Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e34322e39372e302f32342d3234203d3e20383334.roa
File: 3139332e34322e39372e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: FvtxovtZYNnqn6EJ2VrNZHaahXevXItdfjozrQrcRgs=
Subject key identifier: AF:52:5F:82:C6:85:36:9F:B5:66:08:6D:F7:96:51:B7:BA:D1:0C:76
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 69FC5F328615C79D8AA36068336ED97757957675
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e34322e39372e302f32342d3234203d3e20383334.roa
Signing time: Tue 04 Jul 2023 14:37:40 +0000
ROA not before: Tue 04 Jul 2023 14:32:40 +0000
ROA not after: Tue 02 Jul 2024 14:37:40 +0000
asID: 834
IP address blocks: 193.42.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:fc:5f:32:86:15:c7:9d:8a:a3:60:68:33:6e:d9:77:57:95:76:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Jul 4 14:32:40 2023 GMT
Not After : Jul 2 14:37:40 2024 GMT
Subject: CN=AF525F82C685369FB566086DF79651B7BAD10C76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1a:07:6d:84:fe:c6:01:ef:f3:ed:b7:76:ae:
38:6e:82:09:dc:6e:20:68:e7:de:19:45:a4:d5:e0:
a7:12:0a:1b:81:ad:90:9f:8e:06:79:02:b2:18:c5:
27:eb:69:9f:55:7f:21:6a:1a:1d:8a:b8:05:44:df:
48:76:e5:49:5c:ed:5f:d5:89:5b:0b:e7:fd:87:a7:
6d:9e:fd:2f:f5:b3:88:9c:30:ec:41:4e:f8:38:16:
60:6c:3a:27:cb:51:53:3d:c9:36:72:92:0b:e1:54:
83:60:bc:ac:d6:79:c8:6e:9c:c2:62:2e:ff:7c:92:
ec:0f:bd:19:e4:11:fc:f2:66:8a:89:34:01:1a:7b:
97:aa:42:ad:0e:69:57:a6:7d:fd:61:84:76:9d:e9:
f5:dc:31:09:92:bb:55:4d:39:4b:19:c9:6b:c5:a1:
64:ee:d1:ba:3e:65:36:79:20:41:da:a4:71:d8:a2:
db:5e:4d:8f:b1:25:0b:4e:60:bb:86:95:0d:27:44:
b3:c4:89:cf:d0:6e:9d:41:c9:4b:82:c2:7e:b9:7f:
d7:c9:66:58:d3:c8:80:66:65:c3:58:45:0e:02:bd:
93:36:cf:ee:4b:96:e8:39:8d:ad:fc:1f:ad:15:df:
c5:2a:20:95:79:24:a7:68:5f:eb:42:65:86:9a:8a:
02:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:52:5F:82:C6:85:36:9F:B5:66:08:6D:F7:96:51:B7:BA:D1:0C:76
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e34322e39372e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.42.97.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:6f:70:df:3a:02:70:6b:45:86:d8:6a:e8:d3:8b:16:ad:33:
e3:6d:79:bd:ea:02:8d:2d:53:b7:62:af:ed:c8:ad:59:7f:01:
cc:7b:f3:3f:b3:de:d2:dd:60:80:37:0f:84:54:96:26:63:98:
c8:ab:52:cc:20:22:8e:51:e9:b2:09:96:63:0f:9e:f6:c9:7b:
a7:74:15:70:70:a4:0f:07:bc:30:49:40:c0:2d:f1:15:09:cb:
6a:c6:7e:8b:93:2a:0d:2b:16:59:92:8d:b9:86:0e:57:e8:56:
b1:39:d5:3d:c2:e4:8d:58:86:23:a1:12:fb:b4:e9:6a:98:2f:
49:15:b6:4e:3f:1f:19:de:2c:4d:20:27:a2:10:76:a4:18:11:
fc:fc:cb:b2:92:83:ae:cb:f4:a8:5c:f6:c0:7d:98:84:08:30:
51:23:e9:d5:7b:d9:80:f2:74:17:b7:0f:f6:a2:00:7b:df:b0:
2e:a5:06:52:88:73:49:3c:c7:f7:ea:a3:b8:2c:26:68:69:dd:
a8:0b:4a:05:8a:f4:f9:a8:72:c9:b6:5d:1e:0c:43:9d:f5:ed:
08:15:19:64:f4:6b:d2:07:14:d3:9e:38:1f:eb:0c:cd:b9:20:
35:f8:0d:c9:b4:86:60:b4:0f:e1:2a:08:42:ee:7f:61:14:f8:
2d:19:7a:b2
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUafxfMoYVx52Ko2BoM27Zd1eVdnUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzA3MDQxNDMyNDBaFw0yNDA3MDIxNDM3NDBaMDMxMTAvBgNV
BAMTKEFGNTI1RjgyQzY4NTM2OUZCNTY2MDg2REY3OTY1MUI3QkFEMTBDNzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYGgdthP7GAe/z7bd2rjhuggnc
biBo594ZRaTV4KcSChuBrZCfjgZ5ArIYxSfraZ9VfyFqGh2KuAVE30h25Ulc7V/V
iVsL5/2Hp22e/S/1s4icMOxBTvg4FmBsOifLUVM9yTZykgvhVINgvKzWechunMJi
Lv98kuwPvRnkEfzyZoqJNAEae5eqQq0OaVemff1hhHad6fXcMQmSu1VNOUsZyWvF
oWTu0bo+ZTZ5IEHapHHYotteTY+xJQtOYLuGlQ0nRLPEic/Qbp1ByUuCwn65f9fJ
ZljTyIBmZcNYRQ4CvZM2z+5Llug5ja38H60V38UqIJV5JKdoX+tCZYaaigLlAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUr1JfgsaFNp+1Zght95ZRt7rRDHYwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTMzMmUzNDMyMmUzOTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSphMA0G
CSqGSIb3DQEBCwUAA4IBAQAPb3DfOgJwa0WG2Gro04sWrTPjbXm96gKNLVO3Yq/t
yK1ZfwHMe/M/s97S3WCANw+EVJYmY5jIq1LMICKOUemyCZZjD572yXundBVwcKQP
B7wwSUDALfEVCctqxn6LkyoNKxZZko25hg5X6FaxOdU9wuSNWIYjoRL7tOlqmC9J
FbZOPx8Z3ixNICeiEHakGBH8/MuykoOuy/SoXPbAfZiECDBRI+nVe9mA8nQXtw/2
ogB737AupQZSiHNJPMf36qO4LCZoad2oC0oFivT5qHLJtl0eDEOd9e0IFRlk9GvS
BxTTnjgf6wzNuSA1+A3JtIZgtA/hKghC7n9hFPgtGXqy
-----END CERTIFICATE-----
Generated at Thu May 2 10:53:04 2024 by rpki-client on console-fra.rpki-client.org