Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3139382e32362e302f32342d3234203d3e203633343733.roa
File: 3138352e3139382e32362e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: Gq6lFeSTZ07KHjU13KGkWXra6GywxovUNxz8Wp8CA6g=
Subject key identifier: 69:99:5A:4F:2A:FD:74:A7:22:94:53:EC:FB:6F:77:79:39:9F:E5:EF
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 6A36CD902A40C87A40CF1AFFF5D0259B8F984244
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3139382e32362e302f32342d3234203d3e203633343733.roa
Signing time: Mon 30 Dec 2024 15:41:22 +0000
ROA not before: Mon 30 Dec 2024 15:36:22 +0000
ROA not after: Mon 29 Dec 2025 15:41:22 +0000
asID: 63473
IP address blocks: 185.198.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 04:53:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:36:cd:90:2a:40:c8:7a:40:cf:1a:ff:f5:d0:25:9b:8f:98:42:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Dec 30 15:36:22 2024 GMT
Not After : Dec 29 15:41:22 2025 GMT
Subject: CN=69995A4F2AFD74A7229453ECFB6F7779399FE5EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:16:25:ec:e7:a8:8a:26:1a:34:c6:3f:18:b3:
e8:ae:af:0c:2b:4e:c1:80:5c:e3:2f:ba:5e:9a:92:
c8:ee:40:44:14:63:42:74:d0:e8:9c:cf:5d:bc:75:
9d:54:bd:3e:2a:a7:96:4f:74:09:7b:01:f9:37:38:
88:aa:75:a2:d7:ca:90:99:f2:a8:c1:94:d6:13:0b:
69:23:f7:15:79:b7:44:78:6c:25:7d:c4:45:78:9a:
b6:2c:78:de:4c:58:96:8f:72:61:60:ec:a4:5f:36:
06:08:de:91:03:b9:f9:0a:c7:a5:48:57:49:15:b7:
9b:94:98:d6:d6:33:af:8a:ca:5e:0b:cf:87:ee:c1:
6e:9b:a7:6f:ff:01:c6:a4:01:a2:64:90:7d:e7:71:
a2:93:a0:a3:69:cb:66:28:2a:35:48:fc:84:57:cd:
15:e6:96:b0:5e:46:90:95:c3:6c:49:01:83:14:56:
07:0f:8e:d6:05:5c:68:0e:95:9f:5a:ae:0d:9e:94:
43:76:c0:18:09:fa:14:06:6f:86:3c:b0:7b:7b:73:
04:09:b3:3d:91:6f:ec:68:b4:3d:7a:61:2e:63:1c:
40:d3:c9:73:2c:97:34:f0:10:92:3d:5b:15:2b:30:
d2:65:b8:5b:d8:3b:ab:b3:19:c2:e8:28:db:69:e8:
10:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:99:5A:4F:2A:FD:74:A7:22:94:53:EC:FB:6F:77:79:39:9F:E5:EF
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3139382e32362e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.26.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:b8:12:72:82:6d:11:85:9d:8f:12:e0:a1:18:d7:33:98:af:
2a:e1:18:38:3b:a4:9f:15:46:6b:ce:76:9c:e1:2c:82:72:87:
06:19:53:b5:9a:4f:8c:e5:d3:7d:18:a4:28:6f:eb:15:43:c4:
d8:cd:de:0e:a3:d5:84:4d:a8:0b:06:bf:c1:68:63:0a:cd:ca:
39:71:a6:37:44:21:37:69:99:84:0d:12:a4:66:80:e8:aa:53:
7f:56:ae:64:6c:c0:0b:c8:8b:d3:ef:aa:1c:80:ed:ae:41:3a:
d1:fd:de:ab:7d:77:e2:3e:2e:96:55:4c:a9:38:19:4f:98:84:
2f:09:39:59:5a:34:a3:98:2c:c7:97:d8:54:fa:ea:a7:2b:47:
7d:fb:83:2d:e9:0b:cf:2a:af:03:37:f4:9b:8b:14:60:84:92:
fc:70:cb:cc:c2:46:cf:62:4f:7b:a1:66:df:e8:f5:fa:6c:46:
7c:e4:1b:b8:65:5c:62:29:f7:2d:4a:e4:a2:36:a7:3a:1d:f4:
e7:a8:03:4a:c4:14:81:b0:31:93:2d:fa:59:aa:54:43:45:06:
3b:20:d7:04:db:2e:32:42:be:56:c5:0c:07:06:ef:0d:fb:0f:
69:3d:e7:97:58:13:b2:f8:7a:89:78:e3:ab:5e:63:27:82:08:
8a:5d:0f:a3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUajbNkCpAyHpAzxr/9dAlm4+YQkQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDEyMzAxNTM2MjJaFw0yNTEyMjkxNTQxMjJaMDMxMTAvBgNV
BAMTKDY5OTk1QTRGMkFGRDc0QTcyMjk0NTNFQ0ZCNkY3Nzc5Mzk5RkU1RUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOFiXs56iKJho0xj8Ys+iurwwr
TsGAXOMvul6aksjuQEQUY0J00Oicz128dZ1UvT4qp5ZPdAl7Afk3OIiqdaLXypCZ
8qjBlNYTC2kj9xV5t0R4bCV9xEV4mrYseN5MWJaPcmFg7KRfNgYI3pEDufkKx6VI
V0kVt5uUmNbWM6+Kyl4Lz4fuwW6bp2//AcakAaJkkH3ncaKToKNpy2YoKjVI/IRX
zRXmlrBeRpCVw2xJAYMUVgcPjtYFXGgOlZ9arg2elEN2wBgJ+hQGb4Y8sHt7cwQJ
sz2Rb+xotD16YS5jHEDTyXMslzTwEJI9WxUrMNJluFvYO6uzGcLoKNtp6BClAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUaZlaTyr9dKcilFPs+293eTmf5e8wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMTM5MzgyZTMy
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ucYaMA0GCSqGSIb3DQEBCwUAA4IBAQAsuBJygm0RhZ2PEuChGNczmK8q4Rg4O6Sf
FUZrznac4SyCcocGGVO1mk+M5dN9GKQob+sVQ8TYzd4Oo9WETagLBr/BaGMKzco5
caY3RCE3aZmEDRKkZoDoqlN/Vq5kbMALyIvT76ocgO2uQTrR/d6rfXfiPi6WVUyp
OBlPmIQvCTlZWjSjmCzHl9hU+uqnK0d9+4Mt6QvPKq8DN/SbixRghJL8cMvMwkbP
Yk97oWbf6PX6bEZ85Bu4ZVxiKfctSuSiNqc6HfTnqANKxBSBsDGTLfpZqlRDRQY7
INcE2y4yQr5WxQwHBu8N+w9pPeeXWBOy+HqJeOOrXmMnggiKXQ+j
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:49:08 2025 by rpki-client