Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3234332e35372e302f32342d3234203d3e20313336373837.roa
File: 3138352e3234332e35372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: +RNoXCKsrdde/MSPqDh4xq4rMZrC+m/B7KNAzLMEdjk=
Subject key identifier: 2F:6A:49:3F:29:3F:75:BD:75:0F:A7:43:D7:4E:99:90:7B:39:1A:34
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 58A7645D2701FEC09F4D41555248AF85B0023ACA
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3234332e35372e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 30 Dec 2024 15:41:16 +0000
ROA not before: Mon 30 Dec 2024 15:36:16 +0000
ROA not after: Mon 29 Dec 2025 15:41:16 +0000
asID: 136787
IP address blocks: 185.243.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:28:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:a7:64:5d:27:01:fe:c0:9f:4d:41:55:52:48:af:85:b0:02:3a:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Dec 30 15:36:16 2024 GMT
Not After : Dec 29 15:41:16 2025 GMT
Subject: CN=2F6A493F293F75BD750FA743D74E99907B391A34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:63:46:fc:80:1e:f1:b7:59:e7:91:8e:21:c6:
9c:3e:59:40:75:08:c3:02:d1:77:ea:b4:58:58:71:
85:46:6d:c7:a6:05:4e:3b:a3:a6:d8:e2:da:86:2a:
94:f6:04:08:ce:6f:ba:6f:50:b1:d2:24:ee:64:e7:
b8:6b:fd:16:9a:f7:10:39:55:79:88:62:3d:c5:aa:
02:c7:1d:58:66:76:f5:30:2e:ef:f8:b8:f7:f9:c8:
5c:94:c0:ee:8d:6c:c2:1f:50:c0:c2:8c:5b:8c:f7:
d2:9e:9f:34:35:00:c9:fa:4e:6d:eb:5d:f6:d3:02:
3a:6b:eb:c4:37:c5:b4:29:9c:a6:a8:d2:72:23:2e:
b0:93:d3:18:81:eb:6a:de:1f:96:62:fa:f7:09:17:
50:42:3d:a7:41:ba:90:88:3a:42:71:ca:9e:15:d3:
e8:f5:ac:37:0f:37:ea:3c:2e:81:ba:bf:3b:ae:e6:
99:4f:fc:e5:ee:9a:1c:ac:e6:9f:e7:20:31:f5:1b:
5f:49:2b:63:a6:a1:7c:8f:17:92:9e:97:17:60:01:
ce:10:82:77:b1:bb:8b:bf:08:a3:6f:d8:3c:57:66:
1a:d3:83:3c:3d:56:db:27:85:7c:72:d2:b8:41:de:
4a:91:07:2f:af:17:23:5c:5a:b4:a7:38:42:49:dc:
02:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:6A:49:3F:29:3F:75:BD:75:0F:A7:43:D7:4E:99:90:7B:39:1A:34
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3234332e35372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.57.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:7e:5d:28:14:86:5d:86:7a:3e:e8:cf:30:d7:94:11:2f:3c:
63:5a:96:1e:46:4c:2a:ab:5c:90:2c:96:aa:1b:94:03:a3:12:
c9:51:2f:22:3b:e6:c1:0e:60:07:20:f1:9a:de:8e:a5:d0:31:
0c:b3:63:ac:7b:84:cf:1c:a8:14:11:37:cb:9c:81:46:0b:ec:
62:79:2e:d1:de:cb:5c:77:3d:99:a5:34:85:68:e2:26:00:c4:
1b:28:41:5f:90:c9:7c:30:e3:e9:fa:97:18:2b:be:85:f7:8b:
22:ca:08:a4:9f:73:f8:68:f2:46:65:e9:a6:71:59:b3:5c:a2:
85:9d:10:d9:98:3a:37:15:cd:6f:fc:d4:f5:a6:f2:ce:24:03:
4a:c4:f8:54:e7:1f:6b:61:3c:39:da:eb:1d:6f:d9:9e:cb:79:
95:c8:df:83:5c:c5:c7:d2:30:2b:fc:1f:eb:54:84:e4:0d:59:
e1:fc:f0:ab:a6:07:e9:ea:86:9d:5e:f0:1b:0c:90:94:50:fc:
8f:c8:71:40:b6:f0:13:6a:70:8f:98:7d:f4:cd:72:1f:b9:53:
75:0e:75:6c:3a:d3:10:29:84:15:29:f7:f0:6b:fa:5a:0d:c6:
bd:f2:e4:1b:16:db:c7:06:f2:d4:45:47:8b:cb:51:e6:6c:4c:
47:e6:21:81
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUWKdkXScB/sCfTUFVUkivhbACOsowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDEyMzAxNTM2MTZaFw0yNTEyMjkxNTQxMTZaMDMxMTAvBgNV
BAMTKDJGNkE0OTNGMjkzRjc1QkQ3NTBGQTc0M0Q3NEU5OTkwN0IzOTFBMzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuY0b8gB7xt1nnkY4hxpw+WUB1
CMMC0XfqtFhYcYVGbcemBU47o6bY4tqGKpT2BAjOb7pvULHSJO5k57hr/Raa9xA5
VXmIYj3FqgLHHVhmdvUwLu/4uPf5yFyUwO6NbMIfUMDCjFuM99KenzQ1AMn6Tm3r
XfbTAjpr68Q3xbQpnKao0nIjLrCT0xiB62reH5Zi+vcJF1BCPadBupCIOkJxyp4V
0+j1rDcPN+o8LoG6vzuu5plP/OXumhys5p/nIDH1G19JK2OmoXyPF5KelxdgAc4Q
gnexu4u/CKNv2DxXZhrTgzw9VtsnhXxy0rhB3kqRBy+vFyNcWrSnOEJJ3AKdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUL2pJPyk/db11D6dD106ZkHs5GjQwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMjM0MzMyZTM1
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC58zkwDQYJKoZIhvcNAQELBQADggEBALF+XSgUhl2Gej7ozzDXlBEvPGNalh5G
TCqrXJAslqoblAOjEslRLyI75sEOYAcg8ZrejqXQMQyzY6x7hM8cqBQRN8ucgUYL
7GJ5LtHey1x3PZmlNIVo4iYAxBsoQV+QyXww4+n6lxgrvoX3iyLKCKSfc/ho8kZl
6aZxWbNcooWdENmYOjcVzW/81PWm8s4kA0rE+FTnH2thPDna6x1v2Z7LeZXI34Nc
xcfSMCv8H+tUhOQNWeH88KumB+nqhp1e8BsMkJRQ/I/IcUC28BNqcI+YffTNch+5
U3UOdWw60xAphBUp9/Br+loNxr3y5BsW28cG8tRFR4vLUeZsTEfmIYE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:48:15 2025 by rpki-client