Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3230332e31342e302f32342d3234203d3e20313336373837.roa
File: 3139332e3230332e31342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: GlXmFA5lW/IlkqeWo4w65nyPXm972ZxwJtoh8JGulS0=
Subject key identifier: A3:46:48:44:F9:86:F8:37:B7:22:70:75:84:0B:53:14:42:32:2C:02
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 2BE7782796F8DF4EADC3E4FBB953F82B8FF64A7D
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3230332e31342e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:19 +0000
ROA not before: Mon 01 Apr 2024 13:58:19 +0000
ROA not after: Mon 31 Mar 2025 14:03:19 +0000
asID: 136787
IP address blocks: 193.203.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:e7:78:27:96:f8:df:4e:ad:c3:e4:fb:b9:53:f8:2b:8f:f6:4a:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 1 13:58:19 2024 GMT
Not After : Mar 31 14:03:19 2025 GMT
Subject: CN=A3464844F986F837B7227075840B531442322C02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:af:dd:78:bd:da:ce:39:e9:49:eb:bb:ce:7a:
f6:f4:b4:3f:66:f3:55:ee:c2:a1:33:c7:c8:91:fb:
4d:f1:9c:00:25:33:35:6a:3b:97:7a:58:de:a8:c5:
38:ce:12:96:12:53:ca:14:1d:72:84:60:33:39:7a:
a2:23:fc:f9:3b:de:f7:39:45:c0:7b:34:68:61:8b:
ad:3a:c7:94:38:2a:13:f5:6d:8a:fe:bb:3e:31:db:
9d:81:7a:78:2d:d6:80:ca:bc:55:eb:8b:c7:89:1d:
b8:cd:2b:04:27:5f:22:86:1c:25:b3:16:c5:56:92:
0c:ea:1b:c5:6b:4a:5f:67:61:59:37:5c:0c:21:94:
a1:7f:41:e6:a4:d6:f6:d2:83:2e:77:d5:b7:81:98:
e2:3f:38:a7:d6:e4:9c:0a:e3:5a:44:89:08:09:57:
41:a5:5f:4c:f3:c8:a1:0c:cd:fb:60:cd:4f:8b:e1:
d5:dd:74:14:6a:a9:c4:62:f0:c1:03:8d:bc:57:92:
79:bf:36:4f:92:f8:3f:b7:c3:0c:b5:2c:c8:05:c4:
3b:7c:83:6c:35:4d:bd:bb:ae:42:98:86:69:15:ff:
a2:a1:ee:8f:a0:63:e5:0d:66:dc:97:7f:da:52:41:
35:34:0d:3c:7e:1a:0a:d5:f3:e6:67:30:ee:97:09:
7a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:46:48:44:F9:86:F8:37:B7:22:70:75:84:0B:53:14:42:32:2C:02
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3230332e31342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.14.0/24
Signature Algorithm: sha256WithRSAEncryption
78:fb:46:92:65:ad:45:87:64:83:6a:84:05:c5:cd:c9:2b:9c:
fe:fd:8b:3a:a7:9d:0e:82:7b:ef:53:62:3e:b8:60:55:e1:76:
16:7b:6c:42:c1:72:f1:b8:07:55:14:7c:2c:bb:62:1b:63:ab:
28:8d:d0:ac:35:c1:3b:fe:f6:9b:16:fe:6b:a5:a1:60:c2:cc:
16:17:46:37:72:0b:47:7a:5d:ab:5d:42:8a:2b:68:7e:88:a4:
94:ae:3f:6c:6e:90:a9:c7:15:24:dc:df:f4:fb:c5:66:5f:bd:
21:0d:21:5b:00:fd:ac:af:1e:47:97:0e:bd:06:ee:f3:39:dd:
47:f9:00:76:e5:00:8b:8d:b3:12:1c:f0:49:88:34:51:5e:66:
cf:a6:53:6f:a1:06:50:9e:20:b0:cb:60:32:35:d2:41:19:f9:
ea:54:d6:a9:11:29:75:68:7d:68:83:2f:63:1e:2c:b9:ce:0a:
85:2c:89:16:2d:ab:bd:60:3e:d2:a2:e3:4c:4d:3a:4a:a2:8b:
25:f1:d7:3a:35:b1:13:7a:bd:2c:64:d6:44:a4:d3:8d:7c:0d:
b6:75:fb:72:88:f7:14:02:cc:4a:be:65:a1:fe:df:f2:48:86:
7f:1d:1a:98:4a:a7:29:9d:7a:fe:cb:ae:8b:d4:50:78:5a:ab:
fa:cf:54:60
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUK+d4J5b4306tw+T7uVP4K4/2Sn0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA0MDExMzU4MTlaFw0yNTAzMzExNDAzMTlaMDMxMTAvBgNV
BAMTKEEzNDY0ODQ0Rjk4NkY4MzdCNzIyNzA3NTg0MEI1MzE0NDIzMjJDMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfr914vdrOOelJ67vOevb0tD9m
81XuwqEzx8iR+03xnAAlMzVqO5d6WN6oxTjOEpYSU8oUHXKEYDM5eqIj/Pk73vc5
RcB7NGhhi606x5Q4KhP1bYr+uz4x252Bengt1oDKvFXri8eJHbjNKwQnXyKGHCWz
FsVWkgzqG8VrSl9nYVk3XAwhlKF/Qeak1vbSgy531beBmOI/OKfW5JwK41pEiQgJ
V0GlX0zzyKEMzftgzU+L4dXddBRqqcRi8MEDjbxXknm/Nk+S+D+3wwy1LMgFxDt8
g2w1Tb27rkKYhmkV/6Kh7o+gY+UNZtyXf9pSQTU0DTx+GgrV8+ZnMO6XCXrLAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUo0ZIRPmG+De3InB1hAtTFEIyLAIwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTMzMmUzMjMwMzMyZTMx
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADByw4wDQYJKoZIhvcNAQELBQADggEBAHj7RpJlrUWHZINqhAXFzckrnP79izqn
nQ6Ce+9TYj64YFXhdhZ7bELBcvG4B1UUfCy7YhtjqyiN0Kw1wTv+9psW/muloWDC
zBYXRjdyC0d6XatdQooraH6IpJSuP2xukKnHFSTc3/T7xWZfvSENIVsA/ayvHkeX
Dr0G7vM53Uf5AHblAIuNsxIc8EmINFFeZs+mU2+hBlCeILDLYDI10kEZ+epU1qkR
KXVofWiDL2MeLLnOCoUsiRYtq71gPtKi40xNOkqiiyXx1zo1sRN6vSxk1kSk0418
DbZ1+3KI9xQCzEq+ZaH+3/JIhn8dGphKpymdev7LrovUUHhaq/rPVGA=
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:24 2024 by rpki-client on console-fra.rpki-client.org