Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/38332e3137312e3230322e302f32342d3234203d3e20323033303631.roa
File: 38332e3137312e3230322e302f32342d3234203d3e20323033303631.roa (raw, json)
Hash identifier: frXlmN/CLDY3eSdaUUIZ2MfJtHYsssipvzQAYRA1UHs=
Subject key identifier: 31:85:8E:3B:C4:E7:FB:32:91:D7:0A:39:6F:C3:97:23:D6:25:E9:2D
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 0B91BA8B336A5AB69B18A21F6ABB9AC70B2E8D66
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/38332e3137312e3230322e302f32342d3234203d3e20323033303631.roa
Signing time: Mon 26 Feb 2024 08:52:53 +0000
ROA not before: Mon 26 Feb 2024 08:47:53 +0000
ROA not after: Mon 24 Feb 2025 08:52:53 +0000
asID: 203061
IP address blocks: 83.171.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:91:ba:8b:33:6a:5a:b6:9b:18:a2:1f:6a:bb:9a:c7:0b:2e:8d:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:53 2024 GMT
Not After : Feb 24 08:52:53 2025 GMT
Subject: CN=31858E3BC4E7FB3291D70A396FC39723D625E92D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a8:dd:d8:09:9d:17:b3:c0:06:47:de:a8:be:
3f:3c:8e:41:90:e0:0c:0a:9d:34:2d:3e:bf:b6:bc:
97:69:44:8d:57:eb:9e:5e:b2:fa:e2:d5:36:e6:b7:
8f:62:46:e4:b7:f1:93:09:b8:c3:c5:7e:56:56:15:
b3:40:b1:d1:91:a3:c6:49:c6:ad:21:25:ba:94:20:
da:80:5c:fd:75:d5:9f:79:47:2c:f3:45:30:d1:57:
b2:b8:c8:12:7a:ea:66:22:9a:33:ea:ad:58:b6:32:
df:3a:34:d4:f5:05:17:f2:b0:5a:e0:7f:0f:fe:8c:
ef:5f:f5:fc:06:3d:e9:91:15:8e:37:d5:dd:09:92:
d2:2f:b2:fa:03:2d:33:49:2d:d8:02:5b:0e:f4:66:
b8:50:30:78:06:0c:44:fa:99:f6:17:4c:f3:1b:50:
2b:73:83:53:57:06:64:e8:c0:d2:72:48:31:86:58:
5f:f1:b1:34:9b:bb:8e:5a:4a:3c:a6:a4:89:80:71:
30:c7:fa:52:31:7c:a1:ec:0e:7a:08:9a:a8:d8:10:
d1:3a:ef:25:9a:2c:5c:7c:78:75:a2:fb:67:8f:81:
5e:c6:d1:86:6c:73:04:6b:da:bf:ae:7b:7b:66:d0:
00:fa:5a:28:60:25:4c:8f:e5:3e:7a:e7:57:29:d8:
b7:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:85:8E:3B:C4:E7:FB:32:91:D7:0A:39:6F:C3:97:23:D6:25:E9:2D
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/38332e3137312e3230322e302f32342d3234203d3e20323033303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.202.0/24
Signature Algorithm: sha256WithRSAEncryption
70:e8:e8:0e:25:b3:49:c0:30:9d:38:67:6f:84:43:c1:c7:2a:
fb:32:3f:42:fb:62:75:3a:27:cb:7b:6e:fe:a5:80:c3:1d:8b:
f2:33:cf:a2:c1:08:a9:53:8a:37:71:d1:70:2a:37:2c:60:ca:
e4:37:22:03:6f:c5:fd:fc:04:f8:72:e6:2b:82:14:c0:1f:4b:
f1:71:03:26:87:37:c2:05:b9:b7:df:cf:4d:d4:57:ed:47:37:
54:ea:51:80:5b:e0:ad:b3:2f:4e:4d:90:2f:6f:d3:53:15:ff:
0c:bf:83:2f:03:13:9d:51:4e:c4:84:c7:4e:a8:ae:58:1f:e5:
55:1c:ed:a2:9b:dc:2b:66:2a:2d:43:d4:be:b5:95:bf:62:07:
a6:c1:e7:60:86:15:59:d9:dc:94:9c:a0:50:a0:16:ed:33:34:
11:1c:61:09:fe:a7:e0:df:1d:90:4e:76:d0:b1:47:64:ce:3f:
8a:a4:ac:8c:6f:2c:af:5b:56:2c:fc:4b:20:8f:6b:eb:43:e5:
c3:ca:5c:3e:8e:cb:af:d2:4a:ca:c3:6b:5b:03:0e:e9:7d:f9:
c3:09:af:cc:0d:de:4c:4a:7e:3c:6c:80:1f:c6:a5:b1:06:63:
fa:3e:88:d9:4e:8d:5a:d8:27:1a:dd:7a:ce:ab:c5:d7:e1:37:
b3:c8:ae:be
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUC5G6izNqWrabGKIfaruaxwsujWYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NTNaFw0yNTAyMjQwODUyNTNaMDMxMTAvBgNV
BAMTKDMxODU4RTNCQzRFN0ZCMzI5MUQ3MEEzOTZGQzM5NzIzRDYyNUU5MkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBqN3YCZ0Xs8AGR96ovj88jkGQ
4AwKnTQtPr+2vJdpRI1X655esvri1Tbmt49iRuS38ZMJuMPFflZWFbNAsdGRo8ZJ
xq0hJbqUINqAXP111Z95RyzzRTDRV7K4yBJ66mYimjPqrVi2Mt86NNT1BRfysFrg
fw/+jO9f9fwGPemRFY431d0JktIvsvoDLTNJLdgCWw70ZrhQMHgGDET6mfYXTPMb
UCtzg1NXBmTowNJySDGGWF/xsTSbu45aSjympImAcTDH+lIxfKHsDnoImqjYENE6
7yWaLFx8eHWi+2ePgV7G0YZscwRr2r+ue3tm0AD6WihgJUyP5T5651cp2Lc/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUMYWOO8Tn+zKR1wo5b8OXI9Yl6S0wHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzgzMzJlMzEzNzMxMmUzMjMw
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzMzMDM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABTq8owDQYJKoZIhvcNAQELBQADggEBAHDo6A4ls0nAMJ04Z2+EQ8HHKvsyP0L7
YnU6J8t7bv6lgMMdi/Izz6LBCKlTijdx0XAqNyxgyuQ3IgNvxf38BPhy5iuCFMAf
S/FxAyaHN8IFubffz03UV+1HN1TqUYBb4K2zL05NkC9v01MV/wy/gy8DE51RTsSE
x06orlgf5VUc7aKb3CtmKi1D1L61lb9iB6bB52CGFVnZ3JScoFCgFu0zNBEcYQn+
p+DfHZBOdtCxR2TOP4qkrIxvLK9bViz8SyCPa+tD5cPKXD6Oy6/SSsrDa1sDDul9
+cMJr8wN3kxKfjxsgB/GpbEGY/o+iNlOjVrYJxrdes6rxdfhN7PIrr4=
-----END CERTIFICATE-----