Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139322e3136362e3234372e302f32342d3234203d3e20313437303439.roa
File: 3139322e3136362e3234372e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: fT+mZOgCz5beNnssy+DFnUr7R6nrzbsxVk5hztUborM=
Subject key identifier: C2:0F:9E:2B:1E:3E:B2:E3:50:60:55:3F:CE:66:5B:EA:DF:F3:C8:0A
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 0149CD604A8D63790D473278FE2B0686DDE10AAA
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139322e3136362e3234372e302f32342d3234203d3e20313437303439.roa
Signing time: Mon 26 Feb 2024 08:52:51 +0000
ROA not before: Mon 26 Feb 2024 08:47:51 +0000
ROA not after: Mon 24 Feb 2025 08:52:51 +0000
asID: 147049
IP address blocks: 192.166.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:49:cd:60:4a:8d:63:79:0d:47:32:78:fe:2b:06:86:dd:e1:0a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:51 2024 GMT
Not After : Feb 24 08:52:51 2025 GMT
Subject: CN=C20F9E2B1E3EB2E35060553FCE665BEADFF3C80A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:b9:5c:c4:86:d9:f0:82:83:76:40:48:0a:30:
33:eb:48:1d:5c:02:a4:ce:9f:51:3e:b6:df:a2:48:
ff:d5:f1:97:0f:b5:0f:60:7f:26:ad:f0:b5:23:04:
c4:3b:bb:74:f5:6d:fd:4b:1b:68:24:23:04:58:99:
04:ba:cc:93:71:9a:8c:10:43:51:a9:8a:05:4a:23:
3c:72:32:09:79:58:e5:11:8b:25:3f:cd:93:a7:ed:
dc:02:b7:0a:25:d1:a5:9c:72:0e:92:cd:16:c9:7e:
cb:1e:09:67:08:f4:21:66:a8:ba:77:90:4a:29:15:
23:eb:e8:fb:e1:26:60:f9:d8:da:a1:b8:73:e4:01:
88:cd:d0:9f:a7:29:29:65:75:fd:87:9b:75:33:fd:
9a:92:fe:e1:b2:57:4f:1a:3d:83:d0:17:47:70:bd:
05:e6:fe:6a:1d:4d:33:32:d9:fe:79:b7:c7:66:cb:
d1:e2:da:db:41:42:be:95:3d:8e:1f:50:b4:9d:b2:
08:8c:9b:77:f4:1a:ff:7a:d0:c1:7a:2b:5a:e7:f3:
73:a7:43:2e:b2:98:3d:5d:7b:df:49:8f:fe:d1:ae:
58:bc:42:f1:a9:2d:8f:4e:b9:50:62:58:15:6e:a4:
e1:8c:cc:08:0a:58:4a:f0:1a:27:48:f5:7a:27:be:
28:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:0F:9E:2B:1E:3E:B2:E3:50:60:55:3F:CE:66:5B:EA:DF:F3:C8:0A
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139322e3136362e3234372e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.247.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:c7:5e:fc:73:27:dc:70:6b:e1:e9:e5:19:05:74:65:a6:a5:
3e:c3:b0:4b:cd:32:d4:dc:79:25:21:bb:df:08:fa:91:ae:88:
bb:b4:10:ec:f5:ef:98:88:8b:9a:cc:53:ca:5c:1c:62:20:52:
85:2f:7b:35:04:54:88:84:5e:c4:17:61:01:d8:f5:79:48:86:
71:34:75:34:2e:2d:68:7c:33:d0:e1:0f:6c:f9:c1:88:23:61:
30:91:6c:70:0f:c6:78:2f:8e:74:a3:2b:9f:0d:96:91:65:56:
d5:50:cd:6e:08:d8:bd:85:72:a1:19:2a:6b:1c:a0:01:1d:b5:
fa:73:01:a0:57:87:1e:c2:9a:d6:ee:93:a6:82:73:32:e7:45:
f6:80:f9:7e:9c:f7:5a:6b:e3:10:c3:e5:75:0d:bc:28:3c:0d:
2e:c1:f3:7b:11:f5:3f:4c:4f:44:1d:7d:3d:f2:35:0f:eb:7e:
6d:e4:34:bb:e3:8f:f4:4a:3a:3a:b4:f9:43:12:ef:12:51:ff:
92:28:91:fd:8e:8d:70:4d:b6:7c:34:17:46:fd:36:4e:16:40:
4b:90:04:f8:ca:70:a7:5a:3f:72:1b:42:d7:de:aa:f8:67:a8:
37:13:3f:a3:e9:93:c7:a6:2d:d6:2e:92:df:70:f4:77:11:c0:
85:28:66:5d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUAUnNYEqNY3kNRzJ4/isGht3hCqowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NTFaFw0yNTAyMjQwODUyNTFaMDMxMTAvBgNV
BAMTKEMyMEY5RTJCMUUzRUIyRTM1MDYwNTUzRkNFNjY1QkVBREZGM0M4MEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmuVzEhtnwgoN2QEgKMDPrSB1c
AqTOn1E+tt+iSP/V8ZcPtQ9gfyat8LUjBMQ7u3T1bf1LG2gkIwRYmQS6zJNxmowQ
Q1GpigVKIzxyMgl5WOURiyU/zZOn7dwCtwol0aWccg6SzRbJfsseCWcI9CFmqLp3
kEopFSPr6PvhJmD52NqhuHPkAYjN0J+nKSlldf2Hm3Uz/ZqS/uGyV08aPYPQF0dw
vQXm/modTTMy2f55t8dmy9Hi2ttBQr6VPY4fULSdsgiMm3f0Gv960MF6K1rn83On
Qy6ymD1de99Jj/7Rrli8QvGpLY9OuVBiWBVupOGMzAgKWErwGidI9XonviiVAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUwg+eKx4+suNQYFU/zmZb6t/zyAowHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTMyMmUzMTM2MzYyZTMy
MzQzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNzMwMzQzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMCm9zANBgkqhkiG9w0BAQsFAAOCAQEAC8de/HMn3HBr4enlGQV0ZaalPsOw
S80y1Nx5JSG73wj6ka6Iu7QQ7PXvmIiLmsxTylwcYiBShS97NQRUiIRexBdhAdj1
eUiGcTR1NC4taHwz0OEPbPnBiCNhMJFscA/GeC+OdKMrnw2WkWVW1VDNbgjYvYVy
oRkqaxygAR21+nMBoFeHHsKa1u6TpoJzMudF9oD5fpz3WmvjEMPldQ28KDwNLsHz
exH1P0xPRB19PfI1D+t+beQ0u+OP9Eo6OrT5QxLvElH/kiiR/Y6NcE22fDQXRv02
ThZAS5AE+Mpwp1o/chtC196q+GeoNxM/o+mTx6Yt1i6S33D0dxHAhShmXQ==
-----END CERTIFICATE-----
Generated at Mon May 13 08:54:17 2024 by rpki-client on console-ams.rpki-client.org