Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e34322e39392e302f32342d3234203d3e20313336373837.roa
File: 3139332e34322e39392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: OkdCe5iVKNbvHHvnitu5yNWJ377lUxmDmdSWOuvuPO4=
Subject key identifier: 7A:90:25:68:27:8E:6C:18:4E:EB:AC:EA:36:5F:C8:A9:51:21:02:B5
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 6CE5899CFB5491E4B8A1935F6F994304832BE3A8
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e34322e39392e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:17 +0000
ROA not before: Mon 01 Apr 2024 13:58:17 +0000
ROA not after: Mon 31 Mar 2025 14:03:17 +0000
asID: 136787
IP address blocks: 193.42.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:e5:89:9c:fb:54:91:e4:b8:a1:93:5f:6f:99:43:04:83:2b:e3:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 1 13:58:17 2024 GMT
Not After : Mar 31 14:03:17 2025 GMT
Subject: CN=7A902568278E6C184EEBACEA365FC8A9512102B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:23:27:f5:f4:79:1d:b1:72:98:8d:88:1b:6c:
2b:cb:f6:db:03:ff:8f:e6:25:09:12:cd:89:86:f1:
24:ca:be:2b:79:d8:81:17:3c:7e:ca:7d:84:6d:6e:
f9:99:dc:22:f7:4c:9c:b0:24:2b:20:1f:4d:aa:e2:
ae:40:48:31:4c:d0:44:01:81:60:26:5b:6b:9c:45:
45:2a:9a:74:95:2b:ac:a0:ec:3d:1f:af:89:0f:06:
d6:f9:42:66:9d:13:c8:05:6a:27:84:e8:0e:c2:33:
60:44:92:f3:ff:65:45:a2:d5:ac:bf:9b:35:34:b7:
4e:08:06:72:07:7f:35:63:bc:9d:f3:51:f1:45:63:
37:87:09:19:03:46:6f:3c:5e:9e:ae:17:d7:b2:09:
4f:36:1b:13:d1:71:02:34:6d:ac:67:bb:8a:03:ff:
2f:bc:af:98:2e:ff:6a:77:d0:02:db:16:52:10:56:
83:41:f9:b3:73:a4:29:b4:76:8c:9f:85:6c:84:c5:
30:ec:32:45:29:73:3d:8c:c6:0e:05:e7:bd:63:9a:
09:82:27:78:05:e7:b8:00:7f:7d:ff:ad:db:47:99:
bd:9d:19:28:80:f6:8a:77:91:d7:26:d9:ed:23:cb:
7e:40:d9:82:76:28:a1:dc:40:62:7d:c9:8f:2f:5b:
28:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:90:25:68:27:8E:6C:18:4E:EB:AC:EA:36:5F:C8:A9:51:21:02:B5
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e34322e39392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.42.99.0/24
Signature Algorithm: sha256WithRSAEncryption
70:fe:8b:e8:47:4b:1a:85:88:8a:22:ca:58:17:f0:2c:ca:46:
7f:9c:78:8b:b7:fb:13:ac:9d:5e:a5:5d:34:e3:d8:d0:ea:43:
0d:a8:bb:df:da:e6:da:94:12:49:ec:a0:a3:11:11:f1:40:c1:
f1:76:30:0b:52:2e:20:cd:e6:30:db:2a:a6:d7:25:3d:68:47:
e0:28:98:42:b3:2a:5d:47:4c:8b:b2:0a:24:42:56:a9:49:a1:
f8:99:eb:e8:cb:16:29:f3:a0:3f:c9:d9:52:45:4a:06:76:4e:
be:d1:a1:f6:0d:79:45:f8:84:15:ae:54:02:48:61:db:df:c1:
7c:28:dc:c9:93:4e:ab:d4:38:af:1d:5f:de:12:45:b5:1a:12:
6e:87:21:c2:92:dc:4b:f8:0e:61:ff:75:79:8f:15:8c:e9:af:
a0:ee:be:e6:1d:9d:64:97:e7:42:c5:89:d1:21:a4:5b:4e:94:
7d:39:17:f3:b9:23:d0:38:b9:f9:7a:73:8d:69:52:aa:ab:d5:
1f:f0:1d:3d:33:42:68:9a:c5:00:6f:59:8a:8b:79:21:d2:11:
7c:ca:2d:90:0e:30:2b:cd:da:b6:f3:92:d2:ad:a4:d1:b2:a8:
28:c2:a0:65:f6:68:5f:c7:5b:dc:ab:78:38:7d:13:37:e2:8e:
20:fc:6d:11
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUbOWJnPtUkeS4oZNfb5lDBIMr46gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA0MDExMzU4MTdaFw0yNTAzMzExNDAzMTdaMDMxMTAvBgNV
BAMTKDdBOTAyNTY4Mjc4RTZDMTg0RUVCQUNFQTM2NUZDOEE5NTEyMTAyQjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYIyf19HkdsXKYjYgbbCvL9tsD
/4/mJQkSzYmG8STKvit52IEXPH7KfYRtbvmZ3CL3TJywJCsgH02q4q5ASDFM0EQB
gWAmW2ucRUUqmnSVK6yg7D0fr4kPBtb5QmadE8gFaieE6A7CM2BEkvP/ZUWi1ay/
mzU0t04IBnIHfzVjvJ3zUfFFYzeHCRkDRm88Xp6uF9eyCU82GxPRcQI0baxnu4oD
/y+8r5gu/2p30ALbFlIQVoNB+bNzpCm0doyfhWyExTDsMkUpcz2Mxg4F571jmgmC
J3gF57gAf33/rdtHmb2dGSiA9op3kdcm2e0jy35A2YJ2KKHcQGJ9yY8vWyirAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUepAlaCeObBhO66zqNl/IqVEhArUwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTMzMmUzNDMyMmUzOTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wSpjMA0GCSqGSIb3DQEBCwUAA4IBAQBw/ovoR0sahYiKIspYF/AsykZ/nHiLt/sT
rJ1epV0049jQ6kMNqLvf2ubalBJJ7KCjERHxQMHxdjALUi4gzeYw2yqm1yU9aEfg
KJhCsypdR0yLsgokQlapSaH4mevoyxYp86A/ydlSRUoGdk6+0aH2DXlF+IQVrlQC
SGHb38F8KNzJk06r1DivHV/eEkW1GhJuhyHCktxL+A5h/3V5jxWM6a+g7r7mHZ1k
l+dCxYnRIaRbTpR9ORfzuSPQOLn5enONaVKqq9Uf8B09M0JomsUAb1mKi3kh0hF8
yi2QDjArzdq285LSraTRsqgowqBl9mhfx1vcq3g4fRM34o4g/G0R
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:22 2024 by rpki-client on console-fra.rpki-client.org