Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e32322e32352e302f32342d3234203d3e20313336373837.roa
File: 3139332e32322e32352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 9a7UY7YHEOyXMnbitXcCehAeI4TyPah5EYq0Ge0l4r4=
Subject key identifier: 3E:7E:1B:89:2D:E6:EF:54:B7:BD:14:9A:41:4E:21:B6:AB:B6:A9:32
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 36BC42F2BF18ADA0577721A947264D67895CD411
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e32322e32352e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 02 Mar 2024 21:54:37 +0000
ROA not before: Sat 02 Mar 2024 21:49:37 +0000
ROA not after: Sat 01 Mar 2025 21:54:37 +0000
asID: 136787
IP address blocks: 193.22.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:bc:42:f2:bf:18:ad:a0:57:77:21:a9:47:26:4d:67:89:5c:d4:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Mar 2 21:49:37 2024 GMT
Not After : Mar 1 21:54:37 2025 GMT
Subject: CN=3E7E1B892DE6EF54B7BD149A414E21B6ABB6A932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:0c:ef:f2:90:75:b9:70:9b:3d:4a:4f:58:6f:
b9:27:d9:88:ab:be:09:8f:9c:7c:45:a3:52:cf:14:
56:bf:01:f2:ed:81:4e:61:31:a9:0a:14:4c:bf:78:
d3:e6:e2:39:86:b0:47:b2:42:81:0b:c3:c5:31:f8:
a1:c1:67:bf:4b:8f:a8:59:a5:f5:e4:e7:0c:44:87:
79:4c:95:ee:c7:ae:38:3f:9e:50:48:4e:1e:da:7d:
4c:d9:b4:c2:63:3b:e5:f3:50:30:46:c3:61:cd:47:
75:98:e5:f0:45:05:ea:03:2f:7b:c1:05:6f:d0:48:
38:a0:a0:46:65:42:b8:e3:e9:20:c1:52:6b:af:5c:
07:bd:d7:d8:d2:29:eb:f2:c1:06:0a:4a:f2:cf:8f:
4c:4c:4e:8a:f2:30:69:5d:69:2d:9f:c8:69:6a:39:
bb:d5:1d:42:3e:01:68:75:2d:96:af:63:69:40:59:
f0:65:dc:6b:66:fe:73:77:2c:44:65:0d:ed:a4:b4:
af:72:76:7f:39:3e:cd:70:59:e2:8c:2e:50:40:52:
ef:af:50:cd:9f:2f:37:0a:99:01:68:e0:3e:75:53:
cf:1d:d7:77:95:ee:e6:e4:85:a7:d7:0a:cf:d4:c7:
15:75:43:cb:55:d9:a6:93:5e:82:3e:86:ca:66:7e:
86:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:7E:1B:89:2D:E6:EF:54:B7:BD:14:9A:41:4E:21:B6:AB:B6:A9:32
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e32322e32352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.25.0/24
Signature Algorithm: sha256WithRSAEncryption
59:c1:6b:5f:1f:bd:a7:2e:3f:ef:22:00:1b:5f:35:a3:97:aa:
3f:a9:40:71:aa:84:cf:ce:f8:16:96:f9:66:3a:d2:85:1c:55:
dc:4d:4c:da:06:b4:b6:3e:0e:63:17:11:8d:3c:c9:47:7e:1a:
fa:70:72:d5:e2:97:44:41:ff:42:ca:c5:7d:0f:4f:38:a3:a9:
a2:94:a3:0a:5f:41:ed:b6:b9:c6:eb:12:bf:7a:58:d5:67:de:
b1:76:02:f4:0c:8e:8d:9f:7a:12:8d:7a:0d:1c:4e:58:85:35:
8a:4e:80:3d:22:ef:d1:da:49:70:77:f3:71:db:4c:fa:2b:3d:
dd:0b:c2:fd:e8:29:fb:ee:61:72:bc:a4:e6:66:65:a5:d4:7c:
68:d9:7a:02:d6:1e:51:e5:08:28:ff:b8:9f:d6:05:df:db:f9:
05:41:7d:fc:98:5c:93:6a:1f:68:6b:cb:e0:6c:6e:bc:ac:9f:
a8:1a:1d:c9:a6:6e:a0:33:17:56:cf:4f:95:a9:32:7f:93:4e:
ea:17:8f:b8:7b:61:89:10:80:91:de:29:6a:64:13:7b:f8:34:
f7:f0:cc:de:8a:30:3c:11:bf:db:8f:d8:87:ca:c0:df:c8:dc:
ad:12:a0:96:fc:46:3c:75:ae:30:16:d3:fe:96:50:60:04:4f:
88:0e:d0:90
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUNrxC8r8YraBXdyGpRyZNZ4lc1BEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAzMDIyMTQ5MzdaFw0yNTAzMDEyMTU0MzdaMDMxMTAvBgNV
BAMTKDNFN0UxQjg5MkRFNkVGNTRCN0JEMTQ5QTQxNEUyMUI2QUJCNkE5MzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPDO/ykHW5cJs9Sk9Yb7kn2Yir
vgmPnHxFo1LPFFa/AfLtgU5hMakKFEy/eNPm4jmGsEeyQoELw8Ux+KHBZ79Lj6hZ
pfXk5wxEh3lMle7Hrjg/nlBITh7afUzZtMJjO+XzUDBGw2HNR3WY5fBFBeoDL3vB
BW/QSDigoEZlQrjj6SDBUmuvXAe919jSKevywQYKSvLPj0xMToryMGldaS2fyGlq
ObvVHUI+AWh1LZavY2lAWfBl3Gtm/nN3LERlDe2ktK9ydn85Ps1wWeKMLlBAUu+v
UM2fLzcKmQFo4D51U88d13eV7ubkhafXCs/UxxV1Q8tV2aaTXoI+hspmfobpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUPn4biS3m71S3vRSaQU4htqu2qTIwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTMzMmUzMjMyMmUzMjM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wRYZMA0GCSqGSIb3DQEBCwUAA4IBAQBZwWtfH72nLj/vIgAbXzWjl6o/qUBxqoTP
zvgWlvlmOtKFHFXcTUzaBrS2Pg5jFxGNPMlHfhr6cHLV4pdEQf9CysV9D084o6mi
lKMKX0HttrnG6xK/eljVZ96xdgL0DI6Nn3oSjXoNHE5YhTWKToA9Iu/R2klwd/Nx
20z6Kz3dC8L96Cn77mFyvKTmZmWl1Hxo2XoC1h5R5Qgo/7if1gXf2/kFQX38mFyT
ah9oa8vgbG68rJ+oGh3Jpm6gMxdWz0+VqTJ/k07qF4+4e2GJEICR3ilqZBN7+DT3
8MzeijA8Eb/bj9iHysDfyNytEqCW/EY8da4wFtP+llBgBE+IDtCQ
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:24 2024 by rpki-client on console-fra.rpki-client.org