Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3233372e3134362e302f32332d3234203d3e203437353833.roa
File: 3138352e3233372e3134362e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: Wb66w08Tek59bXZoZ4jMHMi9ZE4utIeep06cCE3wFfw=
Subject key identifier: 33:BF:70:38:40:84:64:2F:23:C8:D5:09:7E:E9:F9:4C:14:7A:DD:14
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 56F39B1401EF48CA70F9E0EC96F2868E41D4272C
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3233372e3134362e302f32332d3234203d3e203437353833.roa
Signing time: Mon 30 Dec 2024 15:41:17 +0000
ROA not before: Mon 30 Dec 2024 15:36:17 +0000
ROA not after: Mon 29 Dec 2025 15:41:17 +0000
asID: 47583
IP address blocks: 185.237.146.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:28:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:f3:9b:14:01:ef:48:ca:70:f9:e0:ec:96:f2:86:8e:41:d4:27:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Dec 30 15:36:17 2024 GMT
Not After : Dec 29 15:41:17 2025 GMT
Subject: CN=33BF70384084642F23C8D5097EE9F94C147ADD14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:17:1e:46:b3:8e:27:81:97:78:3d:ad:0a:8d:
be:83:8d:ca:e7:4e:bc:4c:a5:c0:2a:13:6c:d8:2a:
34:44:61:c2:37:fc:76:23:24:18:37:05:aa:48:83:
02:0d:d1:b1:8f:6e:ef:67:f8:e1:af:df:2d:f8:ce:
b2:30:00:52:42:d6:88:1b:2e:8a:c9:fb:c0:46:0d:
07:00:16:05:9a:9a:f5:17:bc:9d:8a:4c:09:93:95:
f0:ff:f4:8b:96:01:09:24:18:0c:09:be:f8:a8:dd:
26:b6:f6:76:b7:85:7d:dd:fc:2e:c5:90:f8:88:a0:
a5:e9:8a:08:2e:43:50:22:8d:d5:ce:f2:e1:61:f6:
5c:1a:68:da:53:fc:3c:8f:85:6e:27:dc:90:32:4d:
e2:bb:cd:b1:47:6e:fd:9d:71:2d:7c:13:54:0e:cd:
09:b9:d7:c8:35:79:14:72:85:be:52:af:a7:53:77:
36:2f:bc:80:d2:dc:57:c2:8a:a2:a7:3a:a1:b8:b9:
72:39:2f:0c:19:ee:f7:a7:2a:d5:43:1e:28:10:cf:
d3:77:d7:d3:05:cb:05:6c:15:92:83:cc:ac:8c:e6:
56:00:2f:cc:bf:d7:b5:9b:73:42:2f:db:76:06:cf:
7a:c9:37:4c:b6:66:be:d8:18:59:95:14:d0:e1:c2:
57:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:BF:70:38:40:84:64:2F:23:C8:D5:09:7E:E9:F9:4C:14:7A:DD:14
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3233372e3134362e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.146.0/23
Signature Algorithm: sha256WithRSAEncryption
37:af:4b:8a:f1:91:ff:f4:03:67:4f:8e:4d:e2:fb:e4:0a:d6:
69:1c:b2:30:af:76:4f:73:38:89:af:45:d1:11:dd:24:87:42:
b6:65:b7:0a:42:72:25:a4:32:8a:37:6a:39:25:d2:eb:d2:ed:
7e:dc:5a:f6:b3:3c:77:be:a9:e4:fc:41:96:db:5c:5f:f7:1a:
ed:93:69:6c:bd:c8:fc:fe:cf:c2:5e:e8:25:04:62:1d:04:a8:
f8:e4:80:30:20:e1:c3:cd:c9:08:d7:73:b6:e5:4f:65:e2:1a:
5d:e2:e6:cf:f4:80:db:b0:d9:67:78:c2:72:ae:22:f3:82:0d:
75:1d:ad:fd:db:bd:d4:13:b9:51:19:df:b7:27:f5:e6:cc:b2:
42:ad:95:c9:dd:33:d7:0b:87:ef:2e:70:f7:e0:e0:1b:8b:b5:
b5:d9:ed:52:4e:5a:79:62:24:6b:1e:4a:8a:69:fa:be:98:35:
0e:88:ad:5b:72:3e:9b:78:42:a7:01:bd:fe:85:3f:31:e3:cd:
89:55:4e:d9:1a:36:0d:1e:2f:e7:f5:87:41:4e:1b:5c:a3:ba:
c9:a7:27:8a:f4:59:28:5e:36:65:8e:03:48:80:e4:b4:88:02:
98:4a:47:72:7d:7d:7b:a4:69:ab:4e:98:12:3f:ce:96:af:8f:
30:1d:10:a2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVvObFAHvSMpw+eDslvKGjkHUJywwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDEyMzAxNTM2MTdaFw0yNTEyMjkxNTQxMTdaMDMxMTAvBgNV
BAMTKDMzQkY3MDM4NDA4NDY0MkYyM0M4RDUwOTdFRTlGOTRDMTQ3QUREMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBFx5Gs44ngZd4Pa0Kjb6Djcrn
TrxMpcAqE2zYKjREYcI3/HYjJBg3BapIgwIN0bGPbu9n+OGv3y34zrIwAFJC1ogb
LorJ+8BGDQcAFgWamvUXvJ2KTAmTlfD/9IuWAQkkGAwJvvio3Sa29na3hX3d/C7F
kPiIoKXpigguQ1AijdXO8uFh9lwaaNpT/DyPhW4n3JAyTeK7zbFHbv2dcS18E1QO
zQm518g1eRRyhb5Sr6dTdzYvvIDS3FfCiqKnOqG4uXI5LwwZ7venKtVDHigQz9N3
19MFywVsFZKDzKyM5lYAL8y/17Wbc0Iv23YGz3rJN0y2Zr7YGFmVFNDhwlfzAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUM79wOECEZC8jyNUJfun5TBR63RQwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMjMzMzcyZTMx
MzQzNjJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG57ZIwDQYJKoZIhvcNAQELBQADggEBADevS4rxkf/0A2dPjk3i++QK1mkcsjCv
dk9zOImvRdER3SSHQrZltwpCciWkMoo3ajkl0uvS7X7cWvazPHe+qeT8QZbbXF/3
Gu2TaWy9yPz+z8Je6CUEYh0EqPjkgDAg4cPNyQjXc7blT2XiGl3i5s/0gNuw2Wd4
wnKuIvOCDXUdrf3bvdQTuVEZ37cn9ebMskKtlcndM9cLh+8ucPfg4BuLtbXZ7VJO
WnliJGseSopp+r6YNQ6IrVtyPpt4QqcBvf6FPzHjzYlVTtkaNg0eL+f1h0FOG1yj
usmnJ4r0WSheNmWOA0iA5LSIAphKR3J9fXukaatOmBI/zpavjzAdEKI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:38:07 2025 by rpki-client