Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39312e3231342e36352e302f32342d3234203d3e20313336373837.roa
File: 39312e3231342e36352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: FXT9Z0oAc4NHKr9A8hfEaQAg+dGPRyy2u1OAlhuJktY=
Subject key identifier: 29:AD:13:F7:88:19:E5:57:B9:DD:16:6C:3A:53:7B:CF:13:1E:5A:38
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 05513EBCB7B503786B1DB483A4A959BE59CB40C4
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39312e3231342e36352e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:18 +0000
ROA not before: Mon 01 Apr 2024 13:58:18 +0000
ROA not after: Mon 31 Mar 2025 14:03:18 +0000
asID: 136787
IP address blocks: 91.214.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:51:3e:bc:b7:b5:03:78:6b:1d:b4:83:a4:a9:59:be:59:cb:40:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 1 13:58:18 2024 GMT
Not After : Mar 31 14:03:18 2025 GMT
Subject: CN=29AD13F78819E557B9DD166C3A537BCF131E5A38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:55:a9:a0:3c:d7:19:3c:a4:e5:ac:8f:a4:61:
05:44:9f:e6:2c:bd:0e:48:38:d6:35:dc:6a:2b:cf:
2c:3d:60:65:45:fb:27:3a:23:c2:fb:27:b7:cb:e4:
5d:c1:f5:36:1f:76:31:aa:38:7d:a2:5c:a0:3d:61:
41:5f:9d:02:a0:99:88:e7:9e:56:14:15:7c:c3:5b:
e2:7f:72:0b:0a:07:48:fb:38:4a:ff:4b:0c:6b:bd:
27:cc:3a:b5:d7:1c:13:93:6c:45:93:eb:ab:9f:81:
ab:88:9b:1f:ce:2a:3a:20:f5:3f:79:e3:95:85:7a:
55:e8:4f:61:b5:f3:b0:0b:c1:d8:cf:eb:3a:25:05:
a4:8a:f9:6e:a5:03:d9:9c:6f:9f:eb:e7:12:7a:90:
5c:db:eb:5c:49:26:25:3e:b2:9f:cb:3c:df:fa:1c:
e5:0f:55:c9:f1:c1:09:a3:47:1a:3e:02:df:d2:70:
73:3e:6e:eb:e2:c8:08:75:4a:76:e9:f5:dc:d6:e5:
51:d0:f2:03:b8:16:c2:ba:5b:3c:11:ef:6e:67:39:
15:4c:00:85:cb:61:2f:d6:be:8a:02:4a:fc:e5:b6:
b8:af:4f:2a:22:91:06:d3:f0:fd:8b:34:eb:4b:ce:
27:7c:16:e8:af:7f:6f:ff:7c:46:7e:42:36:92:ff:
fc:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:AD:13:F7:88:19:E5:57:B9:DD:16:6C:3A:53:7B:CF:13:1E:5A:38
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39312e3231342e36352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.214.65.0/24
Signature Algorithm: sha256WithRSAEncryption
17:ca:4d:e7:3d:45:ce:34:47:38:f6:3a:c1:df:eb:4d:05:ab:
a2:f5:8b:76:18:52:a5:1b:e7:8a:f4:7f:b3:53:82:59:fd:fd:
f8:4e:e3:a4:19:db:a4:4c:52:00:94:7b:3b:54:bf:c1:36:36:
58:6f:f1:17:c5:7d:12:b5:54:55:6b:55:e6:68:ea:97:a8:84:
82:10:0d:cf:8e:12:e2:df:14:f4:bc:ff:59:17:a9:56:f1:14:
9e:63:28:79:0e:f1:b9:22:47:a4:a8:39:ef:b6:a2:28:29:6e:
91:56:8c:11:7b:9a:7c:10:41:5b:af:28:df:7a:fb:e2:e1:85:
9b:cb:fc:ae:b2:a6:8f:80:20:92:84:72:9c:d4:05:d2:b4:c7:
f7:3d:1b:38:a0:b1:44:3f:ef:72:bc:25:74:51:05:23:4f:ab:
9e:76:4a:98:eb:bb:75:f0:cf:fd:60:59:f1:41:5b:54:d9:7b:
c6:3c:94:9f:22:e7:65:c4:8c:2c:57:14:5a:a1:e1:e7:8d:59:
79:69:4e:cb:1d:22:8a:be:b8:73:94:a1:93:ec:b7:77:66:85:
fe:01:1c:70:f0:86:4e:0f:52:37:4a:01:8f:00:88:d4:cc:fe:
7b:11:48:f5:de:5c:b3:59:b1:1b:1e:41:af:0e:a9:8c:dd:57:
50:22:53:0a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBVE+vLe1A3hrHbSDpKlZvlnLQMQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA0MDExMzU4MThaFw0yNTAzMzExNDAzMThaMDMxMTAvBgNV
BAMTKDI5QUQxM0Y3ODgxOUU1NTdCOUREMTY2QzNBNTM3QkNGMTMxRTVBMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLVamgPNcZPKTlrI+kYQVEn+Ys
vQ5IONY13Gorzyw9YGVF+yc6I8L7J7fL5F3B9TYfdjGqOH2iXKA9YUFfnQKgmYjn
nlYUFXzDW+J/cgsKB0j7OEr/SwxrvSfMOrXXHBOTbEWT66ufgauImx/OKjog9T95
45WFelXoT2G187ALwdjP6zolBaSK+W6lA9mcb5/r5xJ6kFzb61xJJiU+sp/LPN/6
HOUPVcnxwQmjRxo+At/ScHM+buviyAh1Snbp9dzW5VHQ8gO4FsK6WzwR725nORVM
AIXLYS/WvooCSvzltrivTyoikQbT8P2LNOtLzid8Fuivf2//fEZ+QjaS//wtAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUKa0T94gZ5Ve53RZsOlN7zxMeWjgwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzkzMTJlMzIzMTM0MmUzNjM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
W9ZBMA0GCSqGSIb3DQEBCwUAA4IBAQAXyk3nPUXONEc49jrB3+tNBaui9Yt2GFKl
G+eK9H+zU4JZ/f34TuOkGdukTFIAlHs7VL/BNjZYb/EXxX0StVRVa1XmaOqXqISC
EA3PjhLi3xT0vP9ZF6lW8RSeYyh5DvG5IkekqDnvtqIoKW6RVowRe5p8EEFbryjf
evvi4YWby/yusqaPgCCShHKc1AXStMf3PRs4oLFEP+9yvCV0UQUjT6uedkqY67t1
8M/9YFnxQVtU2XvGPJSfIudlxIwsVxRaoeHnjVl5aU7LHSKKvrhzlKGT7Ld3ZoX+
ARxw8IZOD1I3SgGPAIjUzP57EUj13lyzWbEbHkGvDqmM3VdQIlMK
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:44 2024 by rpki-client on console-ams.rpki-client.org