Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e3234322e35362e302f32342d3332203d3e203531313637.roa
File: 3139342e3234322e35362e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: w6VtySR6l1AW0PRHsLPxpJ1qRfcbgWc2i9orB7nsOiY=
Subject key identifier: FD:F3:57:C5:B2:32:FC:0F:29:32:6A:79:37:08:D1:D2:F3:9E:6F:68
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 42126AA1087AF65780316D35BAE9287DEDB328AB
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e3234322e35362e302f32342d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:52:53 +0000
ROA not before: Mon 26 Feb 2024 08:47:53 +0000
ROA not after: Mon 24 Feb 2025 08:52:53 +0000
asID: 51167
IP address blocks: 194.242.56.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:12:6a:a1:08:7a:f6:57:80:31:6d:35:ba:e9:28:7d:ed:b3:28:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:53 2024 GMT
Not After : Feb 24 08:52:53 2025 GMT
Subject: CN=FDF357C5B232FC0F29326A793708D1D2F39E6F68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:54:b3:c1:c0:3b:ac:0e:fa:a8:04:80:7a:ef:
1b:6f:47:bb:fc:f0:e2:75:c5:9e:aa:e2:58:d3:e9:
a5:b8:08:ba:40:2e:0d:21:10:62:6d:11:63:df:b9:
90:97:70:d9:63:a8:a4:7d:72:f7:27:9d:1b:7a:a7:
89:46:23:c3:ac:c7:7f:7c:7e:2b:44:f4:36:de:17:
6c:1e:7a:f0:d2:c4:3b:6e:5a:cb:aa:91:4a:0c:0a:
98:a7:f7:7a:74:f1:77:1c:ad:c8:be:96:94:7b:9e:
4f:2c:40:cb:45:62:09:8f:37:29:e8:3d:08:8f:b3:
3f:18:00:80:55:38:d1:21:ed:b5:58:2b:a3:3f:26:
97:12:45:ad:94:b3:11:47:12:a5:7e:30:dc:cc:78:
c4:10:5c:c1:01:a1:79:6b:c9:59:84:44:cf:97:91:
cd:d4:ec:05:86:48:39:79:32:7e:05:22:f6:86:a9:
e5:a2:24:f0:a8:5c:70:2d:5e:c6:59:f6:09:a5:f0:
72:2d:98:8c:53:d1:a3:b8:96:ad:1f:85:08:a1:87:
be:4e:26:2f:7f:d7:70:23:1d:b7:79:99:8a:3e:28:
3c:60:4f:cf:ca:97:30:cd:e6:de:4a:4c:42:79:b1:
41:a8:9b:2d:f2:64:2a:44:a0:15:93:65:90:60:1d:
27:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:F3:57:C5:B2:32:FC:0F:29:32:6A:79:37:08:D1:D2:F3:9E:6F:68
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e3234322e35362e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.242.56.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:94:2e:a9:73:a2:bd:0c:2f:ef:af:11:cb:be:be:39:e1:92:
71:43:05:91:0e:8c:0a:b0:86:ad:11:9e:f2:19:a3:5b:03:f6:
3d:5c:62:53:51:86:ef:d8:57:ba:cc:45:af:d1:87:27:e5:99:
ec:19:b2:86:d9:f7:c9:14:23:f8:5b:be:1e:cf:94:68:7e:ac:
98:9e:dc:c3:bb:1f:cd:6e:da:c3:43:3b:66:01:37:7d:b9:72:
34:4f:6b:fa:a2:4c:21:35:bc:7d:6f:30:01:39:75:b8:09:bb:
68:de:13:22:13:40:f3:2a:74:58:44:31:c0:91:24:c4:03:cf:
dd:17:24:71:c7:ef:95:80:f5:13:75:23:6c:f3:ac:d3:3a:c6:
bc:8f:f3:cc:98:57:39:97:00:a5:98:2c:21:f4:e9:e4:aa:9f:
42:81:2a:19:a1:a6:ea:26:e3:40:5d:4b:bb:05:96:ed:59:38:
3a:f9:06:56:1f:f5:c5:05:64:da:7c:32:ba:5b:cf:dc:17:4d:
26:4b:41:e9:98:2a:09:d1:70:a0:c0:af:1e:b7:45:9f:3b:cb:
75:1b:ae:ea:52:23:50:7f:92:a9:47:d9:8e:f3:1a:d9:7b:78:
f0:99:06:e4:b8:65:c4:1f:ff:8b:4f:81:6d:25:27:15:2a:d7:
75:de:f2:c1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQhJqoQh69leAMW01uukofe2zKKswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NTNaFw0yNTAyMjQwODUyNTNaMDMxMTAvBgNV
BAMTKEZERjM1N0M1QjIzMkZDMEYyOTMyNkE3OTM3MDhEMUQyRjM5RTZGNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3VLPBwDusDvqoBIB67xtvR7v8
8OJ1xZ6q4ljT6aW4CLpALg0hEGJtEWPfuZCXcNljqKR9cvcnnRt6p4lGI8Osx398
fitE9DbeF2weevDSxDtuWsuqkUoMCpin93p08Xccrci+lpR7nk8sQMtFYgmPNyno
PQiPsz8YAIBVONEh7bVYK6M/JpcSRa2UsxFHEqV+MNzMeMQQXMEBoXlryVmERM+X
kc3U7AWGSDl5Mn4FIvaGqeWiJPCoXHAtXsZZ9gml8HItmIxT0aO4lq0fhQihh75O
Ji9/13AjHbd5mYo+KDxgT8/KlzDN5t5KTEJ5sUGomy3yZCpEoBWTZZBgHSeBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU/fNXxbIy/A8pMmp5NwjR0vOeb2gwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTM0MmUzMjM0MzIyZTM1
MzYyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wvI4MA0GCSqGSIb3DQEBCwUAA4IBAQCclC6pc6K9DC/vrxHLvr454ZJxQwWRDowK
sIatEZ7yGaNbA/Y9XGJTUYbv2Fe6zEWv0Ycn5ZnsGbKG2ffJFCP4W74ez5RofqyY
ntzDux/NbtrDQztmATd9uXI0T2v6okwhNbx9bzABOXW4Cbto3hMiE0DzKnRYRDHA
kSTEA8/dFyRxx++VgPUTdSNs86zTOsa8j/PMmFc5lwClmCwh9Onkqp9CgSoZoabq
JuNAXUu7BZbtWTg6+QZWH/XFBWTafDK6W8/cF00mS0HpmCoJ0XCgwK8et0WfO8t1
G67qUiNQf5KpR9mO8xrZe3jwmQbkuGXEH/+LT4FtJScVKtd13vLB
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org