Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3232302e32332e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232302e32332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: clLCLX3NiRWvbcYrH1oNR4ehq4iAnXzw6cDCXfAmJEk=
Subject key identifier: 56:9D:F8:56:ED:66:F4:43:82:DD:37:B2:EC:D6:20:05:68:0B:7B:A7
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 0251F3B75E244601EAB50EDF19007AEAEE719CF0
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3232302e32332e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 30 Dec 2024 15:41:18 +0000
ROA not before: Mon 30 Dec 2024 15:36:18 +0000
ROA not after: Mon 29 Dec 2025 15:41:18 +0000
asID: 136787
IP address blocks: 185.220.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:28:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:51:f3:b7:5e:24:46:01:ea:b5:0e:df:19:00:7a:ea:ee:71:9c:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Dec 30 15:36:18 2024 GMT
Not After : Dec 29 15:41:18 2025 GMT
Subject: CN=569DF856ED66F44382DD37B2ECD62005680B7BA7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6e:34:42:91:ca:2a:68:1a:67:3a:17:da:c7:
15:7f:0d:6c:b1:f6:b5:9a:95:02:c7:02:c9:37:6d:
e0:07:e9:2c:85:7d:ec:7c:97:a4:50:ae:ae:78:47:
36:a5:17:5d:32:38:d9:e5:5e:a3:37:04:c4:09:4b:
a7:25:7f:10:65:b7:8d:9c:b8:93:69:20:91:65:a5:
a8:9e:8c:ae:fa:25:12:5b:27:69:37:46:b8:81:64:
68:17:ae:54:ca:c2:9d:ef:6d:ec:58:bf:c3:74:53:
a1:1b:db:fc:c0:02:5a:50:63:58:af:9f:1c:f0:bd:
e9:5d:1d:69:cd:ef:2e:74:fc:68:51:ad:6e:a9:1f:
55:a4:c3:5d:3d:00:99:7c:9b:7b:52:61:ee:bf:8f:
d6:8a:c1:6e:4a:2f:3c:5b:a5:d1:83:24:89:23:be:
d5:61:7f:fe:52:f2:25:68:1b:01:ee:27:d0:dc:a0:
e6:93:20:d9:48:56:10:0f:4d:51:7d:6f:f9:aa:95:
d4:d9:9c:27:fa:f1:cd:a1:80:75:d2:43:f1:f8:f5:
59:d4:ed:e6:9b:86:2a:8b:ca:bd:d3:5f:9d:c4:b5:
1d:0f:e3:f3:a9:96:46:1e:79:cf:3d:d0:f5:df:01:
68:eb:5f:b0:a3:20:da:6e:7b:62:d3:3b:ff:cf:cc:
5d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:9D:F8:56:ED:66:F4:43:82:DD:37:B2:EC:D6:20:05:68:0B:7B:A7
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3232302e32332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.23.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:0d:70:72:fb:58:13:c4:46:ff:ee:b2:7e:b1:ae:8b:bc:06:
ec:ce:b6:cf:0d:e9:30:31:20:75:bb:2e:5b:4e:08:17:ae:d8:
3d:36:69:5e:0e:a6:0d:74:7b:13:94:99:d7:09:1d:28:e0:4d:
40:a0:4d:98:c4:12:2f:f4:c1:aa:f5:c3:7d:fa:13:89:e5:80:
d5:b4:36:02:4e:d4:cb:e0:68:2d:e2:87:99:09:fa:d1:61:bc:
cb:26:8d:ff:90:c1:75:c4:8d:a7:a7:8b:32:75:3f:4e:f4:4f:
12:bc:35:f5:35:42:ca:55:f4:a7:6b:ce:15:54:0a:19:07:b8:
b5:d9:20:07:ff:0e:5a:ee:1b:23:4f:ea:f5:35:44:cf:72:c4:
ec:04:1c:34:71:b6:a3:5e:8b:75:79:9c:a0:4b:b2:d3:2e:79:
f2:65:15:70:a8:ae:ca:6a:a9:2a:16:99:12:eb:45:d2:38:fa:
a8:83:2e:05:3e:28:e1:43:11:3b:48:d9:2b:8c:9d:b6:30:2c:
54:59:09:c1:e5:57:4d:19:54:da:1b:c3:e6:4d:d2:f8:e0:79:
c0:53:65:77:e7:2e:35:67:e7:3e:e9:ed:8c:92:59:3f:75:8f:
bf:fb:19:04:8b:e6:93:43:62:3d:e6:f2:f2:4c:3d:0a:70:69:
48:05:6d:52
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUAlHzt14kRgHqtQ7fGQB66u5xnPAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDEyMzAxNTM2MThaFw0yNTEyMjkxNTQxMThaMDMxMTAvBgNV
BAMTKDU2OURGODU2RUQ2NkY0NDM4MkREMzdCMkVDRDYyMDA1NjgwQjdCQTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzbjRCkcoqaBpnOhfaxxV/DWyx
9rWalQLHAsk3beAH6SyFfex8l6RQrq54RzalF10yONnlXqM3BMQJS6clfxBlt42c
uJNpIJFlpaiejK76JRJbJ2k3RriBZGgXrlTKwp3vbexYv8N0U6Eb2/zAAlpQY1iv
nxzwveldHWnN7y50/GhRrW6pH1Wkw109AJl8m3tSYe6/j9aKwW5KLzxbpdGDJIkj
vtVhf/5S8iVoGwHuJ9DcoOaTINlIVhAPTVF9b/mqldTZnCf68c2hgHXSQ/H49VnU
7eabhiqLyr3TX53EtR0P4/OplkYeec890PXfAWjrX7CjINpue2LTO//PzF0jAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUVp34Vu1m9EOC3Tey7NYgBWgLe6cwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMjMyMzAyZTMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC53BcwDQYJKoZIhvcNAQELBQADggEBALINcHL7WBPERv/usn6xrou8BuzOts8N
6TAxIHW7LltOCBeu2D02aV4Opg10exOUmdcJHSjgTUCgTZjEEi/0war1w336E4nl
gNW0NgJO1MvgaC3ih5kJ+tFhvMsmjf+QwXXEjaenizJ1P070TxK8NfU1QspV9Kdr
zhVUChkHuLXZIAf/DlruGyNP6vU1RM9yxOwEHDRxtqNei3V5nKBLstMuefJlFXCo
rspqqSoWmRLrRdI4+qiDLgU+KOFDETtI2SuMnbYwLFRZCcHlV00ZVNobw+ZN0vjg
ecBTZXfnLjVn5z7p7YySWT91j7/7GQSL5pNDYj3m8vJMPQpwaUgFbVI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:36:33 2025 by rpki-client