Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3234332e35392e302f32342d3234203d3e20323034313730.roa
File: 3138352e3234332e35392e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: qceLpxANNMpF8hFXGzvk8VMwIr4Y2TdZmm/BxdoioK8=
Subject key identifier: DC:9C:FD:51:D7:B7:68:8D:6E:9B:71:04:45:87:68:04:15:B9:C1:5E
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 2F90FB09B1F88B61547C18553B6C6C040AB25284
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3234332e35392e302f32342d3234203d3e20323034313730.roa
Signing time: Mon 30 Dec 2024 15:41:20 +0000
ROA not before: Mon 30 Dec 2024 15:36:20 +0000
ROA not after: Mon 29 Dec 2025 15:41:20 +0000
asID: 204170
IP address blocks: 185.243.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:28:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:90:fb:09:b1:f8:8b:61:54:7c:18:55:3b:6c:6c:04:0a:b2:52:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Dec 30 15:36:20 2024 GMT
Not After : Dec 29 15:41:20 2025 GMT
Subject: CN=DC9CFD51D7B7688D6E9B71044587680415B9C15E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c2:d8:96:27:25:15:8e:6c:ac:15:21:da:ce:
5c:36:bc:e1:41:8c:18:e4:37:be:3d:c5:e3:cc:43:
06:77:16:51:7a:b6:f5:86:92:92:93:49:5c:2b:2c:
c7:9b:4e:63:ea:27:53:e9:7e:c7:7d:b2:f9:7b:de:
ac:10:d5:22:d5:bf:07:f9:9f:e6:20:36:1f:25:53:
7a:19:a1:85:8c:ae:84:73:97:c8:6e:e8:3e:e1:38:
ff:3b:29:b2:f5:79:b3:fd:6c:aa:0d:97:79:1b:e0:
cf:4b:94:dc:1a:13:41:07:85:88:c5:69:8f:94:93:
b9:aa:08:cf:b4:35:48:a6:b2:20:43:7d:0c:09:50:
ac:92:76:f1:01:b8:4c:7b:4d:e7:a7:ed:e5:72:f1:
8a:18:a6:b1:16:de:86:39:de:5e:be:af:72:75:9f:
8f:a5:c0:b0:e8:d4:1f:7b:0f:b9:47:29:2e:38:e3:
d8:96:a9:04:9b:ce:4c:f8:51:15:3a:60:e4:44:f6:
d7:11:3a:de:be:58:eb:62:b7:2d:3e:92:60:fd:e8:
da:52:ed:d7:97:89:8d:8a:41:ea:fb:8c:7b:e2:48:
22:a0:2f:8e:9e:c7:ab:c1:09:22:9e:bb:de:27:24:
27:2f:f5:aa:14:99:5d:e5:45:4b:46:43:a7:87:ea:
96:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:9C:FD:51:D7:B7:68:8D:6E:9B:71:04:45:87:68:04:15:B9:C1:5E
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3234332e35392e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.59.0/24
Signature Algorithm: sha256WithRSAEncryption
09:dc:af:4c:11:fb:81:a9:75:5c:65:ad:d0:41:7d:98:0e:c5:
34:73:a0:39:da:ef:71:68:a4:42:4c:b6:80:d4:86:f6:8c:e9:
5e:ac:bf:96:a0:70:03:7c:fa:2c:ae:a8:bd:95:56:87:19:b8:
6c:1b:48:8d:1f:44:b0:63:a3:25:7a:11:c8:91:ad:11:a4:34:
e6:18:07:d0:95:7c:fb:20:de:9a:e3:97:a6:b7:56:81:13:2d:
87:24:2f:5c:fa:3c:22:ca:36:1c:c7:2b:32:90:cf:9d:77:d2:
c8:b9:2b:d9:8d:86:e2:16:ea:b7:e5:e0:a0:57:3c:1f:cc:d7:
9a:1f:be:47:f6:d2:73:4e:9e:a1:23:75:b3:6b:24:52:c1:22:
0f:58:d6:9f:22:20:9c:fc:6c:bf:e0:8a:3a:05:79:65:d3:1a:
f7:5b:13:8d:80:d8:4b:e0:66:84:bf:af:47:54:1f:d9:c9:45:
76:7d:c6:d4:c4:c3:28:2a:2b:22:1b:76:b4:12:d3:8b:f9:93:
c3:f0:7b:17:57:a0:3b:71:f9:ee:7b:9f:3a:f1:30:24:98:02:
bd:94:6e:f7:35:fd:cf:66:ba:81:a7:c0:b0:7c:bc:96:f8:97:
4a:b9:98:01:96:96:f4:de:52:e6:cf:47:fc:79:15:64:a4:09:
30:4a:b3:95
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUL5D7CbH4i2FUfBhVO2xsBAqyUoQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDEyMzAxNTM2MjBaFw0yNTEyMjkxNTQxMjBaMDMxMTAvBgNV
BAMTKERDOUNGRDUxRDdCNzY4OEQ2RTlCNzEwNDQ1ODc2ODA0MTVCOUMxNUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuwtiWJyUVjmysFSHazlw2vOFB
jBjkN749xePMQwZ3FlF6tvWGkpKTSVwrLMebTmPqJ1Ppfsd9svl73qwQ1SLVvwf5
n+YgNh8lU3oZoYWMroRzl8hu6D7hOP87KbL1ebP9bKoNl3kb4M9LlNwaE0EHhYjF
aY+Uk7mqCM+0NUimsiBDfQwJUKySdvEBuEx7Teen7eVy8YoYprEW3oY53l6+r3J1
n4+lwLDo1B97D7lHKS4449iWqQSbzkz4URU6YORE9tcROt6+WOtity0+kmD96NpS
7deXiY2KQer7jHviSCKgL46ex6vBCSKeu94nJCcv9aoUmV3lRUtGQ6eH6pZxAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU3Jz9Ude3aI1um3EERYdoBBW5wV4wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMjM0MzMyZTM1
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzMTM3MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC58zswDQYJKoZIhvcNAQELBQADggEBAAncr0wR+4GpdVxlrdBBfZgOxTRzoDna
73FopEJMtoDUhvaM6V6sv5agcAN8+iyuqL2VVocZuGwbSI0fRLBjoyV6EciRrRGk
NOYYB9CVfPsg3prjl6a3VoETLYckL1z6PCLKNhzHKzKQz5130si5K9mNhuIW6rfl
4KBXPB/M15ofvkf20nNOnqEjdbNrJFLBIg9Y1p8iIJz8bL/gijoFeWXTGvdbE42A
2EvgZoS/r0dUH9nJRXZ9xtTEwygqKyIbdrQS04v5k8PwexdXoDtx+e57nzrxMCSY
Ar2Ubvc1/c9muoGnwLB8vJb4l0q5mAGWlvTeUubPR/x5FWSkCTBKs5U=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:53:49 2025 by rpki-client