Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3231332e3233322e38372e302f32342d3234203d3e20313336373837.roa
File: 3231332e3233322e38372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: SMu5lXwLu9L0iJ9636Y2wK6+ZVwVPdYKBMEtaROlQV4=
Subject key identifier: 94:93:D7:FB:53:2B:EA:D4:F8:FC:7C:1D:FE:D5:A4:3E:A4:A7:2A:B7
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 431F7A93FE2D14B7DF99739319415E457DB0A24D
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3231332e3233322e38372e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:52:57 +0000
ROA not before: Mon 26 Feb 2024 08:47:57 +0000
ROA not after: Mon 24 Feb 2025 08:52:57 +0000
asID: 136787
IP address blocks: 213.232.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:1f:7a:93:fe:2d:14:b7:df:99:73:93:19:41:5e:45:7d:b0:a2:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:57 2024 GMT
Not After : Feb 24 08:52:57 2025 GMT
Subject: CN=9493D7FB532BEAD4F8FC7C1DFED5A43EA4A72AB7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:50:1e:06:d3:5a:68:02:64:27:c8:59:32:2b:
22:8a:e4:e0:aa:85:fc:21:2b:0f:b6:27:ee:92:3f:
19:5a:8e:01:2c:8f:27:0b:9e:7c:ce:e2:41:d3:b1:
f2:cb:8e:42:aa:7d:0e:29:92:62:45:45:ca:71:a8:
11:9e:76:be:d5:74:7e:3b:54:6c:89:4b:2e:0d:b5:
fd:1f:cd:94:9a:3a:d0:21:4a:c2:64:15:f3:a9:53:
5f:8f:a6:b8:b0:da:1b:d7:81:e7:bd:7c:03:b6:4a:
ba:63:5f:9b:2f:33:7e:5e:1f:c0:9a:e2:43:0e:cb:
6d:ee:bb:42:3b:8d:2b:04:6f:a5:74:17:f2:40:e2:
9d:d6:7d:90:ff:fa:cf:38:12:7b:4e:b2:c1:5b:f1:
35:e1:ed:84:3b:57:ea:36:ec:5c:de:23:45:47:5b:
c9:79:cd:e7:68:1a:7f:28:3d:58:c8:b1:b4:06:59:
fb:4c:75:54:eb:13:2b:6c:66:e2:f4:80:4a:c4:69:
ed:16:d2:38:84:ee:63:43:e1:0a:c0:a3:31:db:28:
70:ac:d6:df:4e:b7:02:ba:66:37:84:d1:99:ff:1a:
52:d5:41:40:11:6e:ac:71:0c:3b:b1:b4:8f:7b:9f:
72:61:7e:b3:43:ed:bc:3e:cb:ea:63:17:cd:ba:0d:
a6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:93:D7:FB:53:2B:EA:D4:F8:FC:7C:1D:FE:D5:A4:3E:A4:A7:2A:B7
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3231332e3233322e38372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.232.87.0/24
Signature Algorithm: sha256WithRSAEncryption
60:47:47:3f:38:f4:5d:e4:18:3a:75:b5:1a:7e:a8:3f:ce:38:
08:5a:7a:16:ea:3a:df:ca:da:66:a8:07:17:c0:fe:10:bc:eb:
8c:f8:0e:f4:ed:31:47:54:c6:a2:49:77:1e:af:60:4c:a8:44:
cd:f7:ae:6b:ec:97:ba:36:bf:1f:51:79:9e:ad:5e:6f:fa:c4:
f3:e7:dc:3a:d1:60:eb:fc:40:c5:5f:41:e2:c6:e1:4a:2c:aa:
eb:de:24:94:26:85:0e:42:c1:3e:4b:c8:90:87:ac:b3:c1:9f:
4e:ea:06:0b:19:56:e7:59:bc:af:c5:3d:97:ab:a6:d5:dc:bb:
0f:b5:ed:f4:cf:3c:e9:c0:5d:9a:0a:a9:04:16:a4:f5:8b:1a:
bb:26:3d:6e:ac:94:3c:cd:2f:0b:6f:c8:77:1a:58:0f:41:7e:
a3:fb:cd:da:0f:98:d7:75:1f:f3:b5:46:93:8e:b1:8b:aa:04:
03:2a:d9:d7:32:9a:e1:58:91:6d:0a:be:0f:8f:61:47:c2:e0:
e3:21:2c:6d:bc:c6:06:b6:c3:e3:2e:fe:0e:b7:f4:eb:e2:d5:
30:6f:2c:57:3a:4b:17:08:aa:b0:7f:29:dd:cd:a0:5f:5d:e6:
e9:71:4b:5f:30:9c:61:b8:b3:1d:a4:83:1a:9d:2d:56:0a:de:
45:f4:cc:2d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQx96k/4tFLffmXOTGUFeRX2wok0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NTdaFw0yNTAyMjQwODUyNTdaMDMxMTAvBgNV
BAMTKDk0OTNEN0ZCNTMyQkVBRDRGOEZDN0MxREZFRDVBNDNFQTRBNzJBQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCUB4G01poAmQnyFkyKyKK5OCq
hfwhKw+2J+6SPxlajgEsjycLnnzO4kHTsfLLjkKqfQ4pkmJFRcpxqBGedr7VdH47
VGyJSy4Ntf0fzZSaOtAhSsJkFfOpU1+Ppriw2hvXgee9fAO2SrpjX5svM35eH8Ca
4kMOy23uu0I7jSsEb6V0F/JA4p3WfZD/+s84EntOssFb8TXh7YQ7V+o27FzeI0VH
W8l5zedoGn8oPVjIsbQGWftMdVTrEytsZuL0gErEae0W0jiE7mND4QrAozHbKHCs
1t9OtwK6ZjeE0Zn/GlLVQUARbqxxDDuxtI97n3JhfrND7bw+y+pjF826DaZ7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUlJPX+1Mr6tT4/Hwd/tWkPqSnKrcwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzIzMTMzMmUzMjMzMzIyZTM4
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADV6FcwDQYJKoZIhvcNAQELBQADggEBAGBHRz849F3kGDp1tRp+qD/OOAhaehbq
Ot/K2maoBxfA/hC864z4DvTtMUdUxqJJdx6vYEyoRM33rmvsl7o2vx9ReZ6tXm/6
xPPn3DrRYOv8QMVfQeLG4UosquveJJQmhQ5CwT5LyJCHrLPBn07qBgsZVudZvK/F
PZerptXcuw+17fTPPOnAXZoKqQQWpPWLGrsmPW6slDzNLwtvyHcaWA9BfqP7zdoP
mNd1H/O1RpOOsYuqBAMq2dcymuFYkW0Kvg+PYUfC4OMhLG28xga2w+Mu/g639Ovi
1TBvLFc6SxcIqrB/Kd3NoF9d5ulxS18wnGG4sx2kgxqdLVYK3kX0zC0=
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:44:10 2024 by rpki-client on console-fra.rpki-client.org