Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3234352e3235352e302f32342d3234203d3e20313336373837.roa
File: 3138352e3234352e3235352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: J9+0PwZz+jyNOSvQ40ARC+dNB81035uuSVMe7L6TRZA=
Subject key identifier: E2:72:10:CE:90:2E:2C:03:0E:52:78:85:0E:11:44:86:28:B5:13:48
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 35AB4F178C11C26C4E36D1E38558864C7707213F
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3234352e3235352e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 30 Dec 2024 15:41:16 +0000
ROA not before: Mon 30 Dec 2024 15:36:16 +0000
ROA not after: Mon 29 Dec 2025 15:41:16 +0000
asID: 136787
IP address blocks: 185.245.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:28:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:ab:4f:17:8c:11:c2:6c:4e:36:d1:e3:85:58:86:4c:77:07:21:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Dec 30 15:36:16 2024 GMT
Not After : Dec 29 15:41:16 2025 GMT
Subject: CN=E27210CE902E2C030E5278850E11448628B51348
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:63:ce:81:b3:0a:41:03:48:21:44:3b:6f:0c:
8c:24:6e:76:e4:96:da:e5:b7:10:f9:f7:ad:74:12:
6b:3e:d6:05:1f:72:da:07:22:29:67:ea:39:54:4e:
74:61:a3:b2:72:76:cf:82:bb:44:09:82:07:9d:46:
a7:95:a5:a0:af:5a:a7:b2:b1:84:1e:3b:e8:0e:a3:
c6:e5:3d:86:60:2d:28:c5:d1:5c:01:39:63:05:84:
40:7f:58:72:1d:2b:49:d9:73:85:9c:59:18:51:fc:
7b:8e:52:25:1a:d8:85:6e:f7:b4:db:74:72:bf:15:
8b:69:fb:46:0d:08:00:1b:23:76:63:cd:61:10:65:
94:16:c6:d1:ae:e0:9c:bb:a5:80:12:25:0b:ba:d8:
42:f7:0f:55:cc:66:87:c3:63:57:9d:9b:68:e2:00:
6b:d6:f0:1c:9e:d0:a5:d8:32:5b:50:3f:96:cf:56:
af:74:a2:22:cd:f9:ef:64:8c:c0:bc:ea:b8:e4:c2:
37:00:2b:22:4e:24:3b:bb:e7:52:5a:33:50:86:dd:
a8:8a:ba:5a:d4:f8:df:ba:03:74:5f:9d:14:dc:74:
a2:c4:f5:ca:da:99:fa:8a:30:02:c0:bf:b1:9f:ab:
83:dc:24:3a:e1:5b:00:18:09:9d:ba:ee:53:46:d5:
48:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:72:10:CE:90:2E:2C:03:0E:52:78:85:0E:11:44:86:28:B5:13:48
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3234352e3235352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.255.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:61:0c:c8:97:5b:ab:c5:8e:8a:fd:31:1d:de:54:59:d9:da:
ff:c8:ea:91:57:a5:4a:05:47:05:c7:b2:9f:08:58:10:09:8d:
9a:0c:91:15:18:95:ce:ce:52:35:54:3b:bc:a7:06:1e:f4:e2:
a0:92:93:dd:66:26:f7:49:ed:5a:f0:00:51:34:17:4b:fa:9e:
db:10:e4:39:e3:e2:08:16:f9:89:61:85:e3:85:a5:80:51:2f:
4f:4c:31:cb:fc:26:27:c6:8d:38:fc:06:3e:6e:48:ac:a2:71:
42:95:4a:7c:2e:c9:d5:16:91:83:dc:28:5b:8d:74:28:66:bf:
86:8a:e9:86:42:54:59:cd:88:38:df:f1:57:3c:0c:eb:f1:64:
39:a8:1d:a5:87:69:f6:45:f9:fc:99:63:47:17:5d:fd:bd:2a:
78:93:62:c6:cd:ad:43:bc:56:20:f3:5e:f1:40:68:90:f5:a8:
ed:15:95:e0:a2:99:93:d4:3e:31:d6:bc:6c:38:a2:16:7c:16:
94:57:8e:61:12:59:ae:97:74:61:4f:6f:ae:64:c8:7c:94:b7:
89:3a:d6:1a:29:fc:1c:a8:d1:d1:16:a8:df:5a:66:76:76:c6:
99:f6:f3:bf:ff:0a:30:99:f5:d2:ad:14:f6:51:54:6c:4b:17:
10:6f:b6:01
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUNatPF4wRwmxONtHjhViGTHcHIT8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDEyMzAxNTM2MTZaFw0yNTEyMjkxNTQxMTZaMDMxMTAvBgNV
BAMTKEUyNzIxMENFOTAyRTJDMDMwRTUyNzg4NTBFMTE0NDg2MjhCNTEzNDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVY86BswpBA0ghRDtvDIwkbnbk
ltrltxD59610Ems+1gUfctoHIiln6jlUTnRho7Jyds+Cu0QJggedRqeVpaCvWqey
sYQeO+gOo8blPYZgLSjF0VwBOWMFhEB/WHIdK0nZc4WcWRhR/HuOUiUa2IVu97Tb
dHK/FYtp+0YNCAAbI3ZjzWEQZZQWxtGu4Jy7pYASJQu62EL3D1XMZofDY1edm2ji
AGvW8Bye0KXYMltQP5bPVq90oiLN+e9kjMC86rjkwjcAKyJOJDu751JaM1CG3aiK
ulrU+N+6A3RfnRTcdKLE9cramfqKMALAv7Gfq4PcJDrhWwAYCZ267lNG1UhXAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU4nIQzpAuLAMOUniFDhFEhii1E0gwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMjM0MzUyZTMy
MzUzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALn1/zANBgkqhkiG9w0BAQsFAAOCAQEAnWEMyJdbq8WOiv0xHd5UWdna/8jq
kVelSgVHBceynwhYEAmNmgyRFRiVzs5SNVQ7vKcGHvTioJKT3WYm90ntWvAAUTQX
S/qe2xDkOePiCBb5iWGF44WlgFEvT0wxy/wmJ8aNOPwGPm5IrKJxQpVKfC7J1RaR
g9woW410KGa/horphkJUWc2ION/xVzwM6/FkOagdpYdp9kX5/JljRxdd/b0qeJNi
xs2tQ7xWIPNe8UBokPWo7RWV4KKZk9Q+Mda8bDiiFnwWlFeOYRJZrpd0YU9vrmTI
fJS3iTrWGin8HKjR0Rao31pmdnbGmfbzv/8KMJn10q0U9lFUbEsXEG+2AQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:04:14 2025 by rpki-client