Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e35392e3235322e302f32342d3234203d3e20313336373837.roa
File: 3139342e35392e3235322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 0CzH0I70zWR5kBAnQGYwaDzITbmHGaOZioNUtEbt6sY=
Subject key identifier: B4:7C:DA:88:F1:F9:E5:B8:75:9C:87:38:6B:A6:96:42:AA:A7:A5:6B
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 13A54EFD0011654E6BCF3A509AEE7DEEEAC9DEFA
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e35392e3235322e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 07 Feb 2024 12:34:09 +0000
ROA not before: Wed 07 Feb 2024 12:29:09 +0000
ROA not after: Wed 05 Feb 2025 12:34:09 +0000
asID: 136787
IP address blocks: 194.59.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:a5:4e:fd:00:11:65:4e:6b:cf:3a:50:9a:ee:7d:ee:ea:c9:de:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 7 12:29:09 2024 GMT
Not After : Feb 5 12:34:09 2025 GMT
Subject: CN=B47CDA88F1F9E5B8759C87386BA69642AAA7A56B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:d0:ae:64:df:d5:d1:14:69:61:24:c3:fc:72:
3e:ba:5d:22:e0:2c:a8:09:16:1b:39:f5:38:60:25:
90:b6:86:99:61:56:28:55:23:b5:40:95:0b:b8:68:
4e:ab:c1:43:7f:8b:8f:3d:2c:12:48:3a:9d:62:91:
d6:eb:a6:5c:28:2a:7c:0c:45:1d:90:43:2c:c3:e6:
ad:e5:f3:37:ea:a0:dd:d4:86:29:90:7d:07:cc:b9:
07:da:7a:13:e9:a8:72:3c:4e:00:42:db:bb:8d:a5:
f0:a5:c4:56:6b:7a:f5:a1:68:22:9c:e2:f9:f2:30:
92:95:76:15:4e:cb:fe:73:90:e0:c2:46:6e:36:6f:
a9:b0:33:20:3b:9a:94:f3:1f:53:75:e3:8b:29:83:
99:84:72:11:c3:7c:b4:51:f6:13:3a:55:fe:36:9d:
4e:56:e8:ea:5a:cd:99:af:a6:31:15:8c:8e:84:1f:
08:8e:ca:ef:99:a5:a7:c8:96:49:ff:b4:2a:7c:e7:
57:7e:39:f3:b0:1b:8f:2e:e6:1c:3f:9a:f9:a0:df:
72:87:8c:fd:9c:34:06:bf:3a:b7:4d:ff:7c:d7:e8:
c8:44:68:59:4c:26:1f:e5:52:a2:c8:6e:26:71:96:
4a:04:72:d9:16:aa:89:1e:ed:da:d5:e7:e6:f1:af:
8d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:7C:DA:88:F1:F9:E5:B8:75:9C:87:38:6B:A6:96:42:AA:A7:A5:6B
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e35392e3235322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.252.0/24
Signature Algorithm: sha256WithRSAEncryption
98:4c:eb:d8:d3:09:e5:20:a8:5d:a8:b6:2a:17:32:e7:94:74:
4a:6e:8a:2a:69:00:87:8b:90:8d:03:8a:31:8e:b5:86:97:7a:
96:85:1a:67:a2:b5:20:fd:3e:c9:18:65:33:6c:52:e5:88:7b:
73:e4:a8:77:82:48:df:e7:0b:f1:5a:e9:39:25:d0:10:ef:a9:
9f:c9:ca:bb:89:aa:a8:8e:8f:99:5e:66:da:ce:6c:d5:b0:37:
63:cf:15:f9:36:5b:e8:7b:c7:42:f2:d3:ed:77:c6:8b:70:e9:
ec:53:30:3f:bc:f5:fb:d0:6f:40:90:68:22:03:53:9e:d7:eb:
e4:86:9c:d7:38:d4:95:ef:60:fe:0b:5d:2d:e1:19:d4:8e:83:
77:a6:0d:0f:e1:b4:e3:20:ed:18:9e:18:34:88:d1:ee:c3:d2:
82:e1:3a:8d:0f:4a:fa:5e:14:a6:57:d9:2b:10:47:4d:6c:c4:
22:25:03:83:71:e0:6d:ae:e1:7d:26:f9:1b:06:f3:e1:46:fa:
5b:4a:ab:9f:01:04:62:67:16:21:da:84:5d:67:26:52:ba:aa:
90:1c:7c:6b:b5:72:9a:f8:5c:2c:dc:9d:87:15:55:85:40:0d:
94:ba:b0:2a:fb:50:cf:2f:4a:45:bc:be:53:5f:7b:1b:21:86:
36:c8:29:b0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUE6VO/QARZU5rzzpQmu597urJ3vowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMDcxMjI5MDlaFw0yNTAyMDUxMjM0MDlaMDMxMTAvBgNV
BAMTKEI0N0NEQTg4RjFGOUU1Qjg3NTlDODczODZCQTY5NjQyQUFBN0E1NkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDg0K5k39XRFGlhJMP8cj66XSLg
LKgJFhs59ThgJZC2hplhVihVI7VAlQu4aE6rwUN/i489LBJIOp1ikdbrplwoKnwM
RR2QQyzD5q3l8zfqoN3UhimQfQfMuQfaehPpqHI8TgBC27uNpfClxFZrevWhaCKc
4vnyMJKVdhVOy/5zkODCRm42b6mwMyA7mpTzH1N144spg5mEchHDfLRR9hM6Vf42
nU5W6OpazZmvpjEVjI6EHwiOyu+ZpafIlkn/tCp851d+OfOwG48u5hw/mvmg33KH
jP2cNAa/OrdN/3zX6MhEaFlMJh/lUqLIbiZxlkoEctkWqoke7drV5+bxr42lAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUtHzaiPH55bh1nIc4a6aWQqqnpWswHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTM0MmUzNTM5MmUzMjM1
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCO/wwDQYJKoZIhvcNAQELBQADggEBAJhM69jTCeUgqF2otioXMueUdEpuiipp
AIeLkI0DijGOtYaXepaFGmeitSD9PskYZTNsUuWIe3PkqHeCSN/nC/Fa6Tkl0BDv
qZ/JyruJqqiOj5leZtrObNWwN2PPFfk2W+h7x0Ly0+13xotw6exTMD+89fvQb0CQ
aCIDU57X6+SGnNc41JXvYP4LXS3hGdSOg3emDQ/htOMg7RieGDSI0e7D0oLhOo0P
SvpeFKZX2SsQR01sxCIlA4Nx4G2u4X0m+RsG8+FG+ltKq58BBGJnFiHahF1nJlK6
qpAcfGu1cpr4XCzcnYcVVYVADZS6sCr7UM8vSkW8vlNfexshhjbIKbA=
-----END CERTIFICATE-----
Generated at Tue May 7 22:52:25 2024 by rpki-client on console-ams.rpki-client.org