Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3230332e31332e302f32342d3234203d3e20313336373837.roa
File: 3139332e3230332e31332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: R8Icrh0i0XqSlD8Ofa4/u9m/itLn1BdEO37GpyMN9ok=
Subject key identifier: 5D:4F:82:28:47:D0:7A:83:EF:EE:E1:0E:CE:7C:8D:F9:5E:A3:6E:41
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 35794FBBDEAB998B930AF06C440C109F5234C0C6
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3230332e31332e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:17 +0000
ROA not before: Mon 01 Apr 2024 13:58:17 +0000
ROA not after: Mon 31 Mar 2025 14:03:17 +0000
asID: 136787
IP address blocks: 193.203.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:79:4f:bb:de:ab:99:8b:93:0a:f0:6c:44:0c:10:9f:52:34:c0:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 1 13:58:17 2024 GMT
Not After : Mar 31 14:03:17 2025 GMT
Subject: CN=5D4F822847D07A83EFEEE10ECE7C8DF95EA36E41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:98:8f:ee:33:45:f9:8f:09:95:2b:cb:cb:96:
26:0c:cd:c2:6c:23:e3:3c:6e:c2:0e:28:e3:16:64:
ca:a7:19:3f:e2:7f:79:33:46:f2:ca:74:cb:84:5b:
af:f3:8d:02:a4:bd:c8:a4:4c:27:cd:22:94:ea:0a:
9f:fe:a4:8b:c4:7b:1f:fb:91:a6:49:5f:cf:f5:d7:
bc:80:04:d5:d7:28:74:49:4e:79:81:cb:a3:45:c3:
34:af:ef:15:7d:52:b9:1f:ff:e3:9f:60:6c:cf:16:
d2:df:68:a2:c3:a0:70:2a:33:9f:82:72:93:bc:a4:
ba:25:b2:43:60:39:20:1b:34:ef:fc:db:e9:73:62:
ad:97:89:9b:35:e7:d3:5e:91:a1:3c:19:be:01:59:
4f:62:a2:71:5c:7e:d6:f0:33:25:fd:10:72:23:7a:
97:fe:38:e1:62:55:d9:4f:a5:de:61:19:a2:75:fb:
7e:f0:0e:1c:60:71:ab:08:2f:31:8b:90:4c:d4:5e:
dd:d5:3c:3e:95:9e:71:35:3e:62:89:a8:75:1f:e6:
6f:6d:10:af:ad:4d:2d:54:2e:a6:86:d6:ef:94:cb:
ff:33:6e:80:dd:48:86:15:5b:79:b7:62:99:da:10:
3a:ba:0e:58:b4:f2:7d:75:44:d8:3f:9f:4f:2c:3f:
67:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:4F:82:28:47:D0:7A:83:EF:EE:E1:0E:CE:7C:8D:F9:5E:A3:6E:41
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3230332e31332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.13.0/24
Signature Algorithm: sha256WithRSAEncryption
29:c3:b4:ca:6b:fa:37:24:28:e2:2c:40:56:01:b7:02:66:bf:
b4:e4:04:3f:95:90:1a:de:e3:5b:3f:31:82:3e:d6:7c:c4:b9:
2f:ac:46:a6:8b:1d:af:94:7a:2f:d4:fd:d1:0c:63:0b:c8:f3:
5b:78:e7:f1:1a:66:6c:eb:03:59:52:eb:a4:27:2d:25:c9:b7:
a7:96:21:d4:8d:0c:2a:ff:0a:cc:e9:0b:ed:c7:1a:f5:f2:4a:
96:5a:dc:c2:df:72:45:a3:1c:a9:d5:05:02:e0:a7:73:a6:5d:
01:18:d3:4b:dc:85:cc:25:a5:64:eb:70:27:80:c7:54:d4:27:
5f:29:a7:e5:66:ff:bc:a4:10:30:88:87:02:81:5d:19:03:b6:
c8:2e:e7:87:71:69:78:b7:d1:87:43:66:8b:b8:0d:e3:2d:d4:
d5:f4:39:8e:89:d4:f2:0b:b8:36:57:3b:85:0e:0b:38:72:ec:
d3:51:ca:44:6d:eb:9f:3e:86:7d:56:d3:0c:e8:03:43:19:4a:
c9:2e:a1:6e:71:de:08:95:2d:f1:f4:b8:e4:0c:89:bd:c6:4e:
5d:c0:26:95:47:7a:b6:a5:9d:2a:75:8d:44:7c:74:bd:03:d6:
6f:68:27:3d:fa:40:8c:0d:d7:29:7a:0a:92:94:0e:be:31:fb:
19:65:1e:59
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNXlPu96rmYuTCvBsRAwQn1I0wMYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA0MDExMzU4MTdaFw0yNTAzMzExNDAzMTdaMDMxMTAvBgNV
BAMTKDVENEY4MjI4NDdEMDdBODNFRkVFRTEwRUNFN0M4REY5NUVBMzZFNDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNmI/uM0X5jwmVK8vLliYMzcJs
I+M8bsIOKOMWZMqnGT/if3kzRvLKdMuEW6/zjQKkvcikTCfNIpTqCp/+pIvEex/7
kaZJX8/117yABNXXKHRJTnmBy6NFwzSv7xV9Urkf/+OfYGzPFtLfaKLDoHAqM5+C
cpO8pLolskNgOSAbNO/82+lzYq2XiZs159NekaE8Gb4BWU9ionFcftbwMyX9EHIj
epf+OOFiVdlPpd5hGaJ1+37wDhxgcasILzGLkEzUXt3VPD6VnnE1PmKJqHUf5m9t
EK+tTS1ULqaG1u+Uy/8zboDdSIYVW3m3YpnaEDq6Dli08n11RNg/n08sP2eRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUXU+CKEfQeoPv7uEOznyN+V6jbkEwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTMzMmUzMjMwMzMyZTMx
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADByw0wDQYJKoZIhvcNAQELBQADggEBACnDtMpr+jckKOIsQFYBtwJmv7TkBD+V
kBre41s/MYI+1nzEuS+sRqaLHa+Uei/U/dEMYwvI81t45/EaZmzrA1lS66QnLSXJ
t6eWIdSNDCr/CszpC+3HGvXySpZa3MLfckWjHKnVBQLgp3OmXQEY00vchcwlpWTr
cCeAx1TUJ18pp+Vm/7ykEDCIhwKBXRkDtsgu54dxaXi30YdDZou4DeMt1NX0OY6J
1PILuDZXO4UOCzhy7NNRykRt658+hn1W0wzoA0MZSskuoW5x3giVLfH0uOQMib3G
Tl3AJpVHeralnSp1jUR8dL0D1m9oJz36QIwN1yl6CpKUDr4x+xllHlk=
-----END CERTIFICATE-----
Generated at Tue May 7 21:48:29 2024 by rpki-client on console-fra.rpki-client.org