Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3138372e3133312e302f32342d3332203d3e20313336373837.roa
File: 3139332e3138372e3133312e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: 8adlzcDqQeUqclGDXaT0Wp1PftZcxaK4FKbZZL4ByHA=
Subject key identifier: AF:B4:E9:D6:44:10:32:CF:E6:86:2E:C9:DF:75:EA:B6:39:88:27:B6
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 353F28B079ACBC27B548D7EA4931F2405B2F638F
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3138372e3133312e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:52:48 +0000
ROA not before: Mon 26 Feb 2024 08:47:48 +0000
ROA not after: Mon 24 Feb 2025 08:52:48 +0000
asID: 136787
IP address blocks: 193.187.131.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:3f:28:b0:79:ac:bc:27:b5:48:d7:ea:49:31:f2:40:5b:2f:63:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:48 2024 GMT
Not After : Feb 24 08:52:48 2025 GMT
Subject: CN=AFB4E9D6441032CFE6862EC9DF75EAB6398827B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a3:d1:1d:ab:62:f6:12:71:e6:08:99:59:f5:
85:fe:0c:d9:8b:5a:a2:14:cd:65:1d:d3:47:46:22:
a7:30:49:1e:69:26:a8:08:64:af:91:57:98:fb:6f:
ab:e6:65:6b:4e:3d:ec:a8:db:5a:c7:0d:6c:37:65:
d7:a7:c0:8f:cb:2c:51:6f:e7:4c:2b:86:d6:e6:7c:
21:5b:e1:93:ec:95:4e:a7:a9:35:cd:be:66:2d:57:
0c:6c:c5:d2:7f:1d:17:fc:53:4f:6b:b6:04:c2:24:
ff:9d:52:ed:09:59:3d:75:1d:5a:f9:8e:17:8b:dc:
05:c4:d0:2b:cd:9e:df:65:7c:ae:cf:d0:6f:ef:24:
1b:6f:88:d2:9e:38:51:4b:92:c7:1e:18:7f:75:7e:
38:9c:10:fc:6e:93:33:f4:b1:01:28:29:06:ff:28:
da:4a:53:1c:20:55:f8:4d:32:ab:26:99:84:2b:0e:
2e:55:08:ab:d6:28:b9:55:68:33:27:14:9d:3f:19:
c7:9d:14:e0:b9:64:ca:69:13:45:99:62:d0:fa:01:
98:06:86:ed:b1:1c:be:62:88:18:54:76:6a:ff:10:
82:e0:f8:be:56:c0:bc:42:e2:9d:84:cd:9a:56:57:
43:2b:37:ba:0a:ef:cd:b5:c8:e5:e3:c6:8e:9f:97:
9f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:B4:E9:D6:44:10:32:CF:E6:86:2E:C9:DF:75:EA:B6:39:88:27:B6
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3138372e3133312e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.187.131.0/24
Signature Algorithm: sha256WithRSAEncryption
87:aa:ff:82:94:c1:34:9d:ef:d1:fc:6d:e8:f6:fe:8b:23:26:
be:e0:2f:bc:8c:d4:90:55:17:05:b9:9b:0d:df:06:33:40:cd:
16:e0:30:b2:d2:0f:77:b4:30:cd:95:b9:01:c1:4e:40:1f:9a:
af:ba:cc:15:9b:39:a7:02:1e:db:0d:c6:a1:aa:7b:d8:42:53:
01:2e:45:88:d0:c2:f2:32:0b:86:15:a4:43:c7:c6:33:b8:3f:
cc:82:b0:b3:59:ad:8f:2b:26:f6:dc:b8:9d:52:67:45:db:0d:
e9:37:c4:e5:54:61:f3:51:6f:73:22:29:d2:ad:57:a1:64:ea:
3b:e9:ec:79:66:4a:04:6e:5d:e2:67:cf:a3:31:f4:8a:39:dc:
3e:c5:d7:83:f5:16:1d:97:d3:fd:01:9b:ce:bb:21:b9:b1:86:
27:c5:2a:43:81:0c:60:a3:08:07:d7:62:44:8d:3a:9e:be:8b:
aa:bb:1b:99:57:ad:77:70:af:ca:af:64:7c:ee:45:c8:24:68:
ed:67:7d:ce:60:97:c2:a2:59:fe:dd:04:b2:5d:1f:dd:71:c6:
41:20:8a:ac:e0:c9:ff:4d:7b:06:97:92:a9:71:6f:e1:4c:bf:
6c:45:70:52:66:36:a6:c4:dc:d1:9a:ca:63:a5:87:8a:ae:04:
83:91:e4:a4
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUNT8osHmsvCe1SNfqSTHyQFsvY48wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NDhaFw0yNTAyMjQwODUyNDhaMDMxMTAvBgNV
BAMTKEFGQjRFOUQ2NDQxMDMyQ0ZFNjg2MkVDOURGNzVFQUI2Mzk4ODI3QjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKo9Edq2L2EnHmCJlZ9YX+DNmL
WqIUzWUd00dGIqcwSR5pJqgIZK+RV5j7b6vmZWtOPeyo21rHDWw3ZdenwI/LLFFv
50wrhtbmfCFb4ZPslU6nqTXNvmYtVwxsxdJ/HRf8U09rtgTCJP+dUu0JWT11HVr5
jheL3AXE0CvNnt9lfK7P0G/vJBtviNKeOFFLksceGH91fjicEPxukzP0sQEoKQb/
KNpKUxwgVfhNMqsmmYQrDi5VCKvWKLlVaDMnFJ0/GcedFOC5ZMppE0WZYtD6AZgG
hu2xHL5iiBhUdmr/EILg+L5WwLxC4p2EzZpWV0MrN7oK7821yOXjxo6fl5+RAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUr7Tp1kQQMs/mhi7J33XqtjmIJ7YwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTMzMmUzMTM4MzcyZTMx
MzMzMTJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMG7gzANBgkqhkiG9w0BAQsFAAOCAQEAh6r/gpTBNJ3v0fxt6Pb+iyMmvuAv
vIzUkFUXBbmbDd8GM0DNFuAwstIPd7QwzZW5AcFOQB+ar7rMFZs5pwIe2w3Goap7
2EJTAS5FiNDC8jILhhWkQ8fGM7g/zIKws1mtjysm9ty4nVJnRdsN6TfE5VRh81Fv
cyIp0q1XoWTqO+nseWZKBG5d4mfPozH0ijncPsXXg/UWHZfT/QGbzrshubGGJ8Uq
Q4EMYKMIB9diRI06nr6LqrsbmVetd3Cvyq9kfO5FyCRo7Wd9zmCXwqJZ/t0Esl0f
3XHGQSCKrODJ/017BpeSqXFv4Uy/bEVwUmY2psTc0ZrKY6WHiq4Eg5HkpA==
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:22 2024 by rpki-client on console-fra.rpki-client.org