Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3233322e31352e302f32342d3234203d3e20323034313730.roa
File: 3138352e3233322e31352e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: WDeGK40E182+M/gawxPCDc7dk8C0XQ1DnMVIEtLeMjI=
Subject key identifier: 65:88:C8:D7:AC:64:82:27:EF:2D:48:82:45:2A:1E:7A:46:4C:F0:4A
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 4D644C1D2207E20BDA60A7289AF00FCFF2A40B25
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3233322e31352e302f32342d3234203d3e20323034313730.roa
Signing time: Mon 30 Dec 2024 15:41:21 +0000
ROA not before: Mon 30 Dec 2024 15:36:21 +0000
ROA not after: Mon 29 Dec 2025 15:41:21 +0000
asID: 204170
IP address blocks: 185.232.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 14:13:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:64:4c:1d:22:07:e2:0b:da:60:a7:28:9a:f0:0f:cf:f2:a4:0b:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Dec 30 15:36:21 2024 GMT
Not After : Dec 29 15:41:21 2025 GMT
Subject: CN=6588C8D7AC648227EF2D4882452A1E7A464CF04A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:93:8b:5f:db:98:93:60:fb:c8:81:b3:3e:fa:
c4:88:05:60:81:2f:61:87:d8:ea:9f:46:30:ff:12:
c4:2b:d8:25:26:00:8c:c0:cc:b6:93:6e:ee:e1:73:
fd:b1:03:eb:42:f8:ec:fe:02:75:1d:c2:fa:b3:3b:
53:a0:97:02:03:f2:c4:ff:53:88:f2:3d:58:0f:7c:
e4:31:7b:e3:89:d0:63:bc:41:9e:b9:9f:fc:a5:6b:
66:7d:71:4c:61:ed:64:ea:c8:c1:ac:51:dc:15:b0:
12:dc:a5:75:7e:ec:f1:f3:a7:0d:04:6e:ad:e1:36:
6a:9e:a5:36:1f:13:47:80:e9:e7:ea:46:e9:75:fa:
01:84:02:01:32:60:ea:43:3a:53:12:2b:58:4c:c8:
0d:b6:1d:48:c7:37:de:23:5c:ba:00:d7:32:40:b2:
7f:c2:8d:44:6b:e3:04:c0:10:a8:5b:26:a7:1f:46:
d0:2f:d4:cb:5c:21:89:54:8d:2c:0d:0e:22:b9:f3:
26:bd:6b:e0:9d:30:71:72:55:ce:09:d6:f0:ab:35:
ea:d5:d9:51:c9:a6:83:e4:2c:b1:2e:83:28:e9:31:
22:cc:b4:56:0f:c3:e5:00:22:7b:3c:5a:ff:a6:e0:
b1:3e:0f:41:7d:67:cb:53:7a:b7:3e:a2:89:d9:f5:
dc:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:88:C8:D7:AC:64:82:27:EF:2D:48:82:45:2A:1E:7A:46:4C:F0:4A
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3233322e31352e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.15.0/24
Signature Algorithm: sha256WithRSAEncryption
50:b1:5f:1d:0e:35:a2:c7:1d:b5:36:0a:ef:04:e9:e3:5b:9c:
fc:6e:8d:99:a1:da:3d:4f:c0:59:ce:cd:cb:f5:70:ff:01:ad:
96:6a:f0:d8:0d:39:07:72:ea:a1:88:85:b6:c9:2c:32:1d:d2:
0a:6f:c6:07:47:06:b0:71:3c:dd:be:1d:05:b4:3c:a6:8c:66:
40:3e:f8:0f:56:77:6e:5a:02:09:24:0d:4f:84:40:07:8e:36:
07:65:08:57:70:fe:15:34:c9:aa:a8:eb:6b:53:47:91:0c:f9:
f1:1b:df:ac:2f:be:5f:0b:c9:68:b9:5e:1e:fb:2e:6b:05:12:
3f:79:ce:25:61:85:08:e6:06:0a:60:28:af:26:34:69:d5:1c:
4c:8f:0e:d2:5f:d9:7d:f4:d7:94:d6:13:c8:3b:8d:c2:cf:7d:
7a:1b:ce:8a:c6:93:b2:5d:69:b2:21:32:14:52:35:eb:81:25:
ba:8e:64:23:a9:5f:5c:a0:4b:db:f1:e9:37:b0:de:ef:3e:01:
9f:2a:fa:6d:2a:a4:62:bd:58:c0:ac:1b:0d:08:cb:f8:11:f1:
af:1c:ba:64:f7:1c:e7:d9:c0:86:91:41:96:71:0c:b1:b9:f9:
e6:de:9c:68:30:fe:2e:05:b3:97:e5:98:06:e3:b0:c6:81:27:
bb:06:21:c6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTWRMHSIH4gvaYKcomvAPz/KkCyUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDEyMzAxNTM2MjFaFw0yNTEyMjkxNTQxMjFaMDMxMTAvBgNV
BAMTKDY1ODhDOEQ3QUM2NDgyMjdFRjJENDg4MjQ1MkExRTdBNDY0Q0YwNEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCek4tf25iTYPvIgbM++sSIBWCB
L2GH2OqfRjD/EsQr2CUmAIzAzLaTbu7hc/2xA+tC+Oz+AnUdwvqzO1OglwID8sT/
U4jyPVgPfOQxe+OJ0GO8QZ65n/yla2Z9cUxh7WTqyMGsUdwVsBLcpXV+7PHzpw0E
bq3hNmqepTYfE0eA6efqRul1+gGEAgEyYOpDOlMSK1hMyA22HUjHN94jXLoA1zJA
sn/CjURr4wTAEKhbJqcfRtAv1MtcIYlUjSwNDiK58ya9a+CdMHFyVc4J1vCrNerV
2VHJpoPkLLEugyjpMSLMtFYPw+UAIns8Wv+m4LE+D0F9Z8tTerc+oonZ9dwtAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUZYjI16xkgifvLUiCRSoeekZM8EowHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMjMzMzIyZTMx
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzMTM3MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC56A8wDQYJKoZIhvcNAQELBQADggEBAFCxXx0ONaLHHbU2Cu8E6eNbnPxujZmh
2j1PwFnOzcv1cP8BrZZq8NgNOQdy6qGIhbbJLDId0gpvxgdHBrBxPN2+HQW0PKaM
ZkA++A9Wd25aAgkkDU+EQAeONgdlCFdw/hU0yaqo62tTR5EM+fEb36wvvl8LyWi5
Xh77LmsFEj95ziVhhQjmBgpgKK8mNGnVHEyPDtJf2X3015TWE8g7jcLPfXobzorG
k7JdabIhMhRSNeuBJbqOZCOpX1ygS9vx6Tew3u8+AZ8q+m0qpGK9WMCsGw0Iy/gR
8a8cumT3HOfZwIaRQZZxDLG5+ebenGgw/i4Fs5flmAbjsMaBJ7sGIcY=
-----END CERTIFICATE-----
Generated at Wed Apr 9 17:07:40 2025 by rpki-client