Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139322e3136362e3234352e302f32342d3234203d3e20313331313939.roa
File: 3139322e3136362e3234352e302f32342d3234203d3e20313331313939.roa (raw, json)
Hash identifier: xxvIfZlr8nerHkxtozcR3N7WMyHy/JnscWQ2QF27aUA=
Subject key identifier: C3:9C:66:9B:13:EC:32:FD:51:C8:0D:39:34:06:D8:BF:93:5E:72:E8
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 73ED3F37A0990A8F4948B30C691182A23D155C7C
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139322e3136362e3234352e302f32342d3234203d3e20313331313939.roa
Signing time: Mon 26 Feb 2024 08:52:54 +0000
ROA not before: Mon 26 Feb 2024 08:47:54 +0000
ROA not after: Mon 24 Feb 2025 08:52:54 +0000
asID: 131199
IP address blocks: 192.166.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:ed:3f:37:a0:99:0a:8f:49:48:b3:0c:69:11:82:a2:3d:15:5c:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:54 2024 GMT
Not After : Feb 24 08:52:54 2025 GMT
Subject: CN=C39C669B13EC32FD51C80D393406D8BF935E72E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:17:ce:a3:80:c5:48:27:8d:a6:bd:bc:f8:35:
d3:9b:6b:c2:19:4d:fa:b7:0e:14:f1:95:8d:d2:01:
07:47:de:40:1d:2d:dd:84:c0:fb:2f:0d:dd:c4:e4:
34:fb:a9:fe:59:01:df:d2:1e:2c:b3:4c:9e:51:05:
d2:24:80:98:33:09:b0:fc:c0:6a:36:9f:72:30:9f:
ed:53:20:bc:c1:ce:4d:b5:e1:1c:b3:26:d8:b9:14:
7c:7b:8c:e1:19:2e:2a:8d:3f:ce:a1:95:e3:3c:4e:
67:54:29:25:09:72:9c:e9:61:e4:31:7f:d3:d7:4e:
27:97:06:72:9a:7f:a1:1f:b1:a8:8c:ab:59:3b:94:
1a:97:13:7a:f3:0b:00:cb:16:41:c1:4d:ae:c7:62:
f9:66:2c:8e:4b:e3:0b:a6:6e:d5:a3:d8:73:96:57:
dd:5e:33:b4:ec:df:9f:f7:24:7e:06:96:b1:a2:88:
ce:97:b7:e7:b4:57:4a:d6:08:30:59:75:89:9c:28:
7c:1f:39:32:6b:80:6d:7a:0b:85:05:0b:66:aa:39:
57:dd:2c:32:4b:d7:89:64:66:a7:12:1b:07:97:31:
16:e2:62:68:39:25:0f:30:50:7c:da:06:c5:3d:67:
1d:63:23:74:f6:a8:bd:a4:08:d2:ab:ee:6b:40:ea:
01:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:9C:66:9B:13:EC:32:FD:51:C8:0D:39:34:06:D8:BF:93:5E:72:E8
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139322e3136362e3234352e302f32342d3234203d3e20313331313939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.245.0/24
Signature Algorithm: sha256WithRSAEncryption
59:d9:6a:80:d9:01:e4:ba:eb:d3:ed:f9:fc:88:9a:01:a4:91:
2c:e4:65:ab:14:7e:ab:f5:e7:41:3a:50:b2:b5:79:7c:7b:04:
c5:9b:73:91:2a:f5:ba:66:24:1c:82:e2:71:a4:37:c2:d5:33:
d1:45:49:54:72:c0:16:56:b4:9b:06:68:de:d3:47:0e:bb:14:
e9:bc:3a:10:03:31:21:93:27:cf:0d:30:e5:42:64:66:cf:cf:
da:5e:54:8d:3f:f3:c8:fc:b4:64:30:14:12:e7:25:b8:9c:2c:
d2:81:7f:94:b5:c6:d6:68:5f:2d:91:9c:78:15:e8:37:32:e1:
37:f2:49:c0:08:7d:06:6d:31:b3:ba:9e:aa:28:c9:b3:02:5d:
02:41:3e:e0:1d:d4:16:cb:f1:aa:97:8f:4a:f4:d7:eb:d2:1d:
85:48:b4:b2:c0:47:9d:75:55:0f:cf:7b:9f:65:bd:72:07:fb:
27:93:cc:b8:e9:1f:51:4b:5d:50:11:fe:36:01:2f:ee:02:5f:
64:f7:a9:84:dd:32:bf:61:6f:21:43:1b:db:6f:b9:ec:74:7c:
b2:78:04:2c:df:60:e6:4e:a8:86:60:6e:65:3c:d5:b3:e3:ab:
3d:94:82:5c:8c:98:23:6a:86:55:75:cd:03:b5:28:8b:33:77:
46:41:45:9b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUc+0/N6CZCo9JSLMMaRGCoj0VXHwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NTRaFw0yNTAyMjQwODUyNTRaMDMxMTAvBgNV
BAMTKEMzOUM2NjlCMTNFQzMyRkQ1MUM4MEQzOTM0MDZEOEJGOTM1RTcyRTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzF86jgMVIJ42mvbz4NdOba8IZ
Tfq3DhTxlY3SAQdH3kAdLd2EwPsvDd3E5DT7qf5ZAd/SHiyzTJ5RBdIkgJgzCbD8
wGo2n3Iwn+1TILzBzk214RyzJti5FHx7jOEZLiqNP86hleM8TmdUKSUJcpzpYeQx
f9PXTieXBnKaf6EfsaiMq1k7lBqXE3rzCwDLFkHBTa7HYvlmLI5L4wumbtWj2HOW
V91eM7Ts35/3JH4GlrGiiM6Xt+e0V0rWCDBZdYmcKHwfOTJrgG16C4UFC2aqOVfd
LDJL14lkZqcSGweXMRbiYmg5JQ8wUHzaBsU9Zx1jI3T2qL2kCNKr7mtA6gG/AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUw5xmmxPsMv1RyA05NAbYv5NecugwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTMyMmUzMTM2MzYyZTMy
MzQzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzMTMxMzkzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMCm9TANBgkqhkiG9w0BAQsFAAOCAQEAWdlqgNkB5Lrr0+35/IiaAaSRLORl
qxR+q/XnQTpQsrV5fHsExZtzkSr1umYkHILicaQ3wtUz0UVJVHLAFla0mwZo3tNH
DrsU6bw6EAMxIZMnzw0w5UJkZs/P2l5UjT/zyPy0ZDAUEucluJws0oF/lLXG1mhf
LZGceBXoNzLhN/JJwAh9Bm0xs7qeqijJswJdAkE+4B3UFsvxqpePSvTX69IdhUi0
ssBHnXVVD897n2W9cgf7J5PMuOkfUUtdUBH+NgEv7gJfZPephN0yv2FvIUMb22+5
7HR8sngELN9g5k6ohmBuZTzVs+OrPZSCXIyYI2qGVXXNA7UoizN3RkFFmw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:44 2024 by rpki-client on console-ams.rpki-client.org