Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e34322e39362e302f32342d3234203d3e20313336373837.roa
File: 3139332e34322e39362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: XqzfXBAWci+kR9ThWzJdQOm1AV5ATLe37oL2hRN2QnQ=
Subject key identifier: E9:36:F1:95:18:66:FD:23:24:42:8D:B8:CD:3E:C1:42:F2:84:67:38
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 4761A7F24D08677CBF4247E024850F8E7370EBCE
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e34322e39362e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:17 +0000
ROA not before: Mon 01 Apr 2024 13:58:17 +0000
ROA not after: Mon 31 Mar 2025 14:03:17 +0000
asID: 136787
IP address blocks: 193.42.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:61:a7:f2:4d:08:67:7c:bf:42:47:e0:24:85:0f:8e:73:70:eb:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 1 13:58:17 2024 GMT
Not After : Mar 31 14:03:17 2025 GMT
Subject: CN=E936F1951866FD2324428DB8CD3EC142F2846738
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5b:73:83:bf:5a:72:03:4f:80:0d:fa:75:9c:
38:79:9d:4b:8c:c4:48:ff:2e:4d:98:d0:96:74:cc:
bc:f8:1e:e6:db:a6:25:40:a0:09:46:73:78:e4:08:
1c:01:a1:ee:dc:fd:99:0b:a4:79:98:6b:f2:f4:dc:
03:96:6f:ae:01:d6:a9:0a:2f:d1:cc:09:a7:9c:62:
b3:b8:00:82:71:3b:14:83:48:d1:a1:c9:65:4b:ae:
83:fb:fd:83:88:e2:be:61:a0:18:91:fa:4e:e4:de:
15:c1:ee:48:c2:fb:84:15:dc:f7:81:26:c7:21:a8:
9c:61:79:d6:ce:9d:30:1f:11:11:54:f0:d2:98:78:
0d:8c:d9:7f:54:0a:b0:84:cc:7d:41:21:b7:37:9d:
f9:32:48:63:62:fe:31:6b:7c:29:00:82:29:be:c8:
49:36:ea:5b:12:58:e9:bf:fe:90:53:ab:00:74:7b:
32:d4:c1:86:9e:8b:53:83:72:a9:7e:77:69:43:40:
17:44:0d:a1:29:78:a5:4c:b5:f7:67:36:cc:d7:70:
33:d5:00:a7:1c:59:e5:05:6f:8d:79:c7:fe:74:1c:
a4:8f:6c:99:cc:2d:7b:6b:78:ff:a8:fd:63:df:43:
81:5a:c4:07:7d:89:6a:69:c4:81:13:f3:6e:37:f4:
a9:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:36:F1:95:18:66:FD:23:24:42:8D:B8:CD:3E:C1:42:F2:84:67:38
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e34322e39362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.42.96.0/24
Signature Algorithm: sha256WithRSAEncryption
38:9f:39:32:5f:b0:73:99:33:1e:7e:ed:bc:d8:b6:8b:89:9b:
c1:64:77:f3:2e:f5:f2:3e:af:81:da:54:5d:77:0f:d4:6d:43:
f4:35:12:39:b8:27:24:ea:45:c2:90:c1:0c:a6:72:58:5b:f6:
e6:fc:cb:66:fa:2b:37:f6:45:1e:c8:47:72:29:fd:f7:ef:e4:
6a:a0:6f:ad:32:5c:54:5d:de:68:90:19:a0:a0:06:64:bb:f2:
7f:07:96:fd:2c:9a:4a:64:b9:e4:f9:b9:b8:70:7d:a4:db:c9:
98:ad:8a:94:d9:08:2e:bf:46:83:2c:77:c8:27:d7:d0:f3:11:
fe:e5:80:c4:05:e6:63:84:29:b2:dd:b9:41:b4:f0:d8:dd:1d:
56:e3:de:ac:b7:25:4e:c9:0a:0a:a8:5c:c9:9a:15:d4:9e:8f:
39:53:87:80:63:24:8a:dc:03:c7:99:2d:4b:e9:80:c7:1e:16:
7f:a3:6e:38:dd:29:f3:31:6b:82:3f:7c:9e:50:5e:43:ea:db:
2a:a8:ab:70:51:0c:0b:ad:eb:73:2b:ac:36:78:75:24:5b:7f:
8d:de:33:77:26:60:a7:92:7b:cc:41:d0:b1:40:23:54:1d:a3:
1e:6d:2f:d3:10:4e:2e:b9:81:76:7a:6f:d4:0f:e4:3a:bb:80:
b7:4c:ac:b3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUR2Gn8k0IZ3y/QkfgJIUPjnNw684wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA0MDExMzU4MTdaFw0yNTAzMzExNDAzMTdaMDMxMTAvBgNV
BAMTKEU5MzZGMTk1MTg2NkZEMjMyNDQyOERCOENEM0VDMTQyRjI4NDY3MzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5W3ODv1pyA0+ADfp1nDh5nUuM
xEj/Lk2Y0JZ0zLz4HubbpiVAoAlGc3jkCBwBoe7c/ZkLpHmYa/L03AOWb64B1qkK
L9HMCaecYrO4AIJxOxSDSNGhyWVLroP7/YOI4r5hoBiR+k7k3hXB7kjC+4QV3PeB
JschqJxhedbOnTAfERFU8NKYeA2M2X9UCrCEzH1BIbc3nfkySGNi/jFrfCkAgim+
yEk26lsSWOm//pBTqwB0ezLUwYaei1ODcql+d2lDQBdEDaEpeKVMtfdnNszXcDPV
AKccWeUFb415x/50HKSPbJnMLXtreP+o/WPfQ4FaxAd9iWppxIET82439Kn1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU6TbxlRhm/SMkQo24zT7BQvKEZzgwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTMzMmUzNDMyMmUzOTM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wSpgMA0GCSqGSIb3DQEBCwUAA4IBAQA4nzkyX7BzmTMefu282LaLiZvBZHfzLvXy
Pq+B2lRddw/UbUP0NRI5uCck6kXCkMEMpnJYW/bm/Mtm+is39kUeyEdyKf337+Rq
oG+tMlxUXd5okBmgoAZku/J/B5b9LJpKZLnk+bm4cH2k28mYrYqU2Qguv0aDLHfI
J9fQ8xH+5YDEBeZjhCmy3blBtPDY3R1W496styVOyQoKqFzJmhXUno85U4eAYySK
3APHmS1L6YDHHhZ/o2443SnzMWuCP3yeUF5D6tsqqKtwUQwLretzK6w2eHUkW3+N
3jN3JmCnknvMQdCxQCNUHaMebS/TEE4uuYF2em/UD+Q6u4C3TKyz
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:44:10 2024 by rpki-client on console-fra.rpki-client.org