Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3134322e3230322e302f32342d3332203d3e20313336373837.roa
File: 3139332e3134322e3230322e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: JxMdTP/bi2k+wqhv8GYQAH1d7qq3aNFynlpIY0cW5ns=
Subject key identifier: 4B:40:F6:EA:2B:E4:82:86:2C:FC:1F:A2:F4:90:58:18:55:A0:77:89
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 2717094999D9E7ADCEC6D9D8D231C59A01168F19
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3134322e3230322e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:52:47 +0000
ROA not before: Mon 26 Feb 2024 08:47:47 +0000
ROA not after: Mon 24 Feb 2025 08:52:47 +0000
asID: 136787
IP address blocks: 193.142.202.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:17:09:49:99:d9:e7:ad:ce:c6:d9:d8:d2:31:c5:9a:01:16:8f:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:47 2024 GMT
Not After : Feb 24 08:52:47 2025 GMT
Subject: CN=4B40F6EA2BE482862CFC1FA2F490581855A07789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:03:fc:d3:90:58:1f:ce:63:8f:36:28:43:5c:
fb:cd:87:1a:d9:2a:66:e0:6d:43:8a:38:38:89:de:
e9:f9:00:5e:0e:4a:b6:48:aa:be:21:44:de:a1:85:
f0:cc:f1:27:ce:25:3e:e5:0d:0d:98:20:32:7a:d3:
e4:62:94:27:c7:d4:31:61:4d:28:83:9f:82:c2:2a:
ea:b7:6c:75:f6:a5:25:f8:db:67:e2:e4:1a:50:4a:
d9:a7:da:bf:11:dd:70:6a:20:20:b8:ee:45:0e:c9:
a5:4f:82:26:45:2c:b6:24:75:19:92:3b:91:b0:89:
04:59:60:e7:45:45:02:97:66:b8:1c:f1:74:b6:3d:
90:69:62:a7:40:2a:a4:69:5d:6f:0d:16:23:50:bc:
e6:7c:38:d6:12:44:ac:57:ab:59:8b:aa:aa:d9:53:
90:fd:87:c8:52:cf:ac:eb:7f:e7:06:0b:f8:4c:b3:
32:a4:0d:60:0f:1a:4a:de:c5:9d:7d:37:02:4e:db:
a0:64:d8:9c:80:bb:2d:71:85:3e:6b:13:43:a2:5c:
0f:80:45:d1:99:54:be:5f:ed:39:1a:23:f9:17:9a:
05:0b:d8:7f:3f:6c:12:4b:6b:e2:c0:5e:00:35:44:
47:ec:aa:c1:ce:ac:62:56:46:64:2e:41:ad:de:e0:
61:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:40:F6:EA:2B:E4:82:86:2C:FC:1F:A2:F4:90:58:18:55:A0:77:89
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3134322e3230322e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.202.0/24
Signature Algorithm: sha256WithRSAEncryption
47:8d:85:ca:a3:8a:6e:55:a1:5d:5f:0e:e9:6a:c2:76:9d:8f:
6b:5e:46:77:07:ab:d2:ff:a7:b3:b8:87:5c:de:a2:12:22:37:
c4:ad:f2:be:9f:f4:b8:e4:43:d2:d4:f1:70:1b:d5:b5:8a:f6:
39:b3:4d:44:70:c7:e5:f4:15:24:83:67:13:e9:ff:f8:30:9d:
41:78:66:cf:07:fa:e0:67:88:44:71:3e:0a:8a:25:8d:e8:0b:
fe:cb:f5:b4:46:30:61:7d:4e:e4:70:c8:94:0e:a2:24:63:ed:
cb:a7:59:60:79:70:1c:96:2e:71:24:8c:0d:89:ed:8c:11:c2:
5d:33:4e:97:55:ca:0a:b1:c2:b1:f2:49:fa:bd:b2:b1:d2:a2:
08:b2:24:93:61:05:50:a7:25:6a:b9:a0:53:61:cf:6e:46:58:
e9:a7:d6:e2:81:e7:6a:98:17:93:37:61:4e:99:1b:a6:e7:1f:
ce:ff:1f:31:0d:ef:38:60:0f:90:7d:dc:1c:ae:ea:b0:ad:4b:
8c:7e:2c:70:72:87:0b:f2:2e:b0:ac:c3:30:b4:b0:d6:56:f9:
82:b4:2b:cd:b6:51:4b:1b:71:9d:c2:f8:b0:06:f8:bb:01:f9:
62:eb:ed:85:36:e9:c4:35:8c:5d:76:48:33:53:a9:13:ca:81:
3f:5c:b8:14
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUJxcJSZnZ563OxtnY0jHFmgEWjxkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NDdaFw0yNTAyMjQwODUyNDdaMDMxMTAvBgNV
BAMTKDRCNDBGNkVBMkJFNDgyODYyQ0ZDMUZBMkY0OTA1ODE4NTVBMDc3ODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLA/zTkFgfzmOPNihDXPvNhxrZ
KmbgbUOKODiJ3un5AF4OSrZIqr4hRN6hhfDM8SfOJT7lDQ2YIDJ60+RilCfH1DFh
TSiDn4LCKuq3bHX2pSX422fi5BpQStmn2r8R3XBqICC47kUOyaVPgiZFLLYkdRmS
O5GwiQRZYOdFRQKXZrgc8XS2PZBpYqdAKqRpXW8NFiNQvOZ8ONYSRKxXq1mLqqrZ
U5D9h8hSz6zrf+cGC/hMszKkDWAPGkrexZ19NwJO26Bk2JyAuy1xhT5rE0OiXA+A
RdGZVL5f7TkaI/kXmgUL2H8/bBJLa+LAXgA1REfsqsHOrGJWRmQuQa3e4GHNAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUS0D26ivkgoYs/B+i9JBYGFWgd4kwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTMzMmUzMTM0MzIyZTMy
MzAzMjJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMGOyjANBgkqhkiG9w0BAQsFAAOCAQEAR42FyqOKblWhXV8O6WrCdp2Pa15G
dwer0v+ns7iHXN6iEiI3xK3yvp/0uORD0tTxcBvVtYr2ObNNRHDH5fQVJINnE+n/
+DCdQXhmzwf64GeIRHE+CooljegL/sv1tEYwYX1O5HDIlA6iJGPty6dZYHlwHJYu
cSSMDYntjBHCXTNOl1XKCrHCsfJJ+r2ysdKiCLIkk2EFUKclarmgU2HPbkZY6afW
4oHnapgXkzdhTpkbpucfzv8fMQ3vOGAPkH3cHK7qsK1LjH4scHKHC/IusKzDMLSw
1lb5grQrzbZRSxtxncL4sAb4uwH5YuvthTbpxDWMXXZIM1OpE8qBP1y4FA==
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:24 2024 by rpki-client on console-fra.rpki-client.org