Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33352e31322e302f32332d3234203d3e20323033333830.roa
File: 3139342e33352e31322e302f32332d3234203d3e20323033333830.roa (raw, json)
Hash identifier: 4egj6wRSM8kIBTbaiFEJxB5d6JteEA4fTTGD89Q5dIA=
Subject key identifier: F7:CB:14:43:B2:D6:07:D7:BF:A6:63:44:BF:97:BC:7F:D6:81:AC:78
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 027018E29B241F396389FFA626AC5F59FFC01259
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33352e31322e302f32332d3234203d3e20323033333830.roa
Signing time: Mon 26 Feb 2024 08:52:50 +0000
ROA not before: Mon 26 Feb 2024 08:47:50 +0000
ROA not after: Mon 24 Feb 2025 08:52:50 +0000
asID: 203380
IP address blocks: 194.35.12.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:70:18:e2:9b:24:1f:39:63:89:ff:a6:26:ac:5f:59:ff:c0:12:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:50 2024 GMT
Not After : Feb 24 08:52:50 2025 GMT
Subject: CN=F7CB1443B2D607D7BFA66344BF97BC7FD681AC78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d6:93:7f:b5:36:32:13:bf:31:bf:37:fa:83:
1a:52:96:15:0c:e1:2f:b9:2a:72:2d:d6:e6:1b:4b:
97:e9:9d:29:86:20:8c:9f:8f:16:7a:0b:cc:be:07:
85:b9:57:92:45:fb:68:08:66:08:5d:85:34:ab:f1:
45:bf:c9:18:78:e6:93:05:67:5c:48:9e:51:b8:af:
16:30:60:83:f8:b2:0e:01:a3:e7:dc:e4:ad:13:6a:
c7:ea:36:ee:f1:f9:43:87:d8:fe:19:63:df:37:64:
a3:ea:5d:00:93:db:ce:9e:29:9e:e7:0f:0a:d1:ea:
8c:a9:4e:3f:44:dd:31:5b:6f:53:a3:ae:36:1c:55:
9b:0e:b7:d1:d9:c8:23:01:34:e7:e7:e5:34:2b:b9:
9e:ca:5e:55:33:cb:29:fd:25:76:0a:5c:87:f6:d3:
0b:0d:fb:1f:ac:7a:2b:4d:77:17:94:d0:01:c0:98:
ca:a5:2b:e0:8b:63:9d:0f:45:1d:45:9f:a8:8d:17:
15:dc:f4:ae:96:83:b1:34:b3:86:9d:88:7f:cb:2d:
67:2d:98:7a:c7:2c:3a:f1:92:60:db:8a:6a:e5:b0:
b1:af:54:67:63:b7:72:e6:49:26:91:b4:c5:6b:51:
97:d2:c0:6f:68:1b:c7:5b:db:b0:c2:b5:11:6e:77:
7a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:CB:14:43:B2:D6:07:D7:BF:A6:63:44:BF:97:BC:7F:D6:81:AC:78
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33352e31322e302f32332d3234203d3e20323033333830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.35.12.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:59:d5:69:b8:d1:47:5e:4c:62:d8:03:c7:a7:f0:61:69:93:
69:c7:4f:af:ad:9e:9a:c3:53:bb:c3:ac:87:e0:95:0c:00:d0:
2e:9d:01:c6:e5:de:38:3f:c0:de:e8:1e:95:1a:e5:25:71:4e:
4f:7f:28:1b:f5:74:e0:17:8f:f9:9e:e4:ae:f1:05:9a:04:dd:
d2:98:82:78:08:2a:90:10:4b:b6:d4:0a:0f:e4:6f:53:72:43:
16:f1:bb:25:72:a1:8a:48:45:df:87:a5:09:87:ed:2e:1a:3d:
72:9d:3c:4d:cd:7a:c9:ed:a9:28:94:94:2f:91:bc:0f:57:c8:
8b:d3:7b:af:db:2e:a0:f8:de:14:9c:d8:79:f4:4e:e5:aa:82:
2e:f4:51:83:32:05:b3:8a:ab:1e:99:b4:7c:06:3a:99:6c:38:
58:3f:21:81:aa:35:93:1b:5b:80:e0:78:65:ae:fe:b7:78:78:
08:db:52:c5:5d:41:d4:4e:ff:c3:06:87:d5:76:a5:53:ac:19:
c5:7a:7d:ff:5b:54:5f:4f:1e:17:fa:48:09:0a:94:40:c8:bf:
23:ef:4c:82:b4:79:ea:21:60:4b:3d:cf:a2:05:19:ee:0f:06:
c8:59:dc:fb:2d:03:38:a2:0b:8a:fa:76:aa:58:1c:00:1c:98:
3f:87:4b:3b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUAnAY4pskHzljif+mJqxfWf/AElkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NTBaFw0yNTAyMjQwODUyNTBaMDMxMTAvBgNV
BAMTKEY3Q0IxNDQzQjJENjA3RDdCRkE2NjM0NEJGOTdCQzdGRDY4MUFDNzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw1pN/tTYyE78xvzf6gxpSlhUM
4S+5KnIt1uYbS5fpnSmGIIyfjxZ6C8y+B4W5V5JF+2gIZghdhTSr8UW/yRh45pMF
Z1xInlG4rxYwYIP4sg4Bo+fc5K0TasfqNu7x+UOH2P4ZY983ZKPqXQCT286eKZ7n
DwrR6oypTj9E3TFbb1OjrjYcVZsOt9HZyCMBNOfn5TQruZ7KXlUzyyn9JXYKXIf2
0wsN+x+seitNdxeU0AHAmMqlK+CLY50PRR1Fn6iNFxXc9K6Wg7E0s4adiH/LLWct
mHrHLDrxkmDbimrlsLGvVGdjt3LmSSaRtMVrUZfSwG9oG8db27DCtRFud3r/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU98sUQ7LWB9e/pmNEv5e8f9aBrHgwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTM0MmUzMzM1MmUzMTMy
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzMDMzMzMzODMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
wiMMMA0GCSqGSIb3DQEBCwUAA4IBAQBqWdVpuNFHXkxi2APHp/BhaZNpx0+vrZ6a
w1O7w6yH4JUMANAunQHG5d44P8De6B6VGuUlcU5Pfygb9XTgF4/5nuSu8QWaBN3S
mIJ4CCqQEEu21AoP5G9TckMW8bslcqGKSEXfh6UJh+0uGj1ynTxNzXrJ7akolJQv
kbwPV8iL03uv2y6g+N4UnNh59E7lqoIu9FGDMgWziqsembR8BjqZbDhYPyGBqjWT
G1uA4Hhlrv63eHgI21LFXUHUTv/DBofVdqVTrBnFen3/W1RfTx4X+kgJCpRAyL8j
70yCtHnqIWBLPc+iBRnuDwbIWdz7LQM4oguK+naqWBwAHJg/h0s7
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org