Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33342e3233342e302f32342d3234203d3e20313336373837.roa
File: 3139342e33342e3233342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: wf/mEaVzbN38qOVldvIwDUvwSxw2ZTYpsk9A4Tx2b8E=
Subject key identifier: 33:EE:A2:8D:D1:25:12:6B:1C:16:A0:16:3A:30:32:F5:E5:B7:4A:64
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 78487F2ABEE5A41E8B5D064EE20DDB6B12A17AB6
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33342e3233342e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:52:52 +0000
ROA not before: Mon 26 Feb 2024 08:47:52 +0000
ROA not after: Mon 24 Feb 2025 08:52:52 +0000
asID: 136787
IP address blocks: 194.34.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:48:7f:2a:be:e5:a4:1e:8b:5d:06:4e:e2:0d:db:6b:12:a1:7a:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:52 2024 GMT
Not After : Feb 24 08:52:52 2025 GMT
Subject: CN=33EEA28DD125126B1C16A0163A3032F5E5B74A64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:43:4b:5b:8b:97:30:06:1c:fb:68:b9:ec:e7:
4f:b5:84:87:32:09:38:43:18:e1:65:de:85:c0:a4:
81:97:11:44:85:58:20:c4:2b:f4:0c:61:35:70:63:
8d:96:90:56:4c:1c:17:cc:31:e8:30:ff:e8:04:76:
19:1e:d6:60:fd:35:e6:4f:d5:16:3a:b3:b3:01:1d:
97:89:e7:fb:20:01:03:1d:7b:68:12:06:6b:59:4c:
4b:2b:2c:53:f5:34:33:f6:89:76:87:a6:d0:e6:60:
e9:03:a4:18:b0:a3:9c:4a:62:49:c8:a5:a6:65:53:
1a:4a:97:49:cc:58:a6:8e:00:7e:fd:dd:bc:b7:6c:
bd:13:b7:9a:e3:60:d9:c8:74:c6:ab:d9:33:43:29:
60:72:33:cd:f1:a2:c5:f2:de:53:12:e3:fc:00:f3:
01:45:75:0b:94:d5:7d:9a:a6:c7:1a:c7:ad:b7:80:
f5:77:e4:cc:e9:ba:0e:22:00:b3:27:b7:0a:2c:84:
d2:e1:be:14:f0:c0:bd:7e:68:0e:1b:00:e2:6d:24:
cf:f8:b7:d0:01:17:ce:a3:bc:ba:06:22:c6:a9:5d:
52:1f:ae:0b:a5:ea:66:d9:2d:60:c4:f7:7f:b1:74:
8d:aa:93:bd:45:63:8b:84:10:a8:74:f5:6d:f2:e9:
5f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:EE:A2:8D:D1:25:12:6B:1C:16:A0:16:3A:30:32:F5:E5:B7:4A:64
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33342e3233342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.234.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:e7:44:a3:16:cb:45:e0:00:07:f5:c9:72:b4:76:e7:b5:b7:
56:b8:ee:93:19:fb:8e:1b:ff:34:22:a2:31:41:91:18:f8:ff:
7c:9a:32:27:2b:d3:02:35:e4:44:ca:b8:49:0c:de:56:c5:b6:
53:6b:5b:e3:da:9e:f8:8b:0e:b0:67:06:dd:99:96:5a:77:e7:
3e:00:f2:a9:47:98:c1:07:54:1c:52:69:0a:13:cf:5b:ab:41:
7b:04:01:a6:18:fd:78:51:9d:19:5c:d4:07:d8:51:be:c9:fc:
a6:cd:16:fd:6e:df:11:a3:a5:e4:77:b4:08:7b:45:e2:1e:67:
d4:2b:8a:b8:5b:ec:b0:1a:da:e6:09:b7:7b:d0:3c:9c:0c:c1:
ee:03:f9:e0:45:7b:e1:fb:b5:de:ab:2f:61:3d:44:44:5e:83:
e5:ac:90:f3:14:be:e1:33:7d:8e:a5:c7:25:b3:eb:09:3d:af:
ec:87:41:00:f2:36:08:4e:38:0d:d1:0b:30:78:54:be:35:20:
fc:44:be:30:63:40:18:05:ce:77:6e:f4:9e:4e:1e:1b:62:7c:
90:7b:3f:e1:cb:0e:86:25:53:f9:03:4d:7d:28:e6:5e:d6:5b:
a5:58:41:e7:9f:f1:f8:ea:a4:9e:a5:ed:c0:ee:bb:e3:79:99:
4b:51:8d:e4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeEh/Kr7lpB6LXQZO4g3baxKherYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NTJaFw0yNTAyMjQwODUyNTJaMDMxMTAvBgNV
BAMTKDMzRUVBMjhERDEyNTEyNkIxQzE2QTAxNjNBMzAzMkY1RTVCNzRBNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgQ0tbi5cwBhz7aLns50+1hIcy
CThDGOFl3oXApIGXEUSFWCDEK/QMYTVwY42WkFZMHBfMMegw/+gEdhke1mD9NeZP
1RY6s7MBHZeJ5/sgAQMde2gSBmtZTEsrLFP1NDP2iXaHptDmYOkDpBiwo5xKYknI
paZlUxpKl0nMWKaOAH793by3bL0Tt5rjYNnIdMar2TNDKWByM83xosXy3lMS4/wA
8wFFdQuU1X2apscax623gPV35Mzpug4iALMntwoshNLhvhTwwL1+aA4bAOJtJM/4
t9ABF86jvLoGIsapXVIfrgul6mbZLWDE93+xdI2qk71FY4uEEKh09W3y6V9JAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUM+6ijdElEmscFqAWOjAy9eW3SmQwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTM0MmUzMzM0MmUzMjMz
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCIuowDQYJKoZIhvcNAQELBQADggEBAB3nRKMWy0XgAAf1yXK0due1t1a47pMZ
+44b/zQiojFBkRj4/3yaMicr0wI15ETKuEkM3lbFtlNrW+PanviLDrBnBt2Zllp3
5z4A8qlHmMEHVBxSaQoTz1urQXsEAaYY/XhRnRlc1AfYUb7J/KbNFv1u3xGjpeR3
tAh7ReIeZ9Qrirhb7LAa2uYJt3vQPJwMwe4D+eBFe+H7td6rL2E9REReg+WskPMU
vuEzfY6lxyWz6wk9r+yHQQDyNghOOA3RCzB4VL41IPxEvjBjQBgFzndu9J5OHhti
fJB7P+HLDoYlU/kDTX0o5l7WW6VYQeef8fjqpJ6l7cDuu+N5mUtRjeQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org