Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e32322e3135332e302f32342d3234203d3e20313336373837.roa
File: 3139332e32322e3135332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: UQB3X0724OSaPpa2OUbQR0Py8UKBZ0A9IB6d6gBoVac=
Subject key identifier: 17:76:25:5D:DD:17:88:E3:EA:BB:D9:5F:EF:B4:49:2D:A6:10:D0:B6
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 7CF8D1367807B6B028ADC1A382D733EE3259E1C4
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e32322e3135332e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:52:56 +0000
ROA not before: Mon 26 Feb 2024 08:47:56 +0000
ROA not after: Mon 24 Feb 2025 08:52:56 +0000
asID: 136787
IP address blocks: 193.22.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:f8:d1:36:78:07:b6:b0:28:ad:c1:a3:82:d7:33:ee:32:59:e1:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:56 2024 GMT
Not After : Feb 24 08:52:56 2025 GMT
Subject: CN=1776255DDD1788E3EABBD95FEFB4492DA610D0B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:98:a7:22:4b:74:4a:29:04:07:0d:d5:ab:57:
7a:09:98:23:f7:20:f4:cc:c9:52:c8:e7:d4:f4:ef:
3f:b5:72:fd:0b:fc:2e:7c:f1:b1:09:5b:75:df:ce:
ad:3a:f6:0d:c1:80:d9:ad:86:ff:cd:e1:e8:4d:00:
9a:6b:ea:5f:c2:c3:a5:f1:67:ff:80:b3:d7:20:2e:
19:66:5e:71:08:57:6b:99:3f:58:f0:73:a1:a9:ad:
ed:c9:5b:d4:1e:26:7d:33:54:70:04:80:4d:18:d1:
64:87:68:d3:13:ab:b4:24:3d:57:45:d4:8e:d0:a4:
2e:90:82:ac:0f:9f:46:87:7d:37:4c:5c:26:7e:b4:
51:a2:a8:7b:ef:24:7c:2e:87:e9:65:cb:74:f8:15:
fb:fa:07:ee:39:bf:b2:de:82:3f:aa:77:76:65:88:
7f:b1:74:e5:53:d9:5a:f1:d5:95:43:bc:12:bb:02:
2f:cc:96:a9:8b:f7:01:2f:c6:18:54:93:72:07:b8:
24:40:3a:f5:dc:39:63:32:d7:b1:1a:11:23:b3:7f:
d6:65:b1:95:f5:92:77:f3:f3:b7:88:39:bb:6d:b7:
a4:8e:1f:c3:14:84:b9:18:a1:d6:03:60:a9:22:c2:
9b:34:9c:28:a6:93:20:53:4f:0d:3d:e1:e4:58:bf:
d9:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:76:25:5D:DD:17:88:E3:EA:BB:D9:5F:EF:B4:49:2D:A6:10:D0:B6
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e32322e3135332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.153.0/24
Signature Algorithm: sha256WithRSAEncryption
86:f0:6f:4f:2c:93:bc:c2:c4:18:4a:97:8e:75:f7:52:e2:c7:
a3:87:39:56:90:b5:9d:70:3e:cf:b6:c6:1e:35:99:83:d3:2b:
49:51:30:4e:ae:d1:61:68:75:b6:2e:32:54:19:51:36:ca:3e:
58:91:da:ed:03:05:e4:1b:bd:6c:80:f9:74:44:0e:b2:4e:e2:
71:27:e6:0d:2b:8f:1e:bb:87:95:22:be:d0:a9:68:a4:c5:58:
4f:37:53:07:64:de:47:98:a0:ca:cc:5b:47:78:2f:0e:04:8c:
d0:58:e1:9c:ef:06:a9:49:00:ac:1c:77:02:ef:fb:98:78:24:
7b:56:fe:41:f2:f6:0c:bb:aa:ed:63:7b:18:c6:b8:0d:0c:0e:
68:23:10:d7:fc:cb:e7:ea:b5:55:56:45:86:c4:32:bf:25:4e:
fa:f5:3d:4d:3e:b1:e2:4b:de:7c:97:fd:8d:18:f5:05:83:d3:
bc:fa:25:91:d6:ed:a8:82:04:7e:58:0c:14:53:08:6a:45:40:
81:69:c0:dc:a6:ef:bb:cb:f0:11:10:e0:67:be:98:bf:af:70:
e7:0c:8d:68:76:b2:4b:5d:20:c4:28:d8:90:ca:0e:19:65:4f:
f0:d4:0e:05:2d:07:95:30:f6:ff:66:b5:fe:52:b9:3a:81:fe:
7e:e7:1e:63
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfPjRNngHtrAorcGjgtcz7jJZ4cQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NTZaFw0yNTAyMjQwODUyNTZaMDMxMTAvBgNV
BAMTKDE3NzYyNTVEREQxNzg4RTNFQUJCRDk1RkVGQjQ0OTJEQTYxMEQwQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQComKciS3RKKQQHDdWrV3oJmCP3
IPTMyVLI59T07z+1cv0L/C588bEJW3Xfzq069g3BgNmthv/N4ehNAJpr6l/Cw6Xx
Z/+As9cgLhlmXnEIV2uZP1jwc6Gpre3JW9QeJn0zVHAEgE0Y0WSHaNMTq7QkPVdF
1I7QpC6QgqwPn0aHfTdMXCZ+tFGiqHvvJHwuh+lly3T4Ffv6B+45v7Legj+qd3Zl
iH+xdOVT2Vrx1ZVDvBK7Ai/MlqmL9wEvxhhUk3IHuCRAOvXcOWMy17EaESOzf9Zl
sZX1knfz87eIObttt6SOH8MUhLkYodYDYKkiwps0nCimkyBTTw094eRYv9nLAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUF3YlXd0XiOPqu9lf77RJLaYQ0LYwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTMzMmUzMjMyMmUzMTM1
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBFpkwDQYJKoZIhvcNAQELBQADggEBAIbwb08sk7zCxBhKl45191Lix6OHOVaQ
tZ1wPs+2xh41mYPTK0lRME6u0WFodbYuMlQZUTbKPliR2u0DBeQbvWyA+XREDrJO
4nEn5g0rjx67h5UivtCpaKTFWE83Uwdk3keYoMrMW0d4Lw4EjNBY4ZzvBqlJAKwc
dwLv+5h4JHtW/kHy9gy7qu1jexjGuA0MDmgjENf8y+fqtVVWRYbEMr8lTvr1PU0+
seJL3nyX/Y0Y9QWD07z6JZHW7aiCBH5YDBRTCGpFQIFpwNym77vL8BEQ4Ge+mL+v
cOcMjWh2sktdIMQo2JDKDhllT/DUDgUtB5Uw9v9mtf5SuTqB/n7nHmM=
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:52 2024 by rpki-client on console-ams.rpki-client.org