Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33352e31352e302f32342d3234203d3e20313336373837.roa
File: 3139342e33352e31352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: cC4eDkp9fj68s9h+G6XgiBbPSODSYEjdLOlA+MPp4oo=
Subject key identifier: 68:C3:31:E1:5D:28:1D:53:52:DB:10:94:6E:C2:2A:7D:2C:7E:5B:5E
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 6EB2FDCD53990B8BF5C1E7E4B09BE22FF2C71544
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33352e31352e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:18 +0000
ROA not before: Mon 01 Apr 2024 13:58:18 +0000
ROA not after: Mon 31 Mar 2025 14:03:18 +0000
asID: 136787
IP address blocks: 194.35.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:b2:fd:cd:53:99:0b:8b:f5:c1:e7:e4:b0:9b:e2:2f:f2:c7:15:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 1 13:58:18 2024 GMT
Not After : Mar 31 14:03:18 2025 GMT
Subject: CN=68C331E15D281D5352DB10946EC22A7D2C7E5B5E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9a:42:54:c8:30:37:bb:19:41:56:f9:a3:ca:
db:5b:93:d9:4c:98:20:2e:42:3e:17:cf:50:0b:4a:
99:49:2c:9c:aa:c9:03:81:eb:16:4f:09:6a:7f:26:
9e:5a:29:e8:15:e2:1f:65:01:cd:d5:55:ec:fa:97:
30:54:48:4a:a0:d8:b9:8f:c6:17:af:ad:46:49:c7:
8c:e4:17:aa:39:36:56:da:e8:1e:04:2a:dd:4d:c5:
b3:c5:00:8d:d3:36:ac:82:7a:3c:b0:3d:e0:e4:41:
e7:fd:20:5e:11:ef:eb:86:26:55:65:86:66:b9:43:
e1:66:f0:b2:07:75:04:50:3e:1b:a6:73:66:2c:5f:
2a:2d:98:4e:80:06:a5:33:0f:90:6a:e9:39:41:22:
58:a8:62:0f:99:31:ba:6d:d7:66:68:57:da:bb:86:
cc:08:57:32:54:5a:4b:96:e9:d7:46:3a:ef:94:87:
29:37:84:e7:29:35:fa:13:a4:b4:12:e0:fd:6e:02:
3c:22:cb:56:b0:d5:1d:d8:c8:19:a0:0c:a3:46:d1:
9f:3c:d5:aa:64:1d:03:28:96:0c:c8:50:81:43:57:
d4:74:6c:4f:24:f2:87:45:7d:46:b1:bd:94:a3:2e:
be:b8:ef:ea:24:8c:45:4a:33:81:eb:17:d2:57:39:
79:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:C3:31:E1:5D:28:1D:53:52:DB:10:94:6E:C2:2A:7D:2C:7E:5B:5E
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33352e31352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.35.15.0/24
Signature Algorithm: sha256WithRSAEncryption
84:cb:4f:87:b2:4b:6f:0b:59:e1:70:bf:4b:b9:ab:f5:27:f3:
37:9b:a6:28:44:d0:ff:d7:a2:3e:05:68:5e:31:f4:f6:8d:d7:
0e:ae:07:04:a3:f1:09:b8:cc:b7:01:64:11:59:2e:8b:98:89:
16:72:80:a1:a2:2c:ef:be:41:ae:d1:4f:21:c5:14:b0:da:b6:
b6:28:0c:ba:ff:36:5e:0f:a6:ba:52:72:33:a1:81:73:63:81:
ad:a5:f0:af:89:6c:d3:9a:c3:c9:6c:bc:e8:2c:c7:8d:b6:4b:
71:4a:08:41:10:18:ff:7b:fb:74:a6:fd:43:85:14:39:56:40:
f2:38:3f:74:36:bb:aa:ff:f3:62:b5:6d:f6:06:9a:be:6e:78:
b0:b9:1d:9f:68:e8:f5:6c:99:a4:20:0e:b4:9c:2a:fb:54:72:
0c:63:6f:38:bc:83:51:db:79:a8:fe:b6:48:09:1d:59:48:d2:
9e:39:b2:1e:72:79:05:6b:a4:3a:9d:db:14:4a:ea:d1:83:6e:
d7:54:7b:80:14:d3:6a:c6:e2:7c:13:cb:7c:95:ae:53:15:0b:
00:3d:52:cf:9f:69:df:9d:31:f9:f5:0e:9a:13:cb:00:b1:04:
2c:7c:30:f8:a3:49:2a:25:f1:21:4c:30:37:7f:a6:85:f1:dc:
25:e6:dd:1f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUbrL9zVOZC4v1wefksJviL/LHFUQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA0MDExMzU4MThaFw0yNTAzMzExNDAzMThaMDMxMTAvBgNV
BAMTKDY4QzMzMUUxNUQyODFENTM1MkRCMTA5NDZFQzIyQTdEMkM3RTVCNUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCymkJUyDA3uxlBVvmjyttbk9lM
mCAuQj4Xz1ALSplJLJyqyQOB6xZPCWp/Jp5aKegV4h9lAc3VVez6lzBUSEqg2LmP
xhevrUZJx4zkF6o5Nlba6B4EKt1NxbPFAI3TNqyCejywPeDkQef9IF4R7+uGJlVl
hma5Q+Fm8LIHdQRQPhumc2YsXyotmE6ABqUzD5Bq6TlBIlioYg+ZMbpt12ZoV9q7
hswIVzJUWkuW6ddGOu+Uhyk3hOcpNfoTpLQS4P1uAjwiy1aw1R3YyBmgDKNG0Z88
1apkHQMolgzIUIFDV9R0bE8k8odFfUaxvZSjLr647+okjEVKM4HrF9JXOXlLAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUaMMx4V0oHVNS2xCUbsIqfSx+W14wHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTM0MmUzMzM1MmUzMTM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wiMPMA0GCSqGSIb3DQEBCwUAA4IBAQCEy0+HsktvC1nhcL9Luav1J/M3m6YoRND/
16I+BWheMfT2jdcOrgcEo/EJuMy3AWQRWS6LmIkWcoChoizvvkGu0U8hxRSw2ra2
KAy6/zZeD6a6UnIzoYFzY4GtpfCviWzTmsPJbLzoLMeNtktxSghBEBj/e/t0pv1D
hRQ5VkDyOD90Nruq//NitW32Bpq+bniwuR2faOj1bJmkIA60nCr7VHIMY284vINR
23mo/rZICR1ZSNKeObIecnkFa6Q6ndsUSurRg27XVHuAFNNqxuJ8E8t8la5TFQsA
PVLPn2nfnTH59Q6aE8sAsQQsfDD4o0kqJfEhTDA3f6aF8dwl5t0f
-----END CERTIFICATE-----
Generated at Tue May 7 21:48:30 2024 by rpki-client on console-fra.rpki-client.org