Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e39372e3134342e302f32322d3234203d3e203432333636.roa
File: 3138352e39372e3134342e302f32322d3234203d3e203432333636.roa (raw, json)
Hash identifier: B/kXvffVDidKDwt4MkSF16G8+lHHygoMuRs2CIg5Zzk=
Subject key identifier: 25:39:97:4D:BA:F6:E3:D8:ED:00:D2:E9:E5:86:1B:A8:B5:5C:CA:92
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 33526D41D32B74088028C0231F661801C089EF7C
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e39372e3134342e302f32322d3234203d3e203432333636.roa
Signing time: Mon 18 Mar 2024 12:03:13 +0000
ROA not before: Mon 18 Mar 2024 11:58:13 +0000
ROA not after: Mon 17 Mar 2025 12:03:13 +0000
asID: 42366
IP address blocks: 185.97.144.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:52:6d:41:d3:2b:74:08:80:28:c0:23:1f:66:18:01:c0:89:ef:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Mar 18 11:58:13 2024 GMT
Not After : Mar 17 12:03:13 2025 GMT
Subject: CN=2539974DBAF6E3D8ED00D2E9E5861BA8B55CCA92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:54:3d:00:a6:0e:bd:c3:28:2f:7c:ae:f0:37:
2b:75:1c:e9:78:9d:c7:e2:b3:18:12:2b:fd:83:ae:
56:4e:1a:76:1b:14:36:8e:2a:68:36:aa:b7:65:c0:
71:98:39:0a:82:b8:d3:53:2a:ce:27:b7:a2:56:94:
89:40:34:f0:f4:99:5e:43:9a:8e:c3:0e:4a:43:da:
9b:79:2f:4f:87:9f:06:87:4d:f3:1e:57:11:60:0e:
03:fb:ba:09:fb:97:0a:07:f8:a3:c7:6b:5d:de:f9:
b1:e2:4b:fe:c3:21:6f:24:96:8d:5c:05:e7:73:f5:
e0:ca:1a:d7:d8:ab:57:9c:13:e2:84:4a:a2:e0:50:
ea:46:05:13:02:c1:ad:25:c9:be:31:50:81:d5:28:
e6:de:23:45:fd:61:56:1e:36:88:4c:b0:ff:d9:ed:
33:8b:65:22:11:c8:18:54:5c:af:d8:a7:43:d3:fb:
b8:64:2f:b9:f7:e0:16:23:02:9e:42:63:7f:80:70:
ed:03:e3:a1:32:04:97:ff:00:0b:86:b0:36:a9:4b:
4b:cb:71:f5:7f:2e:41:4c:54:43:c8:d2:58:ff:f3:
3c:2d:90:cb:e6:4d:eb:74:dc:07:74:39:c3:8f:25:
ff:57:78:28:64:05:d5:31:3f:03:49:15:9f:5b:22:
74:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:39:97:4D:BA:F6:E3:D8:ED:00:D2:E9:E5:86:1B:A8:B5:5C:CA:92
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e39372e3134342e302f32322d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.144.0/22
Signature Algorithm: sha256WithRSAEncryption
77:9c:95:e4:40:34:16:d7:e3:23:8c:a1:e4:0f:81:73:e4:98:
c1:44:f1:9b:e5:ac:de:e5:75:73:40:6c:aa:56:d6:bc:9d:7e:
81:05:88:a7:b7:b7:25:04:42:7f:9a:50:f3:40:2d:c5:c9:a1:
ce:1b:3e:b0:7d:17:8e:de:cf:ff:eb:88:e4:26:a1:dd:a1:d3:
08:e9:5d:d6:8b:0b:a4:bd:4b:42:1c:4a:3b:bd:67:7d:bb:35:
17:c4:a5:e2:7f:34:26:67:d3:50:6f:6d:9e:b2:cb:bb:fb:88:
c7:42:42:d6:d1:30:b2:d3:da:97:bf:4d:7a:eb:23:2d:e7:27:
df:97:87:6d:28:dd:be:ba:b9:5b:ea:52:3c:db:74:83:3e:26:
f9:fb:fd:42:0c:98:81:ea:ef:df:f6:5c:0c:b0:28:4b:97:15:
52:8f:cc:1c:6f:e7:ce:e1:56:43:f1:9a:f3:ba:b8:4f:ab:c9:
36:c8:7c:da:90:62:7f:84:7c:c4:c9:b0:03:44:36:02:34:ae:
87:57:ff:00:93:2f:6a:da:e8:24:5d:8a:50:f3:48:a3:75:45:
e5:b5:e9:0c:31:ae:97:38:0f:6a:18:3c:9b:c2:ee:e0:2f:ca:
eb:63:09:91:3a:06:8f:c8:1f:d5:16:cc:91:0f:2c:b1:7f:01:
48:2a:27:49
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUM1JtQdMrdAiAKMAjH2YYAcCJ73wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAzMTgxMTU4MTNaFw0yNTAzMTcxMjAzMTNaMDMxMTAvBgNV
BAMTKDI1Mzk5NzREQkFGNkUzRDhFRDAwRDJFOUU1ODYxQkE4QjU1Q0NBOTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlVD0Apg69wygvfK7wNyt1HOl4
ncfisxgSK/2DrlZOGnYbFDaOKmg2qrdlwHGYOQqCuNNTKs4nt6JWlIlANPD0mV5D
mo7DDkpD2pt5L0+HnwaHTfMeVxFgDgP7ugn7lwoH+KPHa13e+bHiS/7DIW8klo1c
Bedz9eDKGtfYq1ecE+KESqLgUOpGBRMCwa0lyb4xUIHVKObeI0X9YVYeNohMsP/Z
7TOLZSIRyBhUXK/Yp0PT+7hkL7n34BYjAp5CY3+AcO0D46EyBJf/AAuGsDapS0vL
cfV/LkFMVEPI0lj/8zwtkMvmTet03Ad0OcOPJf9XeChkBdUxPwNJFZ9bInRBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUJTmXTbr249jtANLp5YYbqLVcypIwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzODM1MmUzOTM3MmUzMTM0
MzQyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNDMyMzMzNjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
uWGQMA0GCSqGSIb3DQEBCwUAA4IBAQB3nJXkQDQW1+MjjKHkD4Fz5JjBRPGb5aze
5XVzQGyqVta8nX6BBYint7clBEJ/mlDzQC3FyaHOGz6wfReO3s//64jkJqHdodMI
6V3WiwukvUtCHEo7vWd9uzUXxKXifzQmZ9NQb22essu7+4jHQkLW0TCy09qXv016
6yMt5yffl4dtKN2+urlb6lI823SDPib5+/1CDJiB6u/f9lwMsChLlxVSj8wcb+fO
4VZD8ZrzurhPq8k2yHzakGJ/hHzEybADRDYCNK6HV/8Aky9q2ugkXYpQ80ijdUXl
tekMMa6XOA9qGDybwu7gL8rrYwmROgaPyB/VFsyRDyyxfwFIKidJ
-----END CERTIFICATE-----
Generated at Sun May 12 14:08:17 2024 by rpki-client on console-fra.rpki-client.org