Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33342e3233332e302f32342d3234203d3e20313336373837.roa
File: 3139342e33342e3233332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: s6qwcKc7M0sOUO2R1skm+22eN0IJ2IdKNJw8YOXZys0=
Subject key identifier: 89:C9:4E:29:30:BA:4E:44:15:A0:CB:5B:5F:20:D3:71:14:6A:9C:96
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 1C1CFEA20F37EEF247183533D690C0213FDB4624
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33342e3233332e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:19 +0000
ROA not before: Mon 01 Apr 2024 13:58:19 +0000
ROA not after: Mon 31 Mar 2025 14:03:19 +0000
asID: 136787
IP address blocks: 194.34.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:1c:fe:a2:0f:37:ee:f2:47:18:35:33:d6:90:c0:21:3f:db:46:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 1 13:58:19 2024 GMT
Not After : Mar 31 14:03:19 2025 GMT
Subject: CN=89C94E2930BA4E4415A0CB5B5F20D371146A9C96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3c:0b:37:6b:11:2b:67:37:17:c6:22:08:af:
fe:10:37:54:26:61:00:2e:c6:42:10:e8:c4:f9:d3:
c4:37:d4:ce:91:35:37:65:d7:45:1a:18:b9:da:6f:
ed:26:13:69:69:dd:0d:e7:d3:e0:cf:dd:47:77:b1:
5c:69:42:61:14:9a:b6:5d:ec:f2:86:b7:e5:60:aa:
9a:12:e7:3a:12:78:94:17:94:91:94:6d:f2:96:59:
d5:ed:e8:82:6b:4f:44:13:cd:26:27:c7:ac:b2:24:
f6:c3:08:c1:57:cd:28:b6:a5:32:fc:be:cc:fc:04:
b2:12:d1:2c:da:0c:84:d5:03:0c:78:de:85:74:31:
16:fa:be:d0:7b:76:fd:43:f1:2a:1b:e3:f9:c5:03:
2a:bd:0d:a7:13:06:6b:ee:28:4f:d4:e1:91:c4:02:
53:39:81:61:c9:79:8f:b5:55:72:b8:0b:32:63:95:
db:f2:69:e1:1b:13:b9:41:85:84:4c:ce:83:fd:c4:
ad:08:82:6f:90:cc:94:4a:b8:8d:21:f1:38:26:dd:
a6:53:44:7e:f9:91:55:25:97:84:16:f4:de:4b:d0:
0f:2e:29:6a:51:6e:2d:b9:1d:de:f3:d6:23:2a:55:
fd:40:04:3d:59:1f:a4:80:a7:3c:16:85:c2:bb:17:
12:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:C9:4E:29:30:BA:4E:44:15:A0:CB:5B:5F:20:D3:71:14:6A:9C:96
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33342e3233332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.233.0/24
Signature Algorithm: sha256WithRSAEncryption
60:5e:4e:63:23:61:e5:55:15:4f:45:dc:09:29:85:5b:c5:4c:
ab:6c:a0:ed:ed:59:a0:41:26:9b:64:4a:09:57:1b:56:83:75:
ea:13:d0:21:d4:40:b0:77:e1:79:c0:72:1d:c5:3e:85:6d:cd:
1d:f9:50:b3:87:11:5a:5e:dc:0d:1f:26:46:31:9a:f1:c2:4b:
e3:39:f8:66:e2:50:8a:b5:0c:c3:df:c5:7e:9f:47:26:3a:92:
ef:ba:35:af:af:b5:52:21:40:25:c4:69:01:b8:3e:99:d8:48:
f9:01:c0:87:02:bf:bb:27:8e:97:91:7a:1a:e0:b0:be:f2:8e:
b2:42:5c:c6:9e:6e:14:72:0f:57:a3:d7:85:aa:26:00:31:33:
1b:e3:d6:35:61:08:5a:cf:16:34:3e:f5:26:a4:57:05:5e:ab:
6e:64:90:b8:58:53:ed:9f:71:01:b7:37:bb:4e:82:2e:bb:03:
75:9d:42:98:a6:94:4d:d9:cc:ea:87:e6:a2:a4:d6:dc:1c:99:
4d:ea:15:a1:3e:d4:d4:17:ce:74:97:f3:96:35:bd:c4:96:56:
ed:d4:5f:01:20:9b:67:1a:2f:6a:98:8a:06:20:ee:9a:47:c7:
f3:c7:31:fc:e9:b0:84:04:72:db:3b:1f:34:b9:93:3d:48:f2:
3d:0a:0a:0b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHBz+og837vJHGDUz1pDAIT/bRiQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA0MDExMzU4MTlaFw0yNTAzMzExNDAzMTlaMDMxMTAvBgNV
BAMTKDg5Qzk0RTI5MzBCQTRFNDQxNUEwQ0I1QjVGMjBEMzcxMTQ2QTlDOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxPAs3axErZzcXxiIIr/4QN1Qm
YQAuxkIQ6MT508Q31M6RNTdl10UaGLnab+0mE2lp3Q3n0+DP3Ud3sVxpQmEUmrZd
7PKGt+VgqpoS5zoSeJQXlJGUbfKWWdXt6IJrT0QTzSYnx6yyJPbDCMFXzSi2pTL8
vsz8BLIS0SzaDITVAwx43oV0MRb6vtB7dv1D8Sob4/nFAyq9DacTBmvuKE/U4ZHE
AlM5gWHJeY+1VXK4CzJjldvyaeEbE7lBhYRMzoP9xK0Igm+QzJRKuI0h8Tgm3aZT
RH75kVUll4QW9N5L0A8uKWpRbi25Hd7z1iMqVf1ABD1ZH6SApzwWhcK7FxIFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUiclOKTC6TkQVoMtbXyDTcRRqnJYwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTM0MmUzMzM0MmUzMjMz
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCIukwDQYJKoZIhvcNAQELBQADggEBAGBeTmMjYeVVFU9F3AkphVvFTKtsoO3t
WaBBJptkSglXG1aDdeoT0CHUQLB34XnAch3FPoVtzR35ULOHEVpe3A0fJkYxmvHC
S+M5+GbiUIq1DMPfxX6fRyY6ku+6Na+vtVIhQCXEaQG4PpnYSPkBwIcCv7snjpeR
ehrgsL7yjrJCXMaebhRyD1ej14WqJgAxMxvj1jVhCFrPFjQ+9SakVwVeq25kkLhY
U+2fcQG3N7tOgi67A3WdQpimlE3ZzOqH5qKk1twcmU3qFaE+1NQXznSX85Y1vcSW
Vu3UXwEgm2caL2qYigYg7ppHx/PHMfzpsIQEcts7HzS5kz1I8j0KCgs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:44 2024 by rpki-client on console-ams.rpki-client.org