Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3231332e3233322e38352e302f32342d3332203d3e20313336373837.roa
File: 3231332e3233322e38352e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: Ku+QMHcv/W0Q0LzjldrusXP6qgdEpWWP8dvvUEOxWR4=
Subject key identifier: 2E:6D:2B:F3:74:D9:05:1E:F4:F1:BA:B8:05:38:49:1E:B7:10:DA:06
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 5C5DF5270C63044CB7F57DAB3C45148AA97A8E51
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3231332e3233322e38352e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:52:51 +0000
ROA not before: Mon 26 Feb 2024 08:47:51 +0000
ROA not after: Mon 24 Feb 2025 08:52:51 +0000
asID: 136787
IP address blocks: 213.232.85.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:5d:f5:27:0c:63:04:4c:b7:f5:7d:ab:3c:45:14:8a:a9:7a:8e:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:51 2024 GMT
Not After : Feb 24 08:52:51 2025 GMT
Subject: CN=2E6D2BF374D9051EF4F1BAB80538491EB710DA06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:30:75:9e:40:52:75:38:cd:ea:52:d8:0a:f8:
bc:a9:c7:19:87:eb:39:2f:13:46:a3:ae:2a:3d:19:
56:18:ff:e4:14:78:76:5b:eb:c5:35:78:f6:a7:39:
0f:d4:ef:7f:b7:b8:98:53:45:c1:89:b4:28:9e:5a:
40:e4:92:9e:2e:e6:97:86:6d:dd:87:1b:65:86:70:
86:2b:5f:05:e6:22:9d:f5:88:74:91:d0:11:3e:76:
76:df:c3:48:f1:74:b9:29:ca:d9:9e:ff:40:98:f8:
72:78:52:59:48:86:72:64:83:93:43:44:22:d7:56:
69:8b:04:b3:64:24:46:cd:25:e3:ee:6c:3d:70:ae:
3e:34:3e:cf:4c:6f:77:81:d6:d9:9e:fe:a6:5c:1d:
31:b7:6c:45:c5:25:93:15:40:14:f5:4b:e3:07:0c:
81:41:fa:f6:1b:b1:f1:50:40:5d:7e:be:85:de:85:
7a:ba:c3:09:94:20:91:b8:ff:7e:fc:33:14:61:7e:
97:d0:b7:e1:1d:28:4d:71:c0:bb:9a:4b:bf:9c:8a:
0c:cb:43:e7:17:d7:e4:b7:b8:3a:2d:47:fc:51:21:
58:ba:28:d3:4f:f5:da:d9:10:55:9e:a3:cd:78:41:
26:7e:f0:36:ca:14:58:f0:ea:a6:ba:d5:71:36:2c:
7a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:6D:2B:F3:74:D9:05:1E:F4:F1:BA:B8:05:38:49:1E:B7:10:DA:06
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3231332e3233322e38352e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.232.85.0/24
Signature Algorithm: sha256WithRSAEncryption
90:dc:63:08:5b:ed:d1:1c:09:85:31:ed:8e:d5:db:c6:cc:b3:
93:d1:d3:a7:f2:2b:38:0c:7b:2e:50:6f:21:c2:0c:98:f7:37:
b8:bb:29:ed:ae:58:b5:12:f7:86:86:2e:0d:00:db:ac:41:b7:
c8:85:93:e3:05:d2:ee:c1:1c:01:a0:fb:a9:77:d2:ca:5d:8f:
a5:c2:8b:84:1c:5f:e3:ea:b7:7e:a8:c2:d6:f5:d4:76:65:46:
d8:42:1e:58:b7:b7:39:2b:ce:ae:52:2b:9a:6f:41:f7:b6:ed:
9e:0c:28:ce:a7:6b:6e:d7:51:c2:f8:b2:c5:00:f2:16:f1:ec:
1c:bc:19:69:c9:ec:c7:35:90:12:c5:4b:54:3f:18:8d:0e:e6:
1e:38:93:3c:d4:87:bc:91:d1:ab:a7:f5:66:04:36:93:ee:4e:
cd:0c:37:72:48:bb:8d:4b:06:22:63:1b:c8:c6:c4:28:e5:d4:
8f:82:34:9b:e6:00:f0:45:ba:9e:55:98:8b:00:90:66:75:68:
e8:7a:9f:16:fb:61:95:41:d1:24:5c:5e:3e:0d:dd:bb:b2:71:
63:5f:d0:75:e6:44:31:2b:ce:97:23:5d:28:6b:11:e9:b5:d4:
c3:30:31:32:04:3c:ba:ee:7f:42:3f:6c:14:9e:59:76:18:46:
ad:c3:ae:43
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXF31JwxjBEy39X2rPEUUiql6jlEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NTFaFw0yNTAyMjQwODUyNTFaMDMxMTAvBgNV
BAMTKDJFNkQyQkYzNzREOTA1MUVGNEYxQkFCODA1Mzg0OTFFQjcxMERBMDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBMHWeQFJ1OM3qUtgK+LypxxmH
6zkvE0ajrio9GVYY/+QUeHZb68U1ePanOQ/U73+3uJhTRcGJtCieWkDkkp4u5peG
bd2HG2WGcIYrXwXmIp31iHSR0BE+dnbfw0jxdLkpytme/0CY+HJ4UllIhnJkg5ND
RCLXVmmLBLNkJEbNJePubD1wrj40Ps9Mb3eB1tme/qZcHTG3bEXFJZMVQBT1S+MH
DIFB+vYbsfFQQF1+voXehXq6wwmUIJG4/378MxRhfpfQt+EdKE1xwLuaS7+cigzL
Q+cX1+S3uDotR/xRIVi6KNNP9drZEFWeo814QSZ+8DbKFFjw6qa61XE2LHo/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQULm0r83TZBR708bq4BThJHrcQ2gYwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzIzMTMzMmUzMjMzMzIyZTM4
MzUyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADV6FUwDQYJKoZIhvcNAQELBQADggEBAJDcYwhb7dEcCYUx7Y7V28bMs5PR06fy
KzgMey5QbyHCDJj3N7i7Ke2uWLUS94aGLg0A26xBt8iFk+MF0u7BHAGg+6l30spd
j6XCi4QcX+Pqt36owtb11HZlRthCHli3tzkrzq5SK5pvQfe27Z4MKM6na27XUcL4
ssUA8hbx7By8GWnJ7Mc1kBLFS1Q/GI0O5h44kzzUh7yR0aun9WYENpPuTs0MN3JI
u41LBiJjG8jGxCjl1I+CNJvmAPBFup5VmIsAkGZ1aOh6nxb7YZVB0SRcXj4N3buy
cWNf0HXmRDErzpcjXShrEem11MMwMTIEPLruf0I/bBSeWXYYRq3DrkM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org