Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3231332e3233322e38362e302f32342d3332203d3e20313336373837.roa
File: 3231332e3233322e38362e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: KxxUBCq/L4T5woBijo4puYmHlr4hKJMTD5oM9JZ12qI=
Subject key identifier: D3:80:32:D5:CA:A7:30:46:57:0B:7A:98:D1:03:1B:37:62:F3:CF:D3
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 4016325EF45B844C427E6309930D15BB775DB0AB
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3231332e3233322e38362e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:52:55 +0000
ROA not before: Mon 26 Feb 2024 08:47:55 +0000
ROA not after: Mon 24 Feb 2025 08:52:55 +0000
asID: 136787
IP address blocks: 213.232.86.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:16:32:5e:f4:5b:84:4c:42:7e:63:09:93:0d:15:bb:77:5d:b0:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:55 2024 GMT
Not After : Feb 24 08:52:55 2025 GMT
Subject: CN=D38032D5CAA73046570B7A98D1031B3762F3CFD3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:a7:c5:c0:ae:2f:45:9d:90:dd:2b:7d:ff:1f:
97:72:50:2c:12:45:da:c7:c9:2f:ae:99:3e:f1:0a:
5c:a9:b5:c5:83:8c:f2:eb:a8:bc:a5:24:5b:aa:64:
48:88:63:e4:35:da:64:9a:04:8b:49:58:07:f7:7c:
ea:80:d7:7a:a4:ba:68:70:de:25:eb:80:38:82:27:
e1:f8:73:1b:cd:fa:30:fb:b7:99:a6:32:55:ff:5f:
12:d4:ba:e0:c7:9b:3c:9a:8b:2e:15:53:d8:b3:83:
38:e7:a8:68:15:4c:52:45:27:b8:6f:0a:4d:f9:c0:
5e:38:0b:28:0c:59:e0:47:44:2e:df:3d:35:1d:cd:
4c:f0:7d:79:03:5f:7e:41:41:87:df:2b:57:d3:9b:
e9:8b:8b:78:3d:29:1a:4a:d7:50:28:56:e1:a4:27:
9c:04:89:44:d8:e5:27:51:ee:03:8d:58:2f:58:69:
d5:1a:83:a1:22:b2:d5:29:e4:5b:d6:87:03:f0:9f:
c0:01:2c:5c:a9:7d:80:d9:83:7f:86:f0:2c:02:75:
b8:b1:d9:de:21:e9:54:5f:a4:71:ea:f3:51:f9:14:
7a:7c:d7:3f:8d:22:78:3d:59:93:56:14:c3:65:38:
31:55:ed:68:68:ce:3d:1b:82:cd:d4:46:f5:98:41:
52:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:80:32:D5:CA:A7:30:46:57:0B:7A:98:D1:03:1B:37:62:F3:CF:D3
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3231332e3233322e38362e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.232.86.0/24
Signature Algorithm: sha256WithRSAEncryption
95:08:0c:a0:28:31:ed:ba:01:c3:35:d4:7c:1d:ea:ca:dd:ea:
0b:42:14:26:a5:b9:59:34:0d:de:c3:a7:f0:85:80:48:fa:63:
4a:2d:e0:d5:91:83:ce:e6:ae:8c:6f:c0:6d:43:52:74:f7:61:
f5:69:5a:86:e9:05:0e:ee:04:ee:65:ee:64:25:d7:73:ca:eb:
d3:80:57:52:cb:39:f3:ff:9a:7e:cb:2a:5d:d7:22:fd:83:c2:
08:40:96:93:0c:8a:cf:2d:e7:4c:af:e7:ed:1d:79:7c:7c:30:
bc:ba:37:11:6d:70:39:5d:66:07:99:19:8c:08:76:b6:ab:98:
97:77:1c:bc:57:ca:5d:9e:8c:3a:fd:c7:a2:32:bf:81:87:8f:
37:99:9a:83:bf:c1:19:19:72:11:5a:60:4b:af:4d:17:03:7d:
0c:83:e7:a9:ca:90:75:ef:3b:f7:c6:de:5e:fb:4f:d7:fa:54:
1d:81:9b:e3:08:d3:4f:4a:ab:4f:c6:ce:74:1d:57:c8:9b:3f:
17:3b:6e:ae:0c:08:06:02:02:28:24:0b:05:4e:b0:c2:a6:b8:
b8:d3:eb:4d:13:75:12:3d:d4:28:08:df:57:31:2d:58:e5:74:
97:db:25:d1:08:84:29:a1:55:2a:bc:02:43:50:05:c5:79:56:
13:b0:76:0d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQBYyXvRbhExCfmMJkw0Vu3ddsKswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NTVaFw0yNTAyMjQwODUyNTVaMDMxMTAvBgNV
BAMTKEQzODAzMkQ1Q0FBNzMwNDY1NzBCN0E5OEQxMDMxQjM3NjJGM0NGRDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbp8XAri9FnZDdK33/H5dyUCwS
RdrHyS+umT7xClyptcWDjPLrqLylJFuqZEiIY+Q12mSaBItJWAf3fOqA13qkumhw
3iXrgDiCJ+H4cxvN+jD7t5mmMlX/XxLUuuDHmzyaiy4VU9izgzjnqGgVTFJFJ7hv
Ck35wF44CygMWeBHRC7fPTUdzUzwfXkDX35BQYffK1fTm+mLi3g9KRpK11AoVuGk
J5wEiUTY5SdR7gONWC9YadUag6EistUp5FvWhwPwn8ABLFypfYDZg3+G8CwCdbix
2d4h6VRfpHHq81H5FHp81z+NIng9WZNWFMNlODFV7Whozj0bgs3URvWYQVI1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU04Ay1cqnMEZXC3qY0QMbN2Lzz9MwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzIzMTMzMmUzMjMzMzIyZTM4
MzYyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADV6FYwDQYJKoZIhvcNAQELBQADggEBAJUIDKAoMe26AcM11Hwd6srd6gtCFCal
uVk0Dd7Dp/CFgEj6Y0ot4NWRg87mroxvwG1DUnT3YfVpWobpBQ7uBO5l7mQl13PK
69OAV1LLOfP/mn7LKl3XIv2DwghAlpMMis8t50yv5+0deXx8MLy6NxFtcDldZgeZ
GYwIdrarmJd3HLxXyl2ejDr9x6Iyv4GHjzeZmoO/wRkZchFaYEuvTRcDfQyD56nK
kHXvO/fG3l77T9f6VB2Bm+MI009Kq0/GznQdV8ibPxc7bq4MCAYCAigkCwVOsMKm
uLjT600TdRI91CgI31cxLVjldJfbJdEIhCmhVSq8AkNQBcV5VhOwdg0=
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:24 2024 by rpki-client on console-fra.rpki-client.org