Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/38332e3137312e3230312e302f32342d3234203d3e20323033303631.roa
File: 38332e3137312e3230312e302f32342d3234203d3e20323033303631.roa (raw, json)
Hash identifier: qOV7blHZmY8q228lwuDSwlmdTIA6ZedJDLPdYD+tJuc=
Subject key identifier: CB:89:A2:E3:FA:CB:84:CB:1D:8C:3C:62:C8:00:91:67:AA:17:BD:CA
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 0DBAE57F70F2E4E0A846E6080D2DD1D60232477E
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/38332e3137312e3230312e302f32342d3234203d3e20323033303631.roa
Signing time: Mon 26 Feb 2024 08:52:50 +0000
ROA not before: Mon 26 Feb 2024 08:47:50 +0000
ROA not after: Mon 24 Feb 2025 08:52:50 +0000
asID: 203061
IP address blocks: 83.171.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:ba:e5:7f:70:f2:e4:e0:a8:46:e6:08:0d:2d:d1:d6:02:32:47:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:50 2024 GMT
Not After : Feb 24 08:52:50 2025 GMT
Subject: CN=CB89A2E3FACB84CB1D8C3C62C8009167AA17BDCA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ec:f2:b1:fd:0b:5c:c7:96:20:1d:a6:3b:3c:
ff:18:3b:cf:7e:a7:31:d3:c1:b3:64:67:f3:09:5e:
15:a8:5f:80:b7:ce:57:e4:3f:73:08:be:37:b0:ea:
97:29:6a:5b:a3:b4:ad:c6:69:6f:dd:41:34:05:68:
70:4e:99:e1:ea:05:fa:4f:b2:41:54:8f:dc:05:40:
7b:11:1d:d2:cc:0c:12:ae:7f:bf:b4:e4:49:e5:26:
ec:e8:fe:ec:d2:36:08:56:c0:03:aa:f2:10:d5:8f:
40:52:7b:f6:6e:56:18:a0:0c:e2:95:e8:f1:e4:ca:
65:9f:f2:1b:99:87:63:7a:ca:46:6d:b9:42:d1:cb:
6b:0b:d1:c5:4f:f7:cf:17:01:24:98:1f:f2:02:46:
ca:d7:63:b6:0d:33:e7:4c:78:21:4b:13:4e:75:0f:
fd:82:76:91:40:33:cf:cc:79:53:37:86:cf:3d:83:
c7:f5:cb:ee:fc:a8:b2:1b:7e:7f:00:b7:0c:43:8b:
f7:5e:52:2d:31:24:10:a4:3d:34:22:46:a5:77:a5:
61:02:00:95:8f:bd:cd:12:52:1a:29:8e:f1:3f:98:
29:b1:cf:ce:a4:46:34:81:30:62:e0:9c:6d:d7:16:
19:cb:77:62:00:85:a2:86:70:0f:ee:bd:97:5c:b1:
bf:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:89:A2:E3:FA:CB:84:CB:1D:8C:3C:62:C8:00:91:67:AA:17:BD:CA
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/38332e3137312e3230312e302f32342d3234203d3e20323033303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.201.0/24
Signature Algorithm: sha256WithRSAEncryption
81:a4:69:b5:3e:4b:65:59:d8:21:1b:f4:2c:bc:ed:94:40:fa:
70:08:3b:39:9f:16:19:28:6e:2e:1c:85:48:c5:34:c1:c8:64:
ea:32:d2:b1:1e:33:b0:19:9f:0e:c0:4d:99:b5:a1:42:13:9e:
06:92:bf:8d:3e:51:de:10:fb:ee:16:2f:9f:4e:fd:9c:5b:2c:
99:6c:40:07:e5:50:ab:f7:15:b6:50:5f:37:4c:a9:d9:10:17:
4e:41:81:4a:3c:a7:a2:6c:5e:f9:b3:4c:23:00:ff:26:cd:56:
3e:19:a7:bb:b5:b3:93:a8:c5:c1:c9:45:e6:fd:0b:4c:2d:13:
66:08:e5:2b:c7:f2:32:e1:02:73:15:1d:86:29:48:06:e4:07:
16:65:6c:11:d6:06:a8:41:4f:da:96:cb:97:c5:af:7c:5f:64:
fb:e6:14:c7:27:b9:5b:31:6f:0e:55:c0:f7:81:95:a8:2a:d0:
83:37:8e:11:ae:6e:1f:4f:61:e1:2c:92:c8:dc:15:62:60:51:
fe:69:a3:d3:98:ec:3d:c5:08:9c:69:f1:59:4e:f2:e5:f1:8a:
c8:29:62:aa:1a:ab:4a:c0:52:68:ce:87:f7:5c:7c:e8:c7:fb:
eb:95:28:00:96:92:54:76:fa:c1:36:e4:7c:e3:62:7d:90:6a:
88:4b:bc:ec
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDbrlf3Dy5OCoRuYIDS3R1gIyR34wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NTBaFw0yNTAyMjQwODUyNTBaMDMxMTAvBgNV
BAMTKENCODlBMkUzRkFDQjg0Q0IxRDhDM0M2MkM4MDA5MTY3QUExN0JEQ0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY7PKx/Qtcx5YgHaY7PP8YO89+
pzHTwbNkZ/MJXhWoX4C3zlfkP3MIvjew6pcpalujtK3GaW/dQTQFaHBOmeHqBfpP
skFUj9wFQHsRHdLMDBKuf7+05EnlJuzo/uzSNghWwAOq8hDVj0BSe/ZuVhigDOKV
6PHkymWf8huZh2N6ykZtuULRy2sL0cVP988XASSYH/ICRsrXY7YNM+dMeCFLE051
D/2CdpFAM8/MeVM3hs89g8f1y+78qLIbfn8AtwxDi/deUi0xJBCkPTQiRqV3pWEC
AJWPvc0SUhopjvE/mCmxz86kRjSBMGLgnG3XFhnLd2IAhaKGcA/uvZdcsb9JAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUy4mi4/rLhMsdjDxiyACRZ6oXvcowHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzgzMzJlMzEzNzMxMmUzMjMw
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzMzMDM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABTq8kwDQYJKoZIhvcNAQELBQADggEBAIGkabU+S2VZ2CEb9Cy87ZRA+nAIOzmf
Fhkobi4chUjFNMHIZOoy0rEeM7AZnw7ATZm1oUITngaSv40+Ud4Q++4WL59O/Zxb
LJlsQAflUKv3FbZQXzdMqdkQF05BgUo8p6JsXvmzTCMA/ybNVj4Zp7u1s5OoxcHJ
Reb9C0wtE2YI5SvH8jLhAnMVHYYpSAbkBxZlbBHWBqhBT9qWy5fFr3xfZPvmFMcn
uVsxbw5VwPeBlagq0IM3jhGubh9PYeEsksjcFWJgUf5po9OY7D3FCJxp8VlO8uXx
isgpYqoaq0rAUmjOh/dcfOjH++uVKACWklR2+sE25HzjYn2QaohLvOw=
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:14:44 2024 by rpki-client on console-ams.rpki-client.org