Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3134322e3230312e302f32342d3234203d3e20313336373837.roa
File: 3139332e3134322e3230312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: PY9vvUp0rcjTNoqB4AYDrW5W+F2HPn+6mq0PmL3JVNE=
Subject key identifier: F6:6E:76:46:4C:D5:48:0E:86:F6:CA:2F:72:25:5C:4D:EC:D7:30:84
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 587CA293F5CF39EAD65FD4901C72A40AC6BA492A
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3134322e3230312e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:19 +0000
ROA not before: Mon 01 Apr 2024 13:58:19 +0000
ROA not after: Mon 31 Mar 2025 14:03:19 +0000
asID: 136787
IP address blocks: 193.142.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:7c:a2:93:f5:cf:39:ea:d6:5f:d4:90:1c:72:a4:0a:c6:ba:49:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 1 13:58:19 2024 GMT
Not After : Mar 31 14:03:19 2025 GMT
Subject: CN=F66E76464CD5480E86F6CA2F72255C4DECD73084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:98:24:74:fe:83:05:24:0d:63:4e:3c:c2:b9:
88:4a:c9:b6:9b:4b:62:2c:88:c1:2f:a1:4b:10:4e:
8a:0b:f3:bf:db:7c:0b:87:aa:5e:43:b5:14:4b:ea:
50:73:b9:20:8e:cb:ca:43:ec:d2:7c:1c:10:9f:1d:
ff:4a:9d:ab:01:7c:0b:a2:47:b2:bc:37:49:55:55:
c5:58:e8:b2:c7:39:e4:de:fc:61:99:72:e5:90:26:
e9:1b:b5:3d:3a:69:b9:c8:a7:62:89:8f:87:81:e8:
ef:d1:64:ca:2c:95:40:bf:b9:49:3e:30:c3:a5:4b:
14:52:70:98:a2:14:a0:68:a1:98:0c:20:5d:7f:34:
f4:36:53:5c:5b:3b:30:e2:20:4a:cd:ad:07:42:76:
49:e7:5a:2f:67:1b:53:68:48:de:69:3b:8a:21:41:
9b:cd:cd:01:ac:f4:91:1d:ab:56:b1:cb:74:df:15:
97:66:ab:16:79:b8:98:27:f4:48:c1:99:77:e5:05:
e3:28:8e:d6:a3:a7:c1:14:f6:af:75:80:7e:cd:e0:
4c:51:c6:2e:7e:9d:b3:e7:01:69:6c:e8:2d:ae:95:
8e:6c:59:53:f7:12:25:ef:19:5c:c3:87:c9:e2:a3:
4f:e2:db:30:58:86:77:5d:16:e3:2c:19:74:e4:68:
f8:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:6E:76:46:4C:D5:48:0E:86:F6:CA:2F:72:25:5C:4D:EC:D7:30:84
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3134322e3230312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.201.0/24
Signature Algorithm: sha256WithRSAEncryption
52:ac:04:91:0f:fe:97:8a:bd:8d:03:eb:ad:fc:97:33:8c:15:
97:ad:a6:e8:e0:44:d5:3a:03:7e:d9:db:69:ad:67:f9:f0:b6:
91:11:3a:5a:0e:30:29:9b:b1:60:62:ab:8f:e5:f0:05:44:45:
72:d1:e1:44:23:7a:64:9d:4b:61:e4:68:e7:4d:63:89:0f:7d:
f6:fd:f2:d3:cc:44:bb:5b:23:d7:f8:ac:67:6f:b8:a0:e0:46:
e5:8d:86:24:3f:dd:69:e1:e2:dc:58:92:1d:3b:86:93:9a:5b:
ce:44:cd:20:61:70:70:58:9e:8f:cb:1c:69:ca:57:79:49:1a:
7f:c7:75:5d:ff:83:e9:dc:05:d1:55:ad:52:45:b0:8c:02:9b:
a3:89:12:b6:1f:48:6a:07:b6:e9:f1:78:79:7b:1a:90:d7:c6:
01:0e:32:26:23:4b:4e:f5:ae:1f:e8:96:6d:02:89:09:9f:7a:
94:a8:32:49:19:c0:ea:d8:13:e4:53:6e:31:86:7d:4b:29:18:
1c:c2:65:cf:68:fd:dd:c4:e6:c2:8d:f7:7e:70:ff:43:fb:f8:
f1:e8:6f:bc:89:7e:c8:2d:30:eb:e8:d7:1e:2d:51:33:77:c3:
d3:c2:b2:c8:6d:ed:b3:13:9b:ff:39:56:a2:39:b9:29:82:ea:
38:5b:12:ad
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUWHyik/XPOerWX9SQHHKkCsa6SSowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA0MDExMzU4MTlaFw0yNTAzMzExNDAzMTlaMDMxMTAvBgNV
BAMTKEY2NkU3NjQ2NENENTQ4MEU4NkY2Q0EyRjcyMjU1QzRERUNENzMwODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZmCR0/oMFJA1jTjzCuYhKybab
S2IsiMEvoUsQTooL87/bfAuHql5DtRRL6lBzuSCOy8pD7NJ8HBCfHf9KnasBfAui
R7K8N0lVVcVY6LLHOeTe/GGZcuWQJukbtT06abnIp2KJj4eB6O/RZMoslUC/uUk+
MMOlSxRScJiiFKBooZgMIF1/NPQ2U1xbOzDiIErNrQdCdknnWi9nG1NoSN5pO4oh
QZvNzQGs9JEdq1axy3TfFZdmqxZ5uJgn9EjBmXflBeMojtajp8EU9q91gH7N4ExR
xi5+nbPnAWls6C2ulY5sWVP3EiXvGVzDh8nio0/i2zBYhnddFuMsGXTkaPipAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU9m52RkzVSA6G9sovciVcTezXMIQwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTMzMmUzMTM0MzIyZTMy
MzAzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMGOyTANBgkqhkiG9w0BAQsFAAOCAQEAUqwEkQ/+l4q9jQPrrfyXM4wVl62m
6OBE1ToDftnbaa1n+fC2kRE6Wg4wKZuxYGKrj+XwBURFctHhRCN6ZJ1LYeRo501j
iQ999v3y08xEu1sj1/isZ2+4oOBG5Y2GJD/daeHi3FiSHTuGk5pbzkTNIGFwcFie
j8scacpXeUkaf8d1Xf+D6dwF0VWtUkWwjAKbo4kSth9Iage26fF4eXsakNfGAQ4y
JiNLTvWuH+iWbQKJCZ96lKgySRnA6tgT5FNuMYZ9SykYHMJlz2j93cTmwo33fnD/
Q/v48ehvvIl+yC0w6+jXHi1RM3fD08KyyG3tsxOb/zlWojm5KYLqOFsSrQ==
-----END CERTIFICATE-----
Generated at Tue May 7 22:52:25 2024 by rpki-client on console-ams.rpki-client.org