Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33352e31342e302f32342d3234203d3e20313336373837.roa
File: 3139342e33352e31342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: wE/qiylEiDDXBvPe2f+eK9UIRcjobtSrQ7Rh8sai0OA=
Subject key identifier: C0:47:3B:98:1B:92:9D:3D:53:CB:C6:72:0D:43:B5:84:2E:16:7C:E4
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 75083C721509B8E3769B1E2391997CA0A71762C7
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33352e31342e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:17 +0000
ROA not before: Mon 01 Apr 2024 13:58:17 +0000
ROA not after: Mon 31 Mar 2025 14:03:17 +0000
asID: 136787
IP address blocks: 194.35.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:08:3c:72:15:09:b8:e3:76:9b:1e:23:91:99:7c:a0:a7:17:62:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 1 13:58:17 2024 GMT
Not After : Mar 31 14:03:17 2025 GMT
Subject: CN=C0473B981B929D3D53CBC6720D43B5842E167CE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d1:1e:16:60:d0:d5:42:9e:eb:04:df:5e:b4:
6b:a9:b9:75:46:55:e6:33:b5:ef:63:63:d9:c3:b6:
f9:e4:cc:b0:ca:7a:a8:2b:8e:a1:db:c2:62:86:62:
d3:14:d0:43:d5:e9:9e:ba:6b:00:98:32:b2:95:66:
0f:10:e2:bd:a5:da:36:d9:0d:c4:15:a9:5b:94:56:
a5:45:8a:f6:a9:c3:d7:c2:76:e6:c3:74:41:ee:49:
58:b3:e6:5b:f4:aa:ed:f6:a9:be:7c:86:e0:d9:97:
12:db:cb:0f:4e:32:40:2a:4d:a7:e2:8a:a6:b0:93:
56:28:25:17:6d:54:cf:37:bc:39:96:91:fe:9e:7b:
7e:ba:2b:f7:c1:38:1a:1c:fa:28:8c:04:39:77:80:
21:6e:c4:95:77:57:65:90:74:a7:04:48:f9:14:c4:
c3:fd:39:4d:10:25:3a:a4:92:6b:a7:86:14:2f:10:
15:bc:4f:a8:d4:ef:42:18:14:1d:cc:e0:ca:29:71:
53:3f:3d:e1:23:9a:35:5e:aa:f5:88:11:e4:73:43:
4b:d6:bf:e5:c6:52:39:72:10:1d:91:b8:41:62:ce:
80:18:68:c2:1f:3f:6e:b2:db:13:23:b3:ea:8b:54:
e5:db:19:ff:2c:cd:3c:92:cd:0e:b5:5f:3c:9f:c6:
05:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:47:3B:98:1B:92:9D:3D:53:CB:C6:72:0D:43:B5:84:2E:16:7C:E4
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33352e31342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.35.14.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:79:19:88:2c:dd:a7:cb:24:36:1b:0b:28:fe:e7:19:f4:7d:
05:5e:c2:c4:ef:65:c0:d8:72:37:a0:91:77:56:ea:9c:45:44:
9d:ac:30:da:68:1c:60:82:da:f2:41:93:74:df:9f:a0:cd:c2:
37:27:e2:fd:f4:3a:9e:0d:ff:d4:4a:0c:f0:ec:71:a4:b2:6e:
65:89:1e:11:42:d3:cb:42:24:4d:c5:7d:52:58:52:7e:e1:41:
1e:a6:34:21:b6:fb:55:52:06:f1:57:dc:7a:78:4d:7a:78:0e:
30:9e:ca:85:4f:04:74:4b:32:e8:a2:72:4f:e1:28:f2:c7:7c:
92:51:46:d3:34:91:44:35:dc:f6:be:75:78:52:33:7e:0b:a2:
41:4b:fd:80:29:e9:6b:ef:10:7a:1c:74:3b:42:fe:0c:a8:6a:
55:d9:63:d5:00:2f:37:e3:1f:77:be:05:5c:e8:6e:fd:e6:c2:
c2:45:fc:f1:1c:3a:9b:ce:b0:01:c0:bc:2a:9b:91:1b:15:65:
52:f7:70:c0:4e:53:06:bb:30:3c:ae:d6:33:c7:34:41:9a:49:
b9:65:d4:ce:e2:15:31:a6:59:b0:20:80:50:06:84:27:f7:cc:
a1:3a:f2:49:d4:b5:62:e0:e8:ac:92:ee:83:d9:9a:26:0b:14:
0b:5c:21:47
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdQg8chUJuON2mx4jkZl8oKcXYscwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA0MDExMzU4MTdaFw0yNTAzMzExNDAzMTdaMDMxMTAvBgNV
BAMTKEMwNDczQjk4MUI5MjlEM0Q1M0NCQzY3MjBENDNCNTg0MkUxNjdDRTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK0R4WYNDVQp7rBN9etGupuXVG
VeYzte9jY9nDtvnkzLDKeqgrjqHbwmKGYtMU0EPV6Z66awCYMrKVZg8Q4r2l2jbZ
DcQVqVuUVqVFivapw9fCdubDdEHuSViz5lv0qu32qb58huDZlxLbyw9OMkAqTafi
iqawk1YoJRdtVM83vDmWkf6ee366K/fBOBoc+iiMBDl3gCFuxJV3V2WQdKcESPkU
xMP9OU0QJTqkkmunhhQvEBW8T6jU70IYFB3M4MopcVM/PeEjmjVeqvWIEeRzQ0vW
v+XGUjlyEB2RuEFizoAYaMIfP26y2xMjs+qLVOXbGf8szTySzQ61XzyfxgWvAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUwEc7mBuSnT1Ty8ZyDUO1hC4WfOQwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTM0MmUzMzM1MmUzMTM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wiMOMA0GCSqGSIb3DQEBCwUAA4IBAQAeeRmILN2nyyQ2Gwso/ucZ9H0FXsLE72XA
2HI3oJF3VuqcRUSdrDDaaBxggtryQZN035+gzcI3J+L99DqeDf/USgzw7HGksm5l
iR4RQtPLQiRNxX1SWFJ+4UEepjQhtvtVUgbxV9x6eE16eA4wnsqFTwR0SzLoonJP
4Sjyx3ySUUbTNJFENdz2vnV4UjN+C6JBS/2AKelr7xB6HHQ7Qv4MqGpV2WPVAC83
4x93vgVc6G795sLCRfzxHDqbzrABwLwqm5EbFWVS93DATlMGuzA8rtYzxzRBmkm5
ZdTO4hUxplmwIIBQBoQn98yhOvJJ1LVi4Oisku6D2ZomCxQLXCFH
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:24 2024 by rpki-client on console-fra.rpki-client.org