Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33342e3233352e302f32342d3234203d3e20313336373837.roa
File: 3139342e33342e3233352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: xmTciC8LtkTD6QFGGkffpGZ8981tNwOHxsEEOL0ggKE=
Subject key identifier: D8:4B:0B:21:CA:D3:35:A0:D3:82:9F:1F:52:33:D9:D4:5E:18:15:26
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 31B7C9283AD6FB187264502DBB00C870951F2CEE
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33342e3233352e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:17 +0000
ROA not before: Mon 01 Apr 2024 13:58:17 +0000
ROA not after: Mon 31 Mar 2025 14:03:17 +0000
asID: 136787
IP address blocks: 194.34.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:b7:c9:28:3a:d6:fb:18:72:64:50:2d:bb:00:c8:70:95:1f:2c:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 1 13:58:17 2024 GMT
Not After : Mar 31 14:03:17 2025 GMT
Subject: CN=D84B0B21CAD335A0D3829F1F5233D9D45E181526
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:62:44:ae:1c:8b:a2:90:d6:31:c1:52:d7:36:
e1:11:50:1e:e1:61:cb:49:95:50:25:16:81:b7:f3:
f8:0d:c3:14:db:ac:55:5b:8c:ff:c2:92:b4:78:ab:
79:4e:8a:63:e0:39:ad:e3:d7:c3:a1:18:b7:f2:6f:
b4:a2:0e:72:62:74:01:83:65:96:f6:e6:16:cb:f9:
e7:49:4b:19:b4:7e:e9:7b:1f:d6:47:f9:9d:d6:e7:
24:ae:ba:74:21:d0:2a:51:b4:c2:f0:9e:66:21:d3:
00:4a:08:5b:d9:d4:f7:9c:db:73:23:5d:06:e7:b3:
de:d9:7c:a0:43:30:b6:df:86:8a:d5:53:9a:e5:17:
ed:d7:ff:e4:0a:7d:a6:0a:56:66:aa:6a:4a:e5:37:
6a:3b:a7:d3:0f:62:a2:a9:62:1e:79:43:be:5a:b6:
d4:7e:5d:1c:a4:71:c9:5e:72:8d:bd:c1:74:90:19:
7a:c9:65:9f:be:d3:3f:6c:c5:97:39:78:46:c1:65:
eb:78:9b:c1:91:a1:a9:25:20:b7:08:26:98:b3:ab:
e4:1c:d0:96:f8:79:dd:d9:ac:8e:3b:d0:fb:7f:eb:
03:87:93:64:bb:ad:ed:10:e5:4a:c0:57:fc:a7:ca:
12:c6:cc:c9:b0:c7:41:09:2d:1b:40:26:74:97:06:
ac:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:4B:0B:21:CA:D3:35:A0:D3:82:9F:1F:52:33:D9:D4:5E:18:15:26
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33342e3233352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.235.0/24
Signature Algorithm: sha256WithRSAEncryption
04:5d:19:ff:0a:c4:84:ed:b4:89:23:73:78:f6:7e:57:30:92:
15:29:2f:49:81:7d:4a:0c:af:7e:9d:dc:60:32:12:13:d9:07:
7f:6d:78:c0:ea:a0:3c:3d:11:71:10:03:43:82:84:24:7c:a5:
55:b3:e9:d0:5a:7f:fb:98:f3:00:b9:65:87:db:7f:a3:1a:66:
34:1d:2b:e0:f1:ff:81:eb:9a:b8:22:1c:33:86:1b:32:5f:ba:
bd:bf:54:ac:61:6e:e7:a5:15:d6:85:78:6d:f8:cc:59:30:07:
aa:00:54:e6:08:02:1f:b5:1a:9b:38:0a:09:3d:00:76:28:33:
57:54:02:00:7f:ef:c4:17:3d:97:be:f7:6f:33:3c:ce:c7:77:
5c:98:53:aa:fc:b8:93:ad:b0:91:34:b8:d8:83:e4:c1:89:4f:
3d:05:95:44:27:f1:85:a9:d8:d4:15:33:63:df:f7:53:ec:46:
17:43:a8:2a:a9:b9:a9:bf:3c:1e:12:21:2c:3c:88:c8:88:be:
c6:78:5c:e4:81:d4:85:2a:a1:a7:4b:7e:01:99:20:07:75:32:
59:e7:3d:b8:b4:53:68:8e:1b:e1:22:a4:29:96:89:12:33:a7:
78:c7:1d:c6:c2:56:fb:a8:5c:33:2e:d6:92:31:ff:22:52:86:
f6:1e:16:47
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMbfJKDrW+xhyZFAtuwDIcJUfLO4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA0MDExMzU4MTdaFw0yNTAzMzExNDAzMTdaMDMxMTAvBgNV
BAMTKEQ4NEIwQjIxQ0FEMzM1QTBEMzgyOUYxRjUyMzNEOUQ0NUUxODE1MjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBYkSuHIuikNYxwVLXNuERUB7h
YctJlVAlFoG38/gNwxTbrFVbjP/CkrR4q3lOimPgOa3j18OhGLfyb7SiDnJidAGD
ZZb25hbL+edJSxm0ful7H9ZH+Z3W5ySuunQh0CpRtMLwnmYh0wBKCFvZ1Pec23Mj
XQbns97ZfKBDMLbfhorVU5rlF+3X/+QKfaYKVmaqakrlN2o7p9MPYqKpYh55Q75a
ttR+XRykccleco29wXSQGXrJZZ++0z9sxZc5eEbBZet4m8GRoaklILcIJpizq+Qc
0Jb4ed3ZrI470Pt/6wOHk2S7re0Q5UrAV/ynyhLGzMmwx0EJLRtAJnSXBqxZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU2EsLIcrTNaDTgp8fUjPZ1F4YFSYwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTM0MmUzMzM0MmUzMjMz
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCIuswDQYJKoZIhvcNAQELBQADggEBAARdGf8KxITttIkjc3j2flcwkhUpL0mB
fUoMr36d3GAyEhPZB39teMDqoDw9EXEQA0OChCR8pVWz6dBaf/uY8wC5ZYfbf6Ma
ZjQdK+Dx/4HrmrgiHDOGGzJfur2/VKxhbuelFdaFeG34zFkwB6oAVOYIAh+1Gps4
Cgk9AHYoM1dUAgB/78QXPZe+928zPM7Hd1yYU6r8uJOtsJE0uNiD5MGJTz0FlUQn
8YWp2NQVM2Pf91PsRhdDqCqpuam/PB4SISw8iMiIvsZ4XOSB1IUqoadLfgGZIAd1
MlnnPbi0U2iOG+EipCmWiRIzp3jHHcbCVvuoXDMu1pIx/yJShvYeFkc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org