Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/322e35382e33372e302f32342d3234203d3e20313336373837.roa
File: 322e35382e33372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: qLxulbSv6mOBf7ciGlQrrhfN0UGIWVTmfy1R2LLOdxs=
Subject key identifier: F8:B8:9B:66:64:98:77:FA:03:84:75:C2:0A:05:E3:F5:78:D3:59:A6
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 1E56ECA41D981E53C5197BF5F00958D66925A723
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/322e35382e33372e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 07 Feb 2024 12:33:46 +0000
ROA not before: Wed 07 Feb 2024 12:28:46 +0000
ROA not after: Wed 05 Feb 2025 12:33:46 +0000
asID: 136787
IP address blocks: 2.58.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:56:ec:a4:1d:98:1e:53:c5:19:7b:f5:f0:09:58:d6:69:25:a7:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 7 12:28:46 2024 GMT
Not After : Feb 5 12:33:46 2025 GMT
Subject: CN=F8B89B66649877FA038475C20A05E3F578D359A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:15:b6:b9:79:61:d1:38:e6:14:86:3d:e6:5a:
c6:b7:ee:46:bf:f2:26:d3:a4:a4:cb:4e:6d:44:c9:
40:99:ca:c4:a2:cf:b0:21:68:4e:1c:7e:2f:3b:bf:
d8:28:2e:b5:43:30:ca:95:13:3f:ca:57:ee:5d:44:
a8:e7:73:22:c9:76:c1:da:b7:88:8c:f9:eb:3b:6b:
da:da:77:e6:e2:fe:ba:89:28:49:4f:40:ed:79:eb:
f8:43:9d:e4:69:33:ca:58:36:b8:38:5f:eb:bc:a8:
da:67:37:15:eb:1a:6e:53:51:b8:e2:99:97:2f:f0:
f5:06:04:72:2a:da:63:bd:2f:ee:e9:fc:ea:cd:8c:
88:43:52:0e:f7:91:9c:e7:17:ed:61:53:14:34:7e:
64:6e:5f:6d:59:85:53:17:50:ac:63:b3:9e:8f:73:
89:6d:a8:bd:29:e0:fa:46:6d:47:ff:ec:cf:b6:50:
60:5d:1a:08:a6:95:f8:73:ca:e0:cb:a4:70:eb:96:
67:62:4f:6d:46:6e:7b:d6:4f:35:9f:2c:43:72:6b:
92:ff:c7:39:5a:01:1f:f9:62:d0:ad:06:36:a6:ca:
4c:9a:9b:ef:2b:f3:84:65:09:2e:3a:f7:01:da:76:
30:64:f5:88:d9:b3:d9:32:97:a0:54:06:28:e7:65:
1e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:B8:9B:66:64:98:77:FA:03:84:75:C2:0A:05:E3:F5:78:D3:59:A6
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/322e35382e33372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.37.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:b2:8b:39:9a:46:16:cc:b5:d8:16:09:1b:f2:e1:cf:9f:db:
5b:db:ba:9d:d4:0a:22:7a:b1:0d:42:ab:c9:3c:d6:27:a3:a9:
21:dc:6a:73:b4:a9:ad:01:78:61:85:10:9a:58:de:97:89:56:
ed:8c:61:3f:b5:3f:8d:19:86:0a:cb:05:d3:a8:b9:e7:e1:3b:
e2:ae:06:e4:0e:d8:d4:4b:20:5b:48:3c:17:1f:1e:64:1d:0e:
c9:af:ad:d5:49:9a:a2:d0:fb:56:cf:22:6e:55:cd:e7:f3:5e:
2e:b9:6a:e3:8a:b8:0e:d1:1b:61:f9:e8:b7:be:dd:6f:65:f5:
45:4f:7a:16:50:c8:b2:25:c6:55:16:02:54:1c:23:c5:72:15:
fb:00:5f:ed:10:d3:47:28:7c:85:d3:5e:52:ef:ab:4a:25:69:
68:74:d2:35:7a:a3:db:a6:3f:30:48:00:ec:49:3d:67:a3:02:
d0:42:52:8f:20:a4:13:54:58:e8:0e:dc:0a:1c:0f:15:06:1d:
54:d7:4c:27:89:8b:e5:d5:8a:fc:b7:37:5c:44:46:2f:0f:65:
3d:0e:e2:cb:b6:03:7d:6f:33:46:45:80:9c:0f:f9:2d:dc:8a:
e4:d0:1e:a3:de:81:8f:1f:88:f0:d8:9d:04:13:b7:a5:0b:24:
13:11:10:89
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUHlbspB2YHlPFGXv18AlY1mklpyMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMDcxMjI4NDZaFw0yNTAyMDUxMjMzNDZaMDMxMTAvBgNV
BAMTKEY4Qjg5QjY2NjQ5ODc3RkEwMzg0NzVDMjBBMDVFM0Y1NzhEMzU5QTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEFba5eWHROOYUhj3mWsa37ka/
8ibTpKTLTm1EyUCZysSiz7AhaE4cfi87v9goLrVDMMqVEz/KV+5dRKjncyLJdsHa
t4iM+es7a9rad+bi/rqJKElPQO156/hDneRpM8pYNrg4X+u8qNpnNxXrGm5TUbji
mZcv8PUGBHIq2mO9L+7p/OrNjIhDUg73kZznF+1hUxQ0fmRuX21ZhVMXUKxjs56P
c4ltqL0p4PpGbUf/7M+2UGBdGgimlfhzyuDLpHDrlmdiT21GbnvWTzWfLENya5L/
xzlaAR/5YtCtBjamykyam+8r84RlCS469wHadjBk9YjZs9kyl6BUBijnZR7dAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU+LibZmSYd/oDhHXCCgXj9XjTWaYwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzIyZTM1MzgyZTMzMzcyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAACOiUw
DQYJKoZIhvcNAQELBQADggEBAA+yizmaRhbMtdgWCRvy4c+f21vbup3UCiJ6sQ1C
q8k81iejqSHcanO0qa0BeGGFEJpY3peJVu2MYT+1P40ZhgrLBdOouefhO+KuBuQO
2NRLIFtIPBcfHmQdDsmvrdVJmqLQ+1bPIm5VzefzXi65auOKuA7RG2H56Le+3W9l
9UVPehZQyLIlxlUWAlQcI8VyFfsAX+0Q00cofIXTXlLvq0olaWh00jV6o9umPzBI
AOxJPWejAtBCUo8gpBNUWOgO3AocDxUGHVTXTCeJi+XVivy3N1xERi8PZT0O4su2
A31vM0ZFgJwP+S3ciuTQHqPegY8fiPDYnQQTt6ULJBMREIk=
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:14:44 2024 by rpki-client on console-ams.rpki-client.org