Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3138372e3133302e302f32342d3234203d3e20313336373837.roa
File: 3139332e3138372e3133302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 6/xIWoYEAqHKPUGWA4b3h58d5BoOn/VzaDBeQYsf8wo=
Subject key identifier: DC:A9:0C:EB:B9:67:03:19:A8:A9:3E:D0:D4:A7:A0:F3:99:45:32:B9
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 2BFFBA36635E8BBC769CEA07F41B6A2D41F7CDF2
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3138372e3133302e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:18 +0000
ROA not before: Mon 01 Apr 2024 13:58:18 +0000
ROA not after: Mon 31 Mar 2025 14:03:18 +0000
asID: 136787
IP address blocks: 193.187.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:ff:ba:36:63:5e:8b:bc:76:9c:ea:07:f4:1b:6a:2d:41:f7:cd:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 1 13:58:18 2024 GMT
Not After : Mar 31 14:03:18 2025 GMT
Subject: CN=DCA90CEBB9670319A8A93ED0D4A7A0F3994532B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c4:db:9a:96:42:a6:5f:26:80:af:4f:e9:0b:
53:fd:c0:0e:38:4c:b3:ec:2a:48:a2:63:c6:a2:b1:
0b:92:81:cb:18:a4:c4:a1:c5:88:f2:b0:e0:27:be:
88:cd:85:a1:ac:b9:1e:01:c8:c4:30:44:2f:58:67:
c8:4e:c8:dc:9a:2a:20:fc:a8:d6:fd:93:b8:8b:39:
6a:04:3d:a5:a5:ad:2c:ef:e4:d0:68:58:2c:d1:80:
f0:9c:f9:3b:c5:b5:ad:6e:cc:bd:ee:7a:a9:9f:8e:
6b:9b:f0:05:7a:cc:7f:5a:95:3b:9f:d8:56:e5:f6:
6b:bc:04:b2:39:91:60:81:59:99:0e:8c:cc:ed:00:
f1:c9:e4:24:99:d3:4b:68:1a:6d:a4:69:3a:74:97:
e0:9a:e5:d5:2a:d5:b9:dc:7c:41:d4:2f:5c:3f:2c:
9d:48:e3:1e:fa:ae:d0:04:c8:2c:2a:d9:d1:df:2f:
f5:3b:c1:a2:4b:ee:33:7d:f2:d6:ad:17:b0:24:fe:
98:6c:bd:09:b3:a9:a0:f8:6d:e5:6a:3a:71:af:ae:
7f:5e:a3:bd:4b:4a:60:53:4b:bb:d1:99:03:27:21:
e6:06:30:cb:0f:cf:cb:d6:e0:16:09:40:e9:9f:42:
9f:c1:75:95:c4:28:5c:2f:e2:94:6c:cf:06:43:6e:
31:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A9:0C:EB:B9:67:03:19:A8:A9:3E:D0:D4:A7:A0:F3:99:45:32:B9
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3138372e3133302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.187.130.0/24
Signature Algorithm: sha256WithRSAEncryption
44:7f:c6:1f:05:53:d2:55:4e:13:98:62:58:00:e0:08:3e:b5:
ee:dc:c6:1a:24:5f:f9:4d:74:da:4c:3e:d2:4a:51:88:11:b8:
42:d9:9a:60:38:c3:c7:60:bd:7c:bf:13:3a:c2:15:f4:b2:3c:
b1:b7:d7:df:e0:13:bd:aa:ed:20:61:ac:74:93:52:b6:16:1d:
7d:39:f7:11:48:3d:cf:7f:a4:1b:7c:73:ff:06:d7:19:b4:61:
39:b3:e2:34:ef:2d:bc:67:bd:b6:9a:4b:44:6a:a4:74:4e:dc:
80:a7:a8:4f:da:09:20:d0:f9:1f:ec:c4:12:6a:87:39:c4:43:
17:20:ad:fa:84:40:de:dd:9b:74:2f:71:da:eb:b0:e9:76:c1:
22:b0:7e:e8:95:84:4b:61:ab:a7:d5:3b:78:66:b1:a3:67:b1:
53:19:2a:61:90:4f:ee:fe:32:1d:a9:fc:7b:c1:23:73:b3:4b:
bf:cc:91:2e:6e:1d:27:23:85:6a:de:ac:5e:90:b4:8b:8c:14:
ad:95:cb:b8:c5:cf:47:58:94:c8:1f:8d:46:91:b5:d6:d6:2f:
52:1a:d2:a3:ff:e4:b0:a2:a5:28:68:44:d2:7a:49:a4:34:8d:
fc:2b:35:31:26:6a:e6:fd:6f:ed:63:69:87:86:cd:a0:2e:69:
68:9c:27:26
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUK/+6NmNei7x2nOoH9BtqLUH3zfIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA0MDExMzU4MThaFw0yNTAzMzExNDAzMThaMDMxMTAvBgNV
BAMTKERDQTkwQ0VCQjk2NzAzMTlBOEE5M0VEMEQ0QTdBMEYzOTk0NTMyQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0xNualkKmXyaAr0/pC1P9wA44
TLPsKkiiY8aisQuSgcsYpMShxYjysOAnvojNhaGsuR4ByMQwRC9YZ8hOyNyaKiD8
qNb9k7iLOWoEPaWlrSzv5NBoWCzRgPCc+TvFta1uzL3ueqmfjmub8AV6zH9alTuf
2Fbl9mu8BLI5kWCBWZkOjMztAPHJ5CSZ00toGm2kaTp0l+Ca5dUq1bncfEHUL1w/
LJ1I4x76rtAEyCwq2dHfL/U7waJL7jN98tatF7Ak/phsvQmzqaD4beVqOnGvrn9e
o71LSmBTS7vRmQMnIeYGMMsPz8vW4BYJQOmfQp/BdZXEKFwv4pRszwZDbjF5AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU3KkM67lnAxmoqT7Q1Keg85lFMrkwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTMzMmUzMTM4MzcyZTMx
MzMzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMG7gjANBgkqhkiG9w0BAQsFAAOCAQEARH/GHwVT0lVOE5hiWADgCD617tzG
GiRf+U102kw+0kpRiBG4QtmaYDjDx2C9fL8TOsIV9LI8sbfX3+ATvartIGGsdJNS
thYdfTn3EUg9z3+kG3xz/wbXGbRhObPiNO8tvGe9tppLRGqkdE7cgKeoT9oJIND5
H+zEEmqHOcRDFyCt+oRA3t2bdC9x2uuw6XbBIrB+6JWES2Grp9U7eGaxo2exUxkq
YZBP7v4yHan8e8Ejc7NLv8yRLm4dJyOFat6sXpC0i4wUrZXLuMXPR1iUyB+NRpG1
1tYvUhrSo//ksKKlKGhE0npJpDSN/Cs1MSZq5v1v7WNph4bNoC5paJwnJg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org