Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e3131302e38362e302f32342d3234203d3e20313336373837.roa
File: 3139342e3131302e38362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: h4d7/3ollK0eZzsY8DIZxWVlK4BIg0ki3EDTBpbOzGA=
Subject key identifier: 28:DB:27:BF:41:40:67:47:D1:2F:63:CB:46:83:D6:99:55:80:20:5F
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 338FCB0EDAADD920726EF3D845DCDD1F87028CFE
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e3131302e38362e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 04 Mar 2024 19:45:07 +0000
ROA not before: Mon 04 Mar 2024 19:40:07 +0000
ROA not after: Mon 03 Mar 2025 19:45:07 +0000
asID: 136787
IP address blocks: 194.110.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:8f:cb:0e:da:ad:d9:20:72:6e:f3:d8:45:dc:dd:1f:87:02:8c:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Mar 4 19:40:07 2024 GMT
Not After : Mar 3 19:45:07 2025 GMT
Subject: CN=28DB27BF41406747D12F63CB4683D6995580205F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:3d:cb:90:6f:f5:3e:af:f7:77:cf:92:75:21:
38:26:3d:45:16:b9:3d:60:cc:2c:95:49:c1:64:8c:
22:e4:af:e2:76:31:5f:87:a2:03:4b:16:95:01:c7:
10:24:fb:5b:17:8e:77:a1:30:17:7c:32:6f:96:42:
83:b0:9d:cc:e4:22:c1:78:c1:f4:6e:19:29:f3:91:
28:41:2d:2d:1f:63:cb:89:5e:15:55:9d:ae:3c:01:
94:29:ae:07:6e:0f:2b:42:8a:5f:d0:58:7a:90:5b:
d1:d0:ce:7e:3b:a3:9f:09:14:e6:eb:f0:3c:6b:cd:
39:32:59:84:01:10:ae:7b:91:09:0f:06:04:2e:ee:
24:b6:6c:8d:39:4c:09:b4:1a:39:26:6a:1d:e9:dd:
95:c0:91:c8:ba:22:35:6c:e2:f8:50:41:0e:26:30:
6d:63:1e:e6:cb:3f:69:42:35:83:98:a4:5d:6c:ca:
28:56:4b:c2:65:0c:0c:e6:21:0f:b2:e8:e6:91:5d:
00:ff:f1:de:de:a6:51:54:38:ba:22:78:1f:51:54:
80:17:90:74:ed:35:5e:27:8f:85:77:62:d0:f3:e0:
1d:c9:cd:24:2d:1e:3e:fd:15:26:05:a7:f5:31:55:
0e:3b:34:5f:d2:de:93:71:ae:48:e7:b6:28:56:0e:
b4:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:DB:27:BF:41:40:67:47:D1:2F:63:CB:46:83:D6:99:55:80:20:5F
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e3131302e38362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.110.86.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:1e:ce:0b:87:26:1d:7b:ad:7f:41:ba:b6:5d:fc:63:bc:ec:
f0:46:13:88:fa:22:2f:8c:c0:df:6d:4b:7f:9c:db:02:54:f8:
91:8d:37:19:fb:d2:be:f5:7a:70:5e:e7:37:bf:cc:25:e7:18:
c9:ee:2d:a5:f2:d4:1e:79:ba:e2:f5:07:f6:ed:4e:34:5b:07:
0a:c1:29:82:2b:ba:e0:6d:24:d8:80:61:38:b7:3e:70:3e:d1:
dd:03:34:1e:a6:62:71:34:fc:86:10:69:21:4b:1f:00:2a:77:
1a:00:db:5c:4c:b9:36:24:b6:48:66:1e:31:5f:23:ee:ad:01:
89:86:ea:49:4e:3b:81:ab:0d:2a:e9:da:b4:a0:f3:d8:10:fd:
7a:db:25:41:4e:bc:8d:3f:d2:2d:34:ce:5f:50:36:b2:29:5c:
22:ac:e4:3d:b8:a4:5c:03:c2:96:20:e0:67:fa:d2:b1:72:aa:
55:e4:45:07:9b:57:bd:75:4a:84:ff:74:a9:a4:40:7a:28:38:
cc:39:d7:42:28:67:73:b1:47:be:f8:1e:b8:b3:3d:ff:f8:cc:
02:77:99:8a:74:dd:e1:e3:b1:ba:db:52:8c:dd:a6:a3:e8:63:
ec:39:66:fd:5c:8c:ff:a1:ad:63:64:3b:38:64:b8:74:13:19:
bc:8c:20:36
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUM4/LDtqt2SBybvPYRdzdH4cCjP4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAzMDQxOTQwMDdaFw0yNTAzMDMxOTQ1MDdaMDMxMTAvBgNV
BAMTKDI4REIyN0JGNDE0MDY3NDdEMTJGNjNDQjQ2ODNENjk5NTU4MDIwNUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLPcuQb/U+r/d3z5J1ITgmPUUW
uT1gzCyVScFkjCLkr+J2MV+HogNLFpUBxxAk+1sXjnehMBd8Mm+WQoOwnczkIsF4
wfRuGSnzkShBLS0fY8uJXhVVna48AZQprgduDytCil/QWHqQW9HQzn47o58JFObr
8DxrzTkyWYQBEK57kQkPBgQu7iS2bI05TAm0Gjkmah3p3ZXAkci6IjVs4vhQQQ4m
MG1jHubLP2lCNYOYpF1syihWS8JlDAzmIQ+y6OaRXQD/8d7eplFUOLoieB9RVIAX
kHTtNV4nj4V3YtDz4B3JzSQtHj79FSYFp/UxVQ47NF/S3pNxrkjntihWDrQNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUKNsnv0FAZ0fRL2PLRoPWmVWAIF8wHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTM0MmUzMTMxMzAyZTM4
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCblYwDQYJKoZIhvcNAQELBQADggEBAD0ezguHJh17rX9BurZd/GO87PBGE4j6
Ii+MwN9tS3+c2wJU+JGNNxn70r71enBe5ze/zCXnGMnuLaXy1B55uuL1B/btTjRb
BwrBKYIruuBtJNiAYTi3PnA+0d0DNB6mYnE0/IYQaSFLHwAqdxoA21xMuTYktkhm
HjFfI+6tAYmG6klOO4GrDSrp2rSg89gQ/XrbJUFOvI0/0i00zl9QNrIpXCKs5D24
pFwDwpYg4Gf60rFyqlXkRQebV711SoT/dKmkQHooOMw510IoZ3OxR774HrizPf/4
zAJ3mYp03eHjsbrbUozdpqPoY+w5Zv1cjP+hrWNkOzhkuHQTGbyMIDY=
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:22 2024 by rpki-client on console-fra.rpki-client.org