Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3134372e37382e3132382e302f32342d3234203d3e20313336373837.roa
File: 3134372e37382e3132382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: RrxRb704N3Z4B2ahpEJGGpUpGZK8mhjIW0zXOTCUvF4=
Subject key identifier: 0A:BC:81:75:D2:EA:F3:4F:1D:2E:EE:A6:18:CE:5E:15:87:4F:67:9F
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 4B29C0659392F613207DD584F4DC7C4F7A49BAF2
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3134372e37382e3132382e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 31 Oct 2024 14:05:24 +0000
ROA not before: Thu 31 Oct 2024 14:00:24 +0000
ROA not after: Thu 30 Oct 2025 14:05:24 +0000
asID: 136787
IP address blocks: 147.78.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:29:c0:65:93:92:f6:13:20:7d:d5:84:f4:dc:7c:4f:7a:49:ba:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Oct 31 14:00:24 2024 GMT
Not After : Oct 30 14:05:24 2025 GMT
Subject: CN=0ABC8175D2EAF34F1D2EEEA618CE5E15874F679F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:19:37:eb:df:68:7f:0f:70:6a:44:2a:a5:b7:
26:78:a3:c8:da:1d:0f:d5:48:c4:a3:c0:4d:7f:6b:
43:b8:f6:fc:cb:59:02:60:9d:25:42:4b:3d:6d:b6:
b5:28:bd:41:3b:a3:16:bc:c5:cb:3d:a0:4e:f2:69:
af:93:57:eb:4b:10:74:14:74:5c:45:5b:92:84:b2:
7f:da:1e:08:f8:0d:74:5d:72:53:ca:c9:97:49:be:
fc:1c:6f:5d:c6:a3:62:ad:0b:6d:0b:bb:16:c4:6a:
72:a0:f2:66:a2:c9:c2:19:fd:e1:4e:7c:0d:77:b3:
19:c5:a9:0c:bf:d4:71:ce:4e:eb:41:2f:2b:d8:16:
78:fd:ac:20:cb:6c:3d:27:e4:50:42:d0:02:5c:ee:
87:a3:b1:bb:d5:d6:10:5a:6c:95:ab:7a:c2:8d:0b:
88:2c:7b:dc:cd:c6:40:e3:40:33:a2:ba:f9:9d:25:
26:eb:2f:92:42:d5:84:60:91:75:2a:70:e7:de:54:
20:32:2a:89:14:02:fe:12:3c:61:c3:61:9d:cf:75:
e2:55:02:01:5a:8a:16:11:e7:f7:2a:f6:bd:68:6d:
aa:58:4f:28:0a:70:f3:85:58:9f:cd:69:76:fd:7b:
0c:6c:0c:04:9f:68:c7:b5:14:5d:1a:8f:e2:84:63:
e5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:BC:81:75:D2:EA:F3:4F:1D:2E:EE:A6:18:CE:5E:15:87:4F:67:9F
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3134372e37382e3132382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.128.0/24
Signature Algorithm: sha256WithRSAEncryption
13:7f:6f:92:5b:35:4a:de:df:3f:f8:10:b5:20:90:c7:d3:32:
ad:d7:ed:13:a0:01:70:87:a8:3b:52:3d:5b:c5:52:57:4d:a3:
1a:12:9f:3f:11:23:f4:3c:a6:ab:fb:db:02:4a:b5:cd:35:d6:
07:e7:cd:3b:a0:f7:a9:e0:74:63:1c:42:1c:61:5f:d8:3c:41:
c4:89:bc:44:43:a8:81:30:90:79:f0:c3:10:fd:0c:ac:f2:e8:
2f:e4:c9:fd:c2:c8:e3:6f:ae:4b:d0:9a:66:bd:ff:7c:0c:d5:
d2:6c:ff:c3:db:1c:67:52:a0:01:20:b1:99:a8:08:ae:da:5b:
f0:57:ae:1b:32:bd:c2:46:2c:92:a9:1e:cf:aa:a0:73:92:7e:
ae:72:b5:d5:e7:50:23:6e:ad:e9:81:9f:a6:97:32:8d:4f:58:
64:fc:93:48:3e:fc:d3:aa:dc:88:95:09:3e:19:5e:28:e2:fc:
67:a7:67:6b:21:1a:f6:27:f6:93:3b:25:21:4b:48:90:a2:32:
7e:c9:ff:21:2f:4e:d8:91:20:76:af:b4:be:25:a2:16:1d:21:
34:80:68:bb:20:5b:c1:59:8c:aa:38:35:05:bf:2d:f7:90:3b:
12:5c:6d:7f:56:e9:6a:d7:eb:d5:c2:42:a5:b5:e7:d0:64:a0:
bc:aa:36:5d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSynAZZOS9hMgfdWE9Nx8T3pJuvIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDEwMzExNDAwMjRaFw0yNTEwMzAxNDA1MjRaMDMxMTAvBgNV
BAMTKDBBQkM4MTc1RDJFQUYzNEYxRDJFRUVBNjE4Q0U1RTE1ODc0RjY3OUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGGTfr32h/D3BqRCqltyZ4o8ja
HQ/VSMSjwE1/a0O49vzLWQJgnSVCSz1ttrUovUE7oxa8xcs9oE7yaa+TV+tLEHQU
dFxFW5KEsn/aHgj4DXRdclPKyZdJvvwcb13Go2KtC20LuxbEanKg8maiycIZ/eFO
fA13sxnFqQy/1HHOTutBLyvYFnj9rCDLbD0n5FBC0AJc7oejsbvV1hBabJWresKN
C4gse9zNxkDjQDOiuvmdJSbrL5JC1YRgkXUqcOfeVCAyKokUAv4SPGHDYZ3PdeJV
AgFaihYR5/cq9r1obapYTygKcPOFWJ/NaXb9ewxsDASfaMe1FF0aj+KEY+UjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUCryBddLq808dLu6mGM5eFYdPZ58wHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzNDM3MmUzNzM4MmUzMTMy
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACTToAwDQYJKoZIhvcNAQELBQADggEBABN/b5JbNUre3z/4ELUgkMfTMq3X7ROg
AXCHqDtSPVvFUldNoxoSnz8RI/Q8pqv72wJKtc011gfnzTug96ngdGMcQhxhX9g8
QcSJvERDqIEwkHnwwxD9DKzy6C/kyf3CyONvrkvQmma9/3wM1dJs/8PbHGdSoAEg
sZmoCK7aW/BXrhsyvcJGLJKpHs+qoHOSfq5ytdXnUCNuremBn6aXMo1PWGT8k0g+
/NOq3IiVCT4ZXiji/GenZ2shGvYn9pM7JSFLSJCiMn7J/yEvTtiRIHavtL4lohYd
ITSAaLsgW8FZjKo4NQW/LfeQOxJcbX9W6WrX69XCQqW159BkoLyqNl0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org