Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e39372e3134362e302f32332d3234203d3e203437353833.roa
File: 3138352e39372e3134362e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: ntAMLxSaYr42k5F8BiU41F7j7DhnkJrW7nBNYV8mUYM=
Subject key identifier: 65:52:57:45:A3:E2:92:E1:2D:42:3F:BA:C9:49:10:CF:93:7C:96:0E
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 4717749D93CA09F335726108D3668B71BB19DF66
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e39372e3134362e302f32332d3234203d3e203437353833.roa
Signing time: Thu 13 Jun 2024 10:41:30 +0000
ROA not before: Thu 13 Jun 2024 10:36:30 +0000
ROA not after: Thu 12 Jun 2025 10:41:30 +0000
asID: 47583
IP address blocks: 185.97.146.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:17:74:9d:93:ca:09:f3:35:72:61:08:d3:66:8b:71:bb:19:df:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Jun 13 10:36:30 2024 GMT
Not After : Jun 12 10:41:30 2025 GMT
Subject: CN=65525745A3E292E12D423FBAC94910CF937C960E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:41:49:b6:6c:af:9e:ac:1e:fa:02:cf:8f:d0:
d3:6d:97:8d:ed:84:4a:b1:76:b7:8e:db:0f:5d:61:
e1:1f:ba:a3:bc:62:cf:1a:de:5f:ed:66:99:75:b3:
a9:d7:ef:5b:52:ef:b7:be:3d:91:f2:f7:3f:b1:4a:
03:9e:44:c2:db:91:46:2a:27:ab:ef:22:38:66:bc:
93:49:2c:89:f3:ea:5e:bf:47:08:b4:ef:16:dd:d7:
48:5b:90:58:64:5e:06:5c:f9:7b:35:58:cb:ee:e6:
8d:e9:12:90:b1:48:4e:dd:22:45:69:0c:28:37:5b:
c8:93:86:d3:98:a4:b7:1d:d7:a8:96:0b:bf:70:16:
c9:0f:53:19:3f:06:0b:5b:8a:90:2a:9a:b2:dd:11:
0f:d8:1d:3e:0a:5c:f2:14:49:6d:e4:ec:cf:fe:14:
73:f4:4e:2e:31:3e:ad:eb:2e:81:42:8b:3b:be:68:
fe:f9:53:66:b5:0b:ae:bb:67:63:33:f0:a4:41:be:
d7:69:ed:23:f2:db:64:98:37:12:42:af:de:23:77:
9f:11:9e:9d:b1:eb:c2:34:16:38:ad:c7:21:6a:27:
02:de:01:89:c9:46:54:8b:88:fe:d0:56:d2:ac:47:
cb:f7:3e:cf:21:fc:96:65:36:4b:43:a5:7a:01:e7:
48:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:52:57:45:A3:E2:92:E1:2D:42:3F:BA:C9:49:10:CF:93:7C:96:0E
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e39372e3134362e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.146.0/23
Signature Algorithm: sha256WithRSAEncryption
72:29:f8:7b:73:db:c7:8f:c0:24:00:06:91:1f:42:9b:6f:dd:
4d:3c:7b:1a:d9:45:8d:0f:86:c7:57:8b:11:2e:d2:a7:fb:9e:
f5:98:0c:10:4d:cc:e5:26:b1:98:6d:80:95:59:56:f4:72:51:
2d:33:4e:32:79:7b:2f:5d:48:c3:9c:1c:d1:39:67:38:51:cb:
40:56:3a:f0:52:ee:1d:37:9a:05:61:75:ed:66:a9:58:ad:30:
2a:96:46:87:4d:0a:ea:83:e3:55:d2:f5:ab:70:24:a3:bd:3c:
f2:c3:96:4f:89:61:7e:f9:b5:51:9e:25:14:47:1a:e1:b3:17:
63:85:51:12:e1:86:d5:7f:16:1d:9d:36:f4:b7:13:96:0f:f8:
91:a4:f1:93:77:6d:eb:85:80:80:2b:be:80:49:11:6b:13:78:
19:89:4a:a0:bd:fc:9d:1e:df:b7:39:dc:a8:4a:00:68:67:df:
fe:e8:ce:c6:48:6b:89:9f:84:e2:d0:fd:3f:b7:03:40:4d:d4:
d0:c1:4d:ed:08:b0:95:f7:3f:a3:7c:c6:18:3e:19:ba:1a:43:
43:05:52:e3:71:af:62:65:9d:ce:72:a3:16:5c:fd:5c:8f:4e:
9f:41:c9:ce:33:68:f9:45:1b:e0:eb:26:f3:44:00:f6:79:69:
11:58:14:db
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURxd0nZPKCfM1cmEI02aLcbsZ32YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA2MTMxMDM2MzBaFw0yNTA2MTIxMDQxMzBaMDMxMTAvBgNV
BAMTKDY1NTI1NzQ1QTNFMjkyRTEyRDQyM0ZCQUM5NDkxMENGOTM3Qzk2MEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAQUm2bK+erB76As+P0NNtl43t
hEqxdreO2w9dYeEfuqO8Ys8a3l/tZpl1s6nX71tS77e+PZHy9z+xSgOeRMLbkUYq
J6vvIjhmvJNJLInz6l6/Rwi07xbd10hbkFhkXgZc+Xs1WMvu5o3pEpCxSE7dIkVp
DCg3W8iThtOYpLcd16iWC79wFskPUxk/BgtbipAqmrLdEQ/YHT4KXPIUSW3k7M/+
FHP0Ti4xPq3rLoFCizu+aP75U2a1C667Z2Mz8KRBvtdp7SPy22SYNxJCr94jd58R
np2x68I0FjitxyFqJwLeAYnJRlSLiP7QVtKsR8v3Ps8h/JZlNktDpXoB50ijAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUZVJXRaPikuEtQj+6yUkQz5N8lg4wHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzODM1MmUzOTM3MmUzMTM0
MzYyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
uWGSMA0GCSqGSIb3DQEBCwUAA4IBAQByKfh7c9vHj8AkAAaRH0Kbb91NPHsa2UWN
D4bHV4sRLtKn+571mAwQTczlJrGYbYCVWVb0clEtM04yeXsvXUjDnBzROWc4UctA
VjrwUu4dN5oFYXXtZqlYrTAqlkaHTQrqg+NV0vWrcCSjvTzyw5ZPiWF++bVRniUU
RxrhsxdjhVES4YbVfxYdnTb0txOWD/iRpPGTd23rhYCAK76ASRFrE3gZiUqgvfyd
Ht+3OdyoSgBoZ9/+6M7GSGuJn4Ti0P0/twNATdTQwU3tCLCV9z+jfMYYPhm6GkND
BVLjca9iZZ3OcqMWXP1cj06fQcnOM2j5RRvg6ybzRAD2eWkRWBTb
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:02:15 2024 by rpki-client on console-fra.rpki-client.org