Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e35392e3235342e302f32342d3234203d3e20313336373837.roa
File: 3139342e35392e3235342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: sq799XcT97wOQgl9WaDnMkXf+Z9npUssPN30nHRA1To=
Subject key identifier: 20:A4:20:51:33:D0:F0:97:6E:E1:06:13:70:64:46:3E:91:4D:49:F9
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 446C0BD7E99EF832A9191A1D1251BDD15D99DC99
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e35392e3235342e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 07 Feb 2024 12:34:12 +0000
ROA not before: Wed 07 Feb 2024 12:29:12 +0000
ROA not after: Wed 05 Feb 2025 12:34:12 +0000
asID: 136787
IP address blocks: 194.59.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:6c:0b:d7:e9:9e:f8:32:a9:19:1a:1d:12:51:bd:d1:5d:99:dc:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 7 12:29:12 2024 GMT
Not After : Feb 5 12:34:12 2025 GMT
Subject: CN=20A4205133D0F0976EE106137064463E914D49F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:d6:5a:be:de:88:10:93:e6:8b:16:4e:86:27:
4a:9f:cb:b8:06:a0:e7:11:b0:e2:d7:00:c1:8e:c7:
99:b7:82:09:83:a9:19:8e:dd:53:f3:42:84:ca:da:
97:c6:ab:1d:0d:f5:63:db:57:5b:67:94:b3:ac:68:
36:fe:c6:57:a0:82:1c:52:db:97:85:3f:f0:20:46:
8c:99:d6:55:0b:0a:3d:6c:f9:1b:ee:e7:68:23:8e:
c0:24:e4:78:02:25:79:73:94:98:9d:ad:b6:cd:7c:
37:50:1c:e2:05:18:92:65:6e:b0:58:23:d2:09:78:
dd:72:76:c2:4a:89:91:6f:3f:54:00:3b:52:a1:d6:
26:37:0b:ec:0f:a9:76:cd:d2:b5:30:06:78:c3:3e:
19:20:6e:88:64:63:45:56:17:f7:b9:bb:12:a4:08:
a1:fd:41:c3:7e:71:cf:b5:66:2e:e3:9a:47:d6:15:
c2:8b:dc:f9:6a:e0:00:4e:43:7b:00:4c:50:61:3f:
18:3d:d6:0b:7f:5d:23:8e:3f:8b:43:01:43:b0:1a:
9c:47:09:42:92:9f:79:f9:33:9f:57:cf:39:a6:e6:
6d:36:2f:6e:49:25:22:2c:24:6a:69:c9:4f:17:7f:
46:20:e8:65:0a:37:5d:fa:20:27:6d:d4:4a:e9:96:
d9:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:A4:20:51:33:D0:F0:97:6E:E1:06:13:70:64:46:3E:91:4D:49:F9
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e35392e3235342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.254.0/24
Signature Algorithm: sha256WithRSAEncryption
54:ec:90:3f:13:9d:93:99:fe:56:02:e8:d7:bf:6f:5f:5d:54:
6c:c3:d5:c8:76:35:63:e0:32:ec:2d:6c:17:75:51:62:35:48:
d3:46:79:dc:86:dd:9a:27:01:97:d4:31:85:42:3c:79:df:b9:
d8:e5:cb:77:9c:e8:2f:16:b5:d5:66:c0:98:42:8e:fd:75:16:
79:da:a5:ca:0c:68:ba:bd:b9:58:a7:2c:27:55:56:04:cf:95:
17:d0:63:8e:5e:d2:dc:3a:7c:d2:34:f4:49:dd:bb:e9:19:09:
54:8a:48:7a:18:44:16:f4:ab:a3:1b:38:48:d5:4c:95:b5:16:
5a:03:6e:cd:70:61:29:93:32:d3:17:44:ab:1c:6d:e0:41:78:
da:52:2f:83:85:7c:44:9c:7e:2b:d4:51:f3:bd:79:67:c7:03:
34:31:85:88:e1:92:d3:41:02:62:3b:51:fc:3e:4e:1b:fb:ae:
3e:55:d6:e2:f4:dd:ea:81:1a:1c:37:9b:af:2b:ea:ba:67:6b:
aa:0f:4f:ae:73:1b:b4:3c:9e:5b:8c:8b:ce:b8:45:d6:62:b2:
c7:a3:f1:dd:6b:bf:a6:f8:4d:d7:28:83:35:ff:7e:ce:9c:5f:
ed:25:de:82:32:e0:be:26:4c:09:db:e1:12:ae:19:5c:bc:1f:
71:a4:cd:35
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURGwL1+me+DKpGRodElG90V2Z3JkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMDcxMjI5MTJaFw0yNTAyMDUxMjM0MTJaMDMxMTAvBgNV
BAMTKDIwQTQyMDUxMzNEMEYwOTc2RUUxMDYxMzcwNjQ0NjNFOTE0RDQ5RjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDy1lq+3ogQk+aLFk6GJ0qfy7gG
oOcRsOLXAMGOx5m3ggmDqRmO3VPzQoTK2pfGqx0N9WPbV1tnlLOsaDb+xlegghxS
25eFP/AgRoyZ1lULCj1s+Rvu52gjjsAk5HgCJXlzlJidrbbNfDdQHOIFGJJlbrBY
I9IJeN1ydsJKiZFvP1QAO1Kh1iY3C+wPqXbN0rUwBnjDPhkgbohkY0VWF/e5uxKk
CKH9QcN+cc+1Zi7jmkfWFcKL3Plq4ABOQ3sATFBhPxg91gt/XSOOP4tDAUOwGpxH
CUKSn3n5M59Xzzmm5m02L25JJSIsJGppyU8Xf0Yg6GUKN136ICdt1Erpltk9AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUIKQgUTPQ8Jdu4QYTcGRGPpFNSfkwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTM0MmUzNTM5MmUzMjM1
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCO/4wDQYJKoZIhvcNAQELBQADggEBAFTskD8TnZOZ/lYC6Ne/b19dVGzD1ch2
NWPgMuwtbBd1UWI1SNNGedyG3ZonAZfUMYVCPHnfudjly3ec6C8WtdVmwJhCjv11
FnnapcoMaLq9uVinLCdVVgTPlRfQY45e0tw6fNI09Endu+kZCVSKSHoYRBb0q6Mb
OEjVTJW1FloDbs1wYSmTMtMXRKscbeBBeNpSL4OFfEScfivUUfO9eWfHAzQxhYjh
ktNBAmI7Ufw+Thv7rj5V1uL03eqBGhw3m68r6rpna6oPT65zG7Q8nluMi864RdZi
ssej8d1rv6b4TdcogzX/fs6cX+0l3oIy4L4mTAnb4RKuGVy8H3GkzTU=
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:44:10 2024 by rpki-client on console-fra.rpki-client.org