Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3231362e3233312e302f32342d3234203d3e20313437303439.roa
File: 3138352e3231362e3233312e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: ljn6N3aksjyCwpVx8wDsVk8B8Z8vB3VwChVeBbsIkIM=
Subject key identifier: 48:10:D6:18:7B:35:7A:77:B1:AE:43:CA:1D:C1:AF:32:D4:B4:77:D7
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 756272662E0A40AD9E19C76DCDCBBFD152281F46
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3231362e3233312e302f32342d3234203d3e20313437303439.roa
Signing time: Mon 30 Dec 2024 15:41:16 +0000
ROA not before: Mon 30 Dec 2024 15:36:16 +0000
ROA not after: Mon 29 Dec 2025 15:41:16 +0000
asID: 147049
IP address blocks: 185.216.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 07:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:62:72:66:2e:0a:40:ad:9e:19:c7:6d:cd:cb:bf:d1:52:28:1f:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Dec 30 15:36:16 2024 GMT
Not After : Dec 29 15:41:16 2025 GMT
Subject: CN=4810D6187B357A77B1AE43CA1DC1AF32D4B477D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a0:3d:66:85:d1:20:e3:92:86:5b:21:f7:d5:
40:43:d6:d8:c1:39:2e:d9:61:60:1d:33:7d:47:c6:
ad:c7:eb:d6:a8:65:cc:35:85:a2:f4:96:0f:88:59:
38:e8:61:7d:98:88:17:05:a1:3b:f1:ba:17:28:b1:
b3:5f:fd:04:91:b7:55:28:fc:77:24:55:a7:3e:44:
67:89:1b:99:9f:99:90:6b:af:f1:4a:9d:54:53:55:
9f:35:a7:a9:52:57:9a:6e:1b:e9:54:18:ea:2d:64:
4f:db:e7:65:c2:af:7d:1b:a2:eb:fe:3b:fd:86:6e:
ce:3b:a9:64:96:a2:74:67:22:b7:5e:8f:d3:33:bf:
7c:ce:fb:6d:dc:1c:d2:9d:4f:44:ab:8d:7c:02:c4:
77:69:1c:bf:22:97:02:71:bc:26:9a:28:a7:b3:46:
f2:35:63:28:7b:4b:af:8e:ac:4f:9f:dc:3f:95:3e:
8f:00:16:2f:6f:07:78:1c:e2:4c:6e:cb:cf:48:6c:
21:4e:9d:58:33:eb:28:8e:7d:1a:ad:06:ce:57:cc:
ee:ed:4a:94:59:b7:8d:31:5e:96:e2:ee:6a:da:29:
b7:eb:98:b5:b3:44:7f:06:cd:fd:57:e7:20:f2:16:
ae:54:3d:48:d2:61:7a:00:f8:93:ee:5e:9c:e2:57:
63:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:10:D6:18:7B:35:7A:77:B1:AE:43:CA:1D:C1:AF:32:D4:B4:77:D7
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3231362e3233312e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.231.0/24
Signature Algorithm: sha256WithRSAEncryption
15:54:81:25:45:44:5d:3f:bc:ed:19:0c:90:e1:2d:d3:87:c4:
fb:f6:df:e2:84:92:b6:cd:aa:74:72:23:a1:98:f9:40:8a:f2:
8f:c0:db:d5:d1:59:32:97:03:3a:36:23:87:78:34:32:24:42:
6d:82:fb:97:99:64:44:fc:f1:fa:01:c9:a3:db:5e:82:c8:fb:
3c:6e:38:5d:c1:1b:b5:4d:14:d7:29:fd:7c:79:52:fc:4e:34:
59:e1:b2:f2:67:aa:6c:12:c3:d7:6f:0a:a3:e3:6f:c0:e9:df:
ea:3e:53:65:ac:2a:ea:4d:db:9c:cf:14:4b:0e:8b:13:c7:43:
87:c6:76:04:ba:80:48:36:ef:9e:50:b8:62:c6:d9:77:fd:74:
74:ad:75:8d:2a:0e:4d:f9:c2:6e:26:5d:91:c8:b0:ac:d3:2b:
9f:50:f0:e3:ca:a8:89:0c:29:6e:d0:c2:0f:60:ad:9b:45:93:
0e:ab:68:74:8d:28:45:45:96:36:67:2c:16:35:bd:fa:07:59:
a1:06:8c:86:ee:5a:2a:49:63:c2:4d:8d:42:45:59:a6:a9:5a:
9c:69:0d:c6:50:a2:f4:02:e3:76:05:88:91:ed:31:04:db:a6:
fa:c3:fe:6d:3e:67:fc:65:6f:3b:90:54:83:80:65:34:28:0a:
25:1b:3b:e8
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUdWJyZi4KQK2eGcdtzcu/0VIoH0YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDEyMzAxNTM2MTZaFw0yNTEyMjkxNTQxMTZaMDMxMTAvBgNV
BAMTKDQ4MTBENjE4N0IzNTdBNzdCMUFFNDNDQTFEQzFBRjMyRDRCNDc3RDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGoD1mhdEg45KGWyH31UBD1tjB
OS7ZYWAdM31Hxq3H69aoZcw1haL0lg+IWTjoYX2YiBcFoTvxuhcosbNf/QSRt1Uo
/HckVac+RGeJG5mfmZBrr/FKnVRTVZ81p6lSV5puG+lUGOotZE/b52XCr30bouv+
O/2Gbs47qWSWonRnIrdej9Mzv3zO+23cHNKdT0SrjXwCxHdpHL8ilwJxvCaaKKez
RvI1Yyh7S6+OrE+f3D+VPo8AFi9vB3gc4kxuy89IbCFOnVgz6yiOfRqtBs5XzO7t
SpRZt40xXpbi7mraKbfrmLWzRH8Gzf1X5yDyFq5UPUjSYXoA+JPuXpziV2OVAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUSBDWGHs1enexrkPKHcGvMtS0d9cwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMjMxMzYyZTMy
MzMzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNzMwMzQzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnY5zANBgkqhkiG9w0BAQsFAAOCAQEAFVSBJUVEXT+87RkMkOEt04fE+/bf
4oSSts2qdHIjoZj5QIryj8Db1dFZMpcDOjYjh3g0MiRCbYL7l5lkRPzx+gHJo9te
gsj7PG44XcEbtU0U1yn9fHlS/E40WeGy8meqbBLD128Ko+NvwOnf6j5TZawq6k3b
nM8USw6LE8dDh8Z2BLqASDbvnlC4YsbZd/10dK11jSoOTfnCbiZdkciwrNMrn1Dw
48qoiQwpbtDCD2Ctm0WTDqtodI0oRUWWNmcsFjW9+gdZoQaMhu5aKkljwk2NQkVZ
pqlanGkNxlCi9ALjdgWIke0xBNum+sP+bT5n/GVvO5BUg4BlNCgKJRs76A==
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:49:52 2025 by rpki-client