Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/38332e3137312e3230302e302f32342d3234203d3e20323033303631.roa
File: 38332e3137312e3230302e302f32342d3234203d3e20323033303631.roa (raw, json)
Hash identifier: ehMprvCeR2dLMLpN1KAE+eNlul15C5CQkuM+Ie4a92Y=
Subject key identifier: 6B:1C:92:7D:76:3F:4D:E8:1D:CB:40:72:62:9A:AF:3C:E6:78:01:4B
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 72C8EF423C93C6CA77AE24AD8C3F70F6EB650C80
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/38332e3137312e3230302e302f32342d3234203d3e20323033303631.roa
Signing time: Mon 26 Feb 2024 08:52:47 +0000
ROA not before: Mon 26 Feb 2024 08:47:47 +0000
ROA not after: Mon 24 Feb 2025 08:52:47 +0000
asID: 203061
IP address blocks: 83.171.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:c8:ef:42:3c:93:c6:ca:77:ae:24:ad:8c:3f:70:f6:eb:65:0c:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:47 2024 GMT
Not After : Feb 24 08:52:47 2025 GMT
Subject: CN=6B1C927D763F4DE81DCB4072629AAF3CE678014B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:06:fd:2a:ac:95:4e:0f:50:bb:62:34:2e:50:
ec:14:d9:6b:f0:af:7d:c0:fe:f3:5f:b5:c1:f6:6a:
88:4d:d2:6e:6a:10:7b:e6:9f:64:a2:65:81:6e:c6:
21:b6:41:af:7c:bb:d4:bd:db:d9:11:bc:c9:e1:40:
d6:e9:c3:08:62:55:a9:9e:8c:27:14:58:a3:59:ed:
06:20:c2:0c:50:8e:17:cd:c4:40:d5:89:3a:64:ce:
a5:d2:c9:25:94:2b:45:d6:c5:4f:e1:e0:f1:3d:1d:
cd:b9:c1:34:00:be:0b:bd:38:8c:ec:70:c1:cf:6b:
7f:22:1a:19:76:10:64:a9:63:48:1b:a2:82:df:6c:
02:0b:8b:98:11:34:b6:7b:61:d6:02:d7:5f:50:55:
9d:92:1f:df:a5:59:ed:30:b8:85:00:49:b8:2b:1f:
4f:17:67:b5:83:83:bd:32:3e:56:df:eb:ba:ef:4f:
88:a4:d7:a2:63:0e:d9:f4:e5:d0:b2:2a:52:85:68:
39:f1:02:d0:95:da:37:c5:e2:00:c8:0e:b0:be:0f:
31:46:35:27:a9:56:48:0f:d2:6b:ee:84:c2:6b:e3:
8a:78:c5:f2:de:00:ce:44:56:87:2e:05:c9:99:7e:
9d:c4:25:d2:86:6b:9b:8e:0d:6b:97:a6:f3:28:d5:
da:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:1C:92:7D:76:3F:4D:E8:1D:CB:40:72:62:9A:AF:3C:E6:78:01:4B
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/38332e3137312e3230302e302f32342d3234203d3e20323033303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.200.0/24
Signature Algorithm: sha256WithRSAEncryption
24:cb:a5:8e:c0:17:24:09:d7:20:4a:f2:19:27:8a:8e:f9:f0:
eb:74:e0:2d:87:06:91:df:4f:3a:5b:4e:bf:08:a0:9e:b3:2f:
4f:44:81:4b:cc:ef:48:f1:9b:71:48:e8:47:9c:24:72:4e:01:
e7:7e:37:4e:c8:0f:a4:0f:b0:d2:27:d1:3a:d2:73:01:37:60:
9b:6f:27:2e:20:52:43:c0:ba:63:db:c6:a5:a8:af:2a:fd:c9:
2e:9f:96:b8:24:c5:5e:af:53:10:3a:b3:47:3d:8c:ca:00:a3:
ec:0d:49:b5:bd:0a:b7:24:5f:41:a6:93:62:1c:36:1d:e7:a8:
88:fb:58:54:38:76:02:8a:f3:cc:2b:ca:fd:84:62:87:c8:3f:
42:06:b2:29:b3:90:cb:4b:b8:1c:0f:d1:e0:53:2e:d2:6d:00:
86:42:f8:cf:ed:9a:c8:95:a9:d6:ad:e9:1c:af:f6:1a:a6:23:
d4:a4:30:4c:51:48:cb:11:35:7c:a1:af:f9:4f:6f:f1:3e:09:
f7:2c:e5:ab:89:6b:6b:f2:ee:e6:d4:11:8b:f1:3a:d1:d5:ee:
e2:85:39:a6:82:cf:6f:1c:64:6b:ef:49:05:e9:d3:94:d1:07:
b0:85:5e:ba:32:7a:ff:aa:10:c1:d3:cd:88:66:cb:cb:dd:75:
d4:4d:6e:f2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcsjvQjyTxsp3riStjD9w9utlDIAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NDdaFw0yNTAyMjQwODUyNDdaMDMxMTAvBgNV
BAMTKDZCMUM5MjdENzYzRjRERTgxRENCNDA3MjYyOUFBRjNDRTY3ODAxNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdBv0qrJVOD1C7YjQuUOwU2Wvw
r33A/vNftcH2aohN0m5qEHvmn2SiZYFuxiG2Qa98u9S929kRvMnhQNbpwwhiVame
jCcUWKNZ7QYgwgxQjhfNxEDViTpkzqXSySWUK0XWxU/h4PE9Hc25wTQAvgu9OIzs
cMHPa38iGhl2EGSpY0gbooLfbAILi5gRNLZ7YdYC119QVZ2SH9+lWe0wuIUASbgr
H08XZ7WDg70yPlbf67rvT4ik16JjDtn05dCyKlKFaDnxAtCV2jfF4gDIDrC+DzFG
NSepVkgP0mvuhMJr44p4xfLeAM5EVocuBcmZfp3EJdKGa5uODWuXpvMo1dpdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUaxySfXY/Tegdy0ByYpqvPOZ4AUswHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzgzMzJlMzEzNzMxMmUzMjMw
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzMzMDM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABTq8gwDQYJKoZIhvcNAQELBQADggEBACTLpY7AFyQJ1yBK8hknio758Ot04C2H
BpHfTzpbTr8IoJ6zL09EgUvM70jxm3FI6EecJHJOAed+N07ID6QPsNIn0TrScwE3
YJtvJy4gUkPAumPbxqWoryr9yS6flrgkxV6vUxA6s0c9jMoAo+wNSbW9CrckX0Gm
k2IcNh3nqIj7WFQ4dgKK88wryv2EYofIP0IGsimzkMtLuBwP0eBTLtJtAIZC+M/t
msiVqdat6Ryv9hqmI9SkMExRSMsRNXyhr/lPb/E+Cfcs5auJa2vy7ubUEYvxOtHV
7uKFOaaCz28cZGvvSQXp05TRB7CFXroyev+qEMHTzYhmy8vdddRNbvI=
-----END CERTIFICATE-----
Generated at Sun May 12 14:13:08 2024 by rpki-client on console-ams.rpki-client.org