Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3134322e3230302e302f32342d3234203d3e20313336373837.roa
File: 3139332e3134322e3230302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 1vgxDt67mlnTqmLcs2OFKJ1YZTTwI3ztAHVMxLvfyhE=
Subject key identifier: C6:99:00:F5:70:A0:7C:01:31:9E:78:05:9A:41:E2:E2:E0:B6:28:C2
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 7123CDE375085675DBD3FF53D27E226C438209B9
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3134322e3230302e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:18 +0000
ROA not before: Mon 01 Apr 2024 13:58:18 +0000
ROA not after: Mon 31 Mar 2025 14:03:18 +0000
asID: 136787
IP address blocks: 193.142.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:23:cd:e3:75:08:56:75:db:d3:ff:53:d2:7e:22:6c:43:82:09:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 1 13:58:18 2024 GMT
Not After : Mar 31 14:03:18 2025 GMT
Subject: CN=C69900F570A07C01319E78059A41E2E2E0B628C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1b:97:b4:2b:45:60:69:17:9e:71:fa:22:9e:
29:9a:6f:58:f4:81:99:e1:71:c2:6f:68:24:54:e5:
2d:84:95:f7:b4:86:1c:e5:60:42:da:af:fc:4f:4d:
35:66:76:3e:a1:3d:47:f0:3c:d6:5e:e3:0b:cc:fc:
cd:84:31:cb:ab:f6:71:76:e9:8f:9d:3c:f1:8e:27:
3b:c3:a7:ba:1b:d4:59:c3:20:b7:47:7a:a4:fc:4c:
2e:d6:78:c8:91:19:c6:07:96:24:38:3c:61:fa:4b:
2b:48:80:d5:7d:33:c1:73:bb:1b:35:d2:63:14:79:
f6:ec:4c:47:18:11:15:20:d3:78:2b:8b:38:b2:5a:
5a:4d:75:59:21:97:b8:54:fa:5e:81:b4:76:66:b7:
e1:5c:a5:ef:88:b3:24:b3:b8:c2:19:52:45:34:fd:
3d:10:25:d9:c7:3c:41:b0:bf:02:f9:72:37:69:78:
18:b6:4e:73:9c:8e:19:13:12:ea:c6:54:87:86:bc:
58:bd:b4:ba:b0:c2:95:fd:f0:9f:f9:03:ef:d3:30:
d0:25:7e:66:21:a2:d6:db:48:6c:05:66:98:26:89:
a7:c7:41:78:e3:a1:ac:56:61:a5:36:40:e9:0b:5c:
76:dc:f5:4b:07:ae:c8:ed:02:26:d4:72:1e:d8:10:
65:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:99:00:F5:70:A0:7C:01:31:9E:78:05:9A:41:E2:E2:E0:B6:28:C2
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3134322e3230302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.200.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:53:4f:2d:63:70:89:2d:39:72:ff:40:77:2e:2b:6e:6d:6b:
14:b4:32:24:0a:4f:a8:55:2f:49:35:c2:87:c6:18:d4:5b:eb:
79:1a:8f:bb:4f:cf:53:4d:76:12:91:c8:b1:1e:47:80:cc:75:
e3:91:ac:d7:8d:04:70:48:06:e9:e6:ae:69:da:35:3d:3b:bf:
9b:bc:68:dc:e2:0d:ee:7d:e8:9c:15:f8:72:27:95:ec:c7:ce:
8c:8a:14:e1:1e:aa:67:83:18:7a:31:40:4e:0d:33:b3:53:e4:
96:ab:07:8c:85:7e:52:c2:09:d8:9b:f0:26:2c:c5:49:1b:98:
01:cf:7f:0a:f9:41:9a:f4:cc:6c:5b:d9:f3:85:d3:0c:1b:b5:
e4:e3:65:3f:c4:e7:23:ec:33:1a:c8:05:09:c2:06:8e:3e:40:
55:a8:19:54:19:bf:86:91:ce:e9:c4:a6:94:14:e6:40:a8:56:
5c:bf:e9:1a:c4:af:34:3f:e9:9f:f7:2b:f7:61:23:e6:c8:a8:
34:9f:09:7f:0e:8c:13:5e:a0:84:b4:7e:86:b7:fe:37:f5:ec:
23:02:9e:e2:45:cc:d6:29:b6:7f:c9:bb:31:6a:99:be:ea:c6:
40:a7:f5:78:61:a6:ab:8f:f3:06:fe:58:a3:42:31:c4:a0:e0:
26:d5:10:3e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUcSPN43UIVnXb0/9T0n4ibEOCCbkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA0MDExMzU4MThaFw0yNTAzMzExNDAzMThaMDMxMTAvBgNV
BAMTKEM2OTkwMEY1NzBBMDdDMDEzMTlFNzgwNTlBNDFFMkUyRTBCNjI4QzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4G5e0K0VgaReecfoinimab1j0
gZnhccJvaCRU5S2Elfe0hhzlYELar/xPTTVmdj6hPUfwPNZe4wvM/M2EMcur9nF2
6Y+dPPGOJzvDp7ob1FnDILdHeqT8TC7WeMiRGcYHliQ4PGH6SytIgNV9M8Fzuxs1
0mMUefbsTEcYERUg03griziyWlpNdVkhl7hU+l6BtHZmt+Fcpe+IsySzuMIZUkU0
/T0QJdnHPEGwvwL5cjdpeBi2TnOcjhkTEurGVIeGvFi9tLqwwpX98J/5A+/TMNAl
fmYhotbbSGwFZpgmiafHQXjjoaxWYaU2QOkLXHbc9UsHrsjtAibUch7YEGUdAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUxpkA9XCgfAExnngFmkHi4uC2KMIwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTMzMmUzMTM0MzIyZTMy
MzAzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMGOyDANBgkqhkiG9w0BAQsFAAOCAQEAH1NPLWNwiS05cv9Ady4rbm1rFLQy
JApPqFUvSTXCh8YY1FvreRqPu0/PU012EpHIsR5HgMx145Gs140EcEgG6eauado1
PTu/m7xo3OIN7n3onBX4cieV7MfOjIoU4R6qZ4MYejFATg0zs1PklqsHjIV+UsIJ
2JvwJizFSRuYAc9/CvlBmvTMbFvZ84XTDBu15ONlP8TnI+wzGsgFCcIGjj5AVagZ
VBm/hpHO6cSmlBTmQKhWXL/pGsSvND/pn/cr92Ej5sioNJ8Jfw6ME16ghLR+hrf+
N/XsIwKe4kXM1im2f8m7MWqZvurGQKf1eGGmq4/zBv5Yo0IxxKDgJtUQPg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org