Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3234352e3235342e302f32342d3234203d3e20323034313730.roa
File: 3138352e3234352e3235342e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: nuMN9H58DR+mUuYDA/NddL1HA0viz4UofbuRYRdg6Co=
Subject key identifier: 2C:09:BE:A4:05:7E:63:F2:97:BD:CB:65:CD:B5:EA:C1:E5:A9:10:10
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 4ADBEB846E82D13FCFFA88CAB2D1914CD7F2D443
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3234352e3235342e302f32342d3234203d3e20323034313730.roa
Signing time: Mon 30 Dec 2024 15:41:20 +0000
ROA not before: Mon 30 Dec 2024 15:36:20 +0000
ROA not after: Mon 29 Dec 2025 15:41:20 +0000
asID: 204170
IP address blocks: 185.245.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:28:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:db:eb:84:6e:82:d1:3f:cf:fa:88:ca:b2:d1:91:4c:d7:f2:d4:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Dec 30 15:36:20 2024 GMT
Not After : Dec 29 15:41:20 2025 GMT
Subject: CN=2C09BEA4057E63F297BDCB65CDB5EAC1E5A91010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a3:88:1f:8c:5c:2e:e8:f9:22:d0:89:5b:7e:
4e:29:05:08:68:a3:1e:51:f1:4b:41:87:4d:84:36:
a0:c1:6e:6d:d4:ac:06:93:81:87:df:e7:4a:87:e4:
9d:9d:ce:c2:ec:5f:75:6c:5a:4d:d5:87:cd:bd:05:
00:fb:05:49:1c:db:f4:3e:39:32:f1:c1:82:61:51:
05:05:56:dc:4a:10:0b:21:dd:aa:6c:bf:e8:ec:b9:
7e:67:2a:43:35:ea:af:47:5c:a5:8b:9a:98:d5:6e:
15:bf:fc:ef:49:47:c4:7f:a4:41:61:bc:4e:f9:f2:
1e:ec:a6:8a:5c:b6:38:d8:9f:98:79:7a:06:5e:96:
53:f6:31:30:92:0d:12:fe:e9:39:13:e9:a8:c5:d5:
7f:cb:71:dd:55:eb:b8:30:23:17:d2:b8:5f:29:77:
6e:4b:9e:68:96:0c:c3:b7:60:77:1e:b0:07:f5:73:
f8:5d:85:9c:fb:b7:95:93:23:e2:34:cd:91:21:d2:
1a:54:c2:a4:a7:81:64:ee:f3:78:cd:c6:72:16:15:
0d:46:df:ce:8c:61:ba:29:a1:ea:2e:6e:b7:d9:ba:
42:f8:58:26:a7:62:bf:3f:63:93:6e:ed:3f:b6:33:
dd:b2:e4:18:ba:08:55:8a:b2:3d:43:41:63:ac:16:
1d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:09:BE:A4:05:7E:63:F2:97:BD:CB:65:CD:B5:EA:C1:E5:A9:10:10
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3234352e3235342e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.254.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:21:f2:2f:bf:b4:fa:46:ca:0a:6c:f8:47:a6:05:51:6d:27:
a4:ae:0c:b2:f0:48:a7:1e:78:76:1c:55:a1:c7:ce:38:56:66:
cb:9d:d8:7d:06:ba:99:75:ca:5f:f8:9b:18:fa:6f:30:18:74:
b7:ec:4e:d0:eb:75:ad:73:b8:b9:be:04:64:3d:a2:a4:e1:77:
e1:c4:d9:80:bc:9a:c1:18:22:86:01:0e:2b:c4:c5:8f:c9:85:
a7:64:d4:45:09:4a:f7:59:cf:6b:4b:f6:12:31:5e:6f:00:d7:
52:b0:fa:64:4f:c2:2a:b3:48:8e:d1:95:fe:40:ad:09:cd:e6:
4a:0e:9d:15:2e:19:af:5a:cf:e9:ae:3c:36:d0:2a:e4:e8:66:
cd:72:18:77:10:bc:58:ad:76:c0:b6:ba:20:38:e5:ca:d7:6e:
cc:22:68:6e:59:87:20:c7:ab:3f:e5:1b:e0:1e:a7:d5:47:91:
8f:40:ef:91:18:2f:1a:06:59:9d:a8:9e:0b:30:58:f9:f3:27:
38:95:c0:20:4f:d1:43:3a:54:98:f2:5b:5c:e4:39:fb:40:a3:
be:25:b3:74:94:b0:c4:b7:f3:8a:f0:c4:8b:37:99:55:68:a5:
93:34:df:56:78:bf:d1:0f:18:ac:c0:e8:49:79:18:df:73:d1:
e9:20:24:a5
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUStvrhG6C0T/P+ojKstGRTNfy1EMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDEyMzAxNTM2MjBaFw0yNTEyMjkxNTQxMjBaMDMxMTAvBgNV
BAMTKDJDMDlCRUE0MDU3RTYzRjI5N0JEQ0I2NUNEQjVFQUMxRTVBOTEwMTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHo4gfjFwu6Pki0Ilbfk4pBQho
ox5R8UtBh02ENqDBbm3UrAaTgYff50qH5J2dzsLsX3VsWk3Vh829BQD7BUkc2/Q+
OTLxwYJhUQUFVtxKEAsh3apsv+jsuX5nKkM16q9HXKWLmpjVbhW//O9JR8R/pEFh
vE758h7spopctjjYn5h5egZellP2MTCSDRL+6TkT6ajF1X/Lcd1V67gwIxfSuF8p
d25LnmiWDMO3YHcesAf1c/hdhZz7t5WTI+I0zZEh0hpUwqSngWTu83jNxnIWFQ1G
386MYbopoeoubrfZukL4WCanYr8/Y5Nu7T+2M92y5Bi6CFWKsj1DQWOsFh0VAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQULAm+pAV+Y/KXvctlzbXqweWpEBAwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMjM0MzUyZTMy
MzUzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALn1/jANBgkqhkiG9w0BAQsFAAOCAQEAjSHyL7+0+kbKCmz4R6YFUW0npK4M
svBIpx54dhxVocfOOFZmy53YfQa6mXXKX/ibGPpvMBh0t+xO0Ot1rXO4ub4EZD2i
pOF34cTZgLyawRgihgEOK8TFj8mFp2TURQlK91nPa0v2EjFebwDXUrD6ZE/CKrNI
jtGV/kCtCc3mSg6dFS4Zr1rP6a48NtAq5OhmzXIYdxC8WK12wLa6IDjlytduzCJo
blmHIMerP+Ub4B6n1UeRj0DvkRgvGgZZnaieCzBY+fMnOJXAIE/RQzpUmPJbXOQ5
+0CjviWzdJSwxLfzivDEizeZVWilkzTfVni/0Q8YrMDoSXkY33PR6SAkpQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:51:10 2025 by rpki-client