Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3231332e32342e302f32342d3234203d3e203633343733.roa
File: 3138352e3231332e32342e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: HR1kBfVS9c6rGpuxlYXrhIi2tglx3Pb5uSHZ/+u5rNg=
Subject key identifier: 8C:E5:6E:03:55:03:28:31:36:26:EE:53:8D:B7:20:93:58:55:B9:1B
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 4B67216FFED836737D3103770B0AEDAF9C83D9D1
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3231332e32342e302f32342d3234203d3e203633343733.roa
Signing time: Mon 30 Dec 2024 15:41:20 +0000
ROA not before: Mon 30 Dec 2024 15:36:20 +0000
ROA not after: Mon 29 Dec 2025 15:41:20 +0000
asID: 63473
IP address blocks: 185.213.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:28:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:67:21:6f:fe:d8:36:73:7d:31:03:77:0b:0a:ed:af:9c:83:d9:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Dec 30 15:36:20 2024 GMT
Not After : Dec 29 15:41:20 2025 GMT
Subject: CN=8CE56E03550328313626EE538DB720935855B91B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8f:83:84:6c:a1:37:a9:44:ec:5c:94:0e:46:
44:4c:f0:40:0f:4c:ac:b8:b4:ca:e3:8f:23:f4:99:
9e:e5:a1:72:dc:0a:27:26:6b:e5:d9:10:56:dc:ac:
93:e9:2f:ed:d5:7c:6d:e3:0a:98:19:70:2c:31:4a:
59:f7:df:76:ea:09:a9:a2:c6:02:b0:2c:e8:3c:7f:
73:76:f9:d2:f1:a0:f0:a3:71:44:e7:94:12:98:68:
db:4a:93:91:c6:89:d9:68:3c:98:2f:94:26:bb:0b:
59:1f:09:6a:a3:41:05:13:18:1b:bf:e5:d1:d3:51:
f1:e9:11:1f:0a:90:01:66:fa:9b:e2:cc:e3:59:c1:
b9:cc:26:55:87:07:50:b9:98:d5:73:37:74:68:6a:
ee:98:11:dc:33:b4:51:d9:e9:84:5a:af:bd:79:1e:
0a:ed:f4:c5:16:c8:d5:63:b7:c0:22:6f:07:26:ed:
3b:18:63:45:93:0a:8e:05:c5:93:54:d2:4a:d6:53:
95:f9:da:8a:0a:48:c0:e5:a6:33:c3:2f:60:e2:42:
6f:c1:e2:7f:48:af:38:4f:3a:a5:c9:06:35:86:d1:
2f:78:85:c3:88:6c:8a:41:25:1d:3c:3a:ff:36:f3:
3e:a3:89:97:cf:a1:9d:c1:20:f8:82:7e:74:68:3a:
9c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:E5:6E:03:55:03:28:31:36:26:EE:53:8D:B7:20:93:58:55:B9:1B
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3231332e32342e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.24.0/24
Signature Algorithm: sha256WithRSAEncryption
87:38:77:d1:1f:f4:02:2d:49:a4:ec:a2:30:b6:33:8c:08:a2:
c2:a0:b3:ca:f7:2c:b7:1e:2f:88:71:9c:b6:37:34:21:3c:ba:
7d:9e:fc:ca:d3:ee:2a:08:91:96:b1:a9:fe:0d:c9:20:74:b4:
76:09:76:52:52:96:f1:21:aa:c8:9c:aa:ff:7c:38:f1:7c:90:
69:0c:b8:e4:2a:5b:5c:22:3a:26:63:e2:24:d8:9b:54:f5:30:
29:3f:97:e1:f8:60:2c:db:d4:ae:2f:f3:f2:72:ae:c4:10:a5:
56:46:05:0c:a8:e7:06:84:66:ae:4a:8d:a1:d9:09:3f:75:25:
38:9c:e4:ce:23:d9:89:bd:dd:51:18:ed:3c:68:e1:17:6b:d5:
17:d5:ef:d4:94:a3:35:17:d7:fe:62:ef:fa:3b:10:77:64:d1:
80:31:a0:98:0f:da:d8:89:0b:59:05:14:b9:54:6a:f8:27:38:
e9:f3:ac:72:ff:90:cf:52:ea:f8:55:77:e6:9e:34:ea:b0:0c:
f4:14:1c:74:db:30:8e:3c:b5:75:05:a5:c3:7a:d6:0a:ba:ca:
1d:8b:98:a7:e3:4b:7c:e2:d9:0b:67:4c:4d:19:e4:f8:6c:d7:
19:65:03:23:9d:59:1f:83:aa:c9:75:e0:b0:5a:14:cb:fa:42:
31:57:85:fe
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUS2chb/7YNnN9MQN3Cwrtr5yD2dEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDEyMzAxNTM2MjBaFw0yNTEyMjkxNTQxMjBaMDMxMTAvBgNV
BAMTKDhDRTU2RTAzNTUwMzI4MzEzNjI2RUU1MzhEQjcyMDkzNTg1NUI5MUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcj4OEbKE3qUTsXJQORkRM8EAP
TKy4tMrjjyP0mZ7loXLcCicma+XZEFbcrJPpL+3VfG3jCpgZcCwxSln333bqCami
xgKwLOg8f3N2+dLxoPCjcUTnlBKYaNtKk5HGidloPJgvlCa7C1kfCWqjQQUTGBu/
5dHTUfHpER8KkAFm+pvizONZwbnMJlWHB1C5mNVzN3Roau6YEdwztFHZ6YRar715
Hgrt9MUWyNVjt8Aibwcm7TsYY0WTCo4FxZNU0krWU5X52ooKSMDlpjPDL2DiQm/B
4n9IrzhPOqXJBjWG0S94hcOIbIpBJR08Ov828z6jiZfPoZ3BIPiCfnRoOpxjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUjOVuA1UDKDE2Ju5Tjbcgk1hVuRswHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMjMxMzMyZTMy
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
udUYMA0GCSqGSIb3DQEBCwUAA4IBAQCHOHfRH/QCLUmk7KIwtjOMCKLCoLPK9yy3
Hi+IcZy2NzQhPLp9nvzK0+4qCJGWsan+DckgdLR2CXZSUpbxIarInKr/fDjxfJBp
DLjkKltcIjomY+Ik2JtU9TApP5fh+GAs29SuL/Pycq7EEKVWRgUMqOcGhGauSo2h
2Qk/dSU4nOTOI9mJvd1RGO08aOEXa9UX1e/UlKM1F9f+Yu/6OxB3ZNGAMaCYD9rY
iQtZBRS5VGr4Jzjp86xy/5DPUur4VXfmnjTqsAz0FBx02zCOPLV1BaXDetYKusod
i5in40t84tkLZ0xNGeT4bNcZZQMjnVkfg6rJdeCwWhTL+kIxV4X+
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:42:48 2025 by rpki-client