b3:9f:db:46:8c:c5:73:
9d:5d:94:01:d5:89:3a:a7:c8:8f:ac:01:df:9a:9b:
1c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:AA:4C:6F:3E:7A:3F:AC:3C:1E:81:65:E6:16:79:FA:B6:8A:CA:2F
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3139372e33302e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.30.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:5b:a5:d1:35:43:bb:3d:9e:90:0f:d8:c0:43:64:db:73:1a:
a2:65:33:e0:2e:b1:db:6e:4d:a8:ff:0f:03:59:45:81:22:74:
6f:bb:e1:79:e1:30:55:6c:42:6f:78:0b:2f:be:00:83:9f:6f:
4e:a0:c5:b6:b1:6f:7d:aa:ea:7b:05:5d:90:de:4f:e6:11:f8:
70:11:47:0e:eb:c7:63:20:a6:10:5d:08:8d:67:f1:75:ca:c3:
31:15:3d:92:4f:8b:a8:c2:a1:f2:f6:20:dd:0e:1f:8a:a1:27:
07:75:71:6c:74:bf:5d:0f:80:dc:91:24:8d:81:58:e7:22:3a:
f8:0f:83:04:1f:47:61:5a:98:1a:10:0c:90:d8:61:34:3c:88:
9f:81:f0:86:b2:3e:96:60:1c:c4:f6:88:09:5a:db:76:88:6a:
9c:2e:79:dc:a0:01:ed:9c:b1:3c:20:2f:b7:94:f2:24:f5:01:
cf:73:c5:21:58:1d:69:cf:08:be:7c:26:07:ce:c1:aa:85:5b:
94:05:10:5c:0d:67:43:fa:b3:a8:d0:dd:c2:ed:17:24:5d:78:
9e:78:1c:f8:b5:31:6c:81:5f:04:f2:67:cf:c0:95:ec:c5:23:
e6:66:05:d6:9f:61:db:c4:40:9e:e9:7c:80:0b:8b:c1:af:64:
f1:77:e2:f7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUaQ1dXu3Liiwi295zOZ99qv8k72swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDEyMzAxNTM2MjFaFw0yNTEyMjkxNTQxMjFaMDMxMTAvBgNV
BAMTKDZGQUE0QzZGM0U3QTNGQUMzQzFFODE2NUU2MTY3OUZBQjY4QUNBMkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwxiDKxWCYVi100lkxUdlk7sez
AK1xc6o8eXvEndHnY5dVHLug+DP0cX5skHT5FTb/B5iYxEgd2nwOWlJ+lSXKlcki
zUrOzAYrMSwRTtI5qSYN3YOH1BCv7kSMiOC2B1mruPA9lEpPiCifpHs4bMcTPEkS
ISXkE5KdVwHQsMVsp28zZ847xQfZ1PpgKs1TWTzsnhAlqUr3PTXNCHvhMglnRcQ3
mj2lUgBPw9xNxEadwC5kN5rSrNBoIOaHGdyfEkTNhF9ME/qBTcVGE56aOdxYLI+o
J3jX39R6YFBN1Ls1T9m3wEANcJoks5/bRozFc51dlAHViTqnyI+sAd+amxy3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUb6pMbz56P6w8HoFl5hZ5+raKyi8wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMTM5MzcyZTMz
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ucUeMA0GCSqGSIb3DQEBCwUAA4IBAQAMW6XRNUO7PZ6QD9jAQ2TbcxqiZTPgLrHb
bk2o/w8DWUWBInRvu+F54TBVbEJveAsvvgCDn29OoMW2sW99qup7BV2Q3k/mEfhw
EUcO68djIKYQXQiNZ/F1ysMxFT2ST4uowqHy9iDdDh+KoScHdXFsdL9dD4DckSSN
gVjnIjr4D4MEH0dhWpgaEAyQ2GE0PIifgfCGsj6WYBzE9ogJWtt2iGqcLnncoAHt
nLE8IC+3lPIk9QHPc8UhWB1pzwi+fCYHzsGqhVuUBRBcDWdD+rOo0N3C7RckXXie
eBz4tTFsgV8E8mfPwJXsxSPmZgXWn2HbxECe6XyAC4vBr2Txd+L3
-----END CERTIFICATE-----
Generated at Wed Apr 9 06:29:42 2025 by rpki-client