Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39312e3231342e36372e302f32342d3234203d3e20313336373837.roa
File: 39312e3231342e36372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: SsPHd823/uRChiQ2R4U2eZbgjZwie/bEFFRz7d4wPeA=
Subject key identifier: 32:DC:B6:F3:F5:D2:C7:08:39:18:9F:EB:CE:68:53:0D:61:60:0A:8D
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 752D6D562D10D806012B8E3A61C361483D9F3BCE
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39312e3231342e36372e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:17 +0000
ROA not before: Mon 01 Apr 2024 13:58:17 +0000
ROA not after: Mon 31 Mar 2025 14:03:17 +0000
asID: 136787
IP address blocks: 91.214.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:2d:6d:56:2d:10:d8:06:01:2b:8e:3a:61:c3:61:48:3d:9f:3b:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 1 13:58:17 2024 GMT
Not After : Mar 31 14:03:17 2025 GMT
Subject: CN=32DCB6F3F5D2C70839189FEBCE68530D61600A8D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e2:69:b9:f4:db:37:c7:2c:a7:0b:a6:b5:6c:
59:70:c9:f5:8a:1c:62:cc:df:fe:b3:b5:63:f1:a3:
04:08:49:f6:5a:bc:e4:ce:fc:50:8b:9e:85:ae:3e:
2f:14:aa:85:6c:32:2d:bd:86:c2:8b:c4:33:53:c9:
a6:a3:04:d4:6b:f1:f6:cc:df:b8:bd:8f:6d:58:4c:
d1:93:f9:22:99:25:7d:be:01:2d:fc:74:dc:db:12:
7b:a6:a7:49:47:5d:17:06:5c:90:89:a9:c9:aa:68:
55:1d:93:13:7f:af:49:6a:68:f6:da:8d:03:03:b4:
16:53:ef:83:ed:af:d1:bc:7e:07:c4:82:3b:cf:a8:
57:2e:56:12:0b:4c:f9:a0:b5:9e:fc:e8:8c:b1:30:
5a:c1:67:b8:90:84:9a:d1:73:9b:ab:b8:fd:95:ff:
28:05:09:0d:c6:fc:0b:03:a0:36:de:a3:64:86:8e:
6a:a7:0a:d0:ef:7d:ce:c3:75:04:50:af:b3:01:79:
2b:49:07:3e:43:fc:94:94:91:8d:e9:95:a2:e0:01:
1b:43:12:cd:34:a4:4d:60:8f:03:59:75:44:5c:91:
c7:91:6d:ba:e1:8b:8e:1c:98:4e:ac:31:9b:4a:a1:
c9:e0:f9:4d:f0:a8:2c:4b:a4:a2:ef:1a:6c:03:e2:
8b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:DC:B6:F3:F5:D2:C7:08:39:18:9F:EB:CE:68:53:0D:61:60:0A:8D
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39312e3231342e36372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.214.67.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:72:7e:e7:c5:cd:9e:7b:89:83:74:4e:1d:f8:ef:43:dd:92:
f9:22:b4:87:04:44:92:51:c7:00:a1:21:65:59:2a:9f:7f:89:
f8:34:7a:72:61:4f:8f:5b:ad:59:1b:ba:e0:8b:97:c9:f9:f6:
c4:5e:08:9f:4d:5e:17:ae:95:03:95:fa:1e:ed:e4:64:27:cf:
b2:81:f9:7b:aa:ed:3b:fd:33:b9:bd:a3:0c:cd:f0:93:c8:31:
66:e5:f7:3a:da:89:e1:02:19:c3:8b:54:59:be:79:05:14:bd:
90:3c:6c:19:7e:34:11:fd:42:32:a5:74:da:4f:4f:54:55:af:
d7:64:f3:a0:82:a8:06:20:8f:2c:08:8e:32:17:9d:3f:7d:9e:
a8:90:b1:4a:9d:42:9a:55:43:74:83:de:9a:4e:59:67:63:ec:
15:fc:81:38:5d:ad:94:b8:69:98:a2:91:9c:87:8e:f9:4d:eb:
e4:81:00:32:57:17:c4:e8:78:7d:b2:37:b3:29:a7:b9:75:d0:
01:44:31:6a:a9:e1:d7:b1:c0:13:97:8e:ce:da:fc:03:74:37:
e3:c5:fd:31:eb:19:3e:b3:9a:ba:a8:8b:8d:e4:0a:b0:f9:bb:
04:d9:87:8e:26:d6:65:64:94:a1:cf:2b:f2:41:da:de:d3:83:
a0:1e:79:aa
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdS1tVi0Q2AYBK446YcNhSD2fO84wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA0MDExMzU4MTdaFw0yNTAzMzExNDAzMTdaMDMxMTAvBgNV
BAMTKDMyRENCNkYzRjVEMkM3MDgzOTE4OUZFQkNFNjg1MzBENjE2MDBBOEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC24mm59Ns3xyynC6a1bFlwyfWK
HGLM3/6ztWPxowQISfZavOTO/FCLnoWuPi8UqoVsMi29hsKLxDNTyaajBNRr8fbM
37i9j21YTNGT+SKZJX2+AS38dNzbEnump0lHXRcGXJCJqcmqaFUdkxN/r0lqaPba
jQMDtBZT74Ptr9G8fgfEgjvPqFcuVhILTPmgtZ786IyxMFrBZ7iQhJrRc5uruP2V
/ygFCQ3G/AsDoDbeo2SGjmqnCtDvfc7DdQRQr7MBeStJBz5D/JSUkY3plaLgARtD
Es00pE1gjwNZdURckceRbbrhi44cmE6sMZtKocng+U3wqCxLpKLvGmwD4otjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUMty28/XSxwg5GJ/rzmhTDWFgCo0wHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzkzMTJlMzIzMTM0MmUzNjM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
W9ZDMA0GCSqGSIb3DQEBCwUAA4IBAQB7cn7nxc2ee4mDdE4d+O9D3ZL5IrSHBESS
UccAoSFlWSqff4n4NHpyYU+PW61ZG7rgi5fJ+fbEXgifTV4XrpUDlfoe7eRkJ8+y
gfl7qu07/TO5vaMMzfCTyDFm5fc62onhAhnDi1RZvnkFFL2QPGwZfjQR/UIypXTa
T09UVa/XZPOggqgGII8sCI4yF50/fZ6okLFKnUKaVUN0g96aTllnY+wV/IE4Xa2U
uGmYopGch475TevkgQAyVxfE6Hh9sjezKae5ddABRDFqqeHXscATl47O2vwDdDfj
xf0x6xk+s5q6qIuN5Aqw+bsE2YeOJtZlZJShzyvyQdre04OgHnmq
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:22 2024 by rpki-client on console-fra.rpki-client.org