Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139322e3136362e3234342e302f32342d3234203d3e20313437303439.roa
File: 3139322e3136362e3234342e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: 6dkpvPdIfvdf3QpnXeAch1k1gjT3CDGqd1V8PpYYEY0=
Subject key identifier: 4E:16:35:83:8B:16:70:2B:1B:13:D7:CC:9E:F3:CE:77:FA:E0:D1:30
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 6B4FEADF15E11D51180F79D53DCD1D2C8FDB0083
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139322e3136362e3234342e302f32342d3234203d3e20313437303439.roa
Signing time: Mon 26 Feb 2024 08:52:57 +0000
ROA not before: Mon 26 Feb 2024 08:47:57 +0000
ROA not after: Mon 24 Feb 2025 08:52:57 +0000
asID: 147049
IP address blocks: 192.166.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:4f:ea:df:15:e1:1d:51:18:0f:79:d5:3d:cd:1d:2c:8f:db:00:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:57 2024 GMT
Not After : Feb 24 08:52:57 2025 GMT
Subject: CN=4E1635838B16702B1B13D7CC9EF3CE77FAE0D130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a2:8a:86:8f:78:59:f7:5c:f4:a4:38:76:22:
08:a2:ba:cc:43:ac:fc:e9:f2:0a:6b:bd:89:74:f9:
e7:23:12:6a:6b:9d:78:19:46:e1:4f:cb:f5:39:3f:
ce:0e:70:93:32:b5:91:f8:78:b1:23:8f:e9:86:6c:
32:e6:64:9c:8d:af:f2:e8:9c:bc:85:86:4f:9b:57:
a9:d2:7e:2d:8b:a1:53:22:c6:a8:de:08:f4:68:e8:
a7:e5:e6:a9:85:a3:0a:e5:3d:a2:3c:c1:74:6c:d2:
bb:6d:3f:47:22:1b:32:4a:4b:5c:8b:cb:2e:a5:56:
52:f5:ca:3b:b1:66:de:33:ab:8b:69:cb:ff:4d:35:
79:e5:93:00:41:76:a5:45:4f:5c:03:73:07:c3:9e:
7b:38:a3:dd:fa:3b:6f:e8:74:49:41:93:a4:e7:ce:
2a:8c:b1:bf:a4:48:6a:14:7e:1e:9f:bb:5c:3d:8a:
79:23:ba:07:e8:62:f5:a8:a2:94:7e:68:01:b1:fb:
42:50:1c:ed:db:44:57:20:ed:1b:ec:41:bd:0d:c0:
2e:40:20:35:e4:0a:92:a9:d5:cc:bf:cb:1b:ba:0d:
a2:77:ff:b5:ed:48:08:b8:54:01:00:b2:fd:17:8c:
a4:32:23:e8:07:d5:90:6e:eb:67:34:5e:4a:e3:e5:
24:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:16:35:83:8B:16:70:2B:1B:13:D7:CC:9E:F3:CE:77:FA:E0:D1:30
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139322e3136362e3234342e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.244.0/24
Signature Algorithm: sha256WithRSAEncryption
71:c1:d6:2f:7a:2f:06:e3:10:29:f3:23:2f:02:73:ba:df:4a:
c8:56:de:57:27:9c:bc:ff:ab:57:17:16:32:d9:ad:25:68:90:
08:93:0d:c8:72:b5:4f:bf:a8:d9:c0:31:b4:a6:e5:1d:ea:6b:
45:c5:2b:26:0e:25:d9:27:bc:a1:2d:4d:2d:67:1b:9e:b0:ad:
2a:a2:2f:cb:9d:66:0d:41:b2:26:1d:fd:60:b8:61:46:d1:a5:
c7:59:7a:02:a9:d7:2f:d8:24:2a:97:6a:65:71:bb:4e:fe:0a:
f8:5c:d1:ef:15:74:54:fc:4d:4a:fa:7f:9e:6f:3a:d9:e6:91:
2e:14:e7:72:f0:79:6c:1f:16:3c:4f:7f:96:58:57:6e:8e:5c:
2f:5c:60:77:b7:05:e7:9d:aa:99:2a:ee:43:f8:4b:6e:e4:9c:
e3:e8:a7:8e:13:ff:11:a5:16:c0:51:85:9d:a9:1f:d8:64:a0:
b3:39:ea:27:69:e3:fa:73:61:f4:d9:be:20:e9:f1:3a:61:3a:
b0:c9:c0:61:26:1d:d3:5a:e4:49:fd:86:46:6b:4f:81:ac:5b:
32:4a:dd:b2:8c:63:e6:87:cd:4a:e6:d2:ae:9b:05:e8:5d:a8:
36:46:ed:52:1c:9e:f9:51:16:dc:01:62:15:ee:7d:fa:a2:f2:
f0:63:f3:24
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUa0/q3xXhHVEYD3nVPc0dLI/bAIMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NTdaFw0yNTAyMjQwODUyNTdaMDMxMTAvBgNV
BAMTKDRFMTYzNTgzOEIxNjcwMkIxQjEzRDdDQzlFRjNDRTc3RkFFMEQxMzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVooqGj3hZ91z0pDh2IgiiusxD
rPzp8gprvYl0+ecjEmprnXgZRuFPy/U5P84OcJMytZH4eLEjj+mGbDLmZJyNr/Lo
nLyFhk+bV6nSfi2LoVMixqjeCPRo6Kfl5qmFowrlPaI8wXRs0rttP0ciGzJKS1yL
yy6lVlL1yjuxZt4zq4tpy/9NNXnlkwBBdqVFT1wDcwfDnns4o936O2/odElBk6Tn
ziqMsb+kSGoUfh6fu1w9inkjugfoYvWoopR+aAGx+0JQHO3bRFcg7RvsQb0NwC5A
IDXkCpKp1cy/yxu6DaJ3/7XtSAi4VAEAsv0XjKQyI+gH1ZBu62c0Xkrj5SQvAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUThY1g4sWcCsbE9fMnvPOd/rg0TAwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTMyMmUzMTM2MzYyZTMy
MzQzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNzMwMzQzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMCm9DANBgkqhkiG9w0BAQsFAAOCAQEAccHWL3ovBuMQKfMjLwJzut9KyFbe
VyecvP+rVxcWMtmtJWiQCJMNyHK1T7+o2cAxtKblHeprRcUrJg4l2Se8oS1NLWcb
nrCtKqIvy51mDUGyJh39YLhhRtGlx1l6AqnXL9gkKpdqZXG7Tv4K+FzR7xV0VPxN
Svp/nm862eaRLhTncvB5bB8WPE9/llhXbo5cL1xgd7cF552qmSruQ/hLbuSc4+in
jhP/EaUWwFGFnakf2GSgsznqJ2nj+nNh9Nm+IOnxOmE6sMnAYSYd01rkSf2GRmtP
gaxbMkrdsoxj5ofNSubSrpsF6F2oNkbtUhye+VEW3AFiFe59+qLy8GPzJA==
-----END CERTIFICATE-----
Generated at Sun May 12 14:08:17 2024 by rpki-client on console-fra.rpki-client.org