Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39322e3234322e3138382e302f32342d3234203d3e20313336373837.roa
File: 39322e3234322e3138382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: QXimfNpCqlja89gRZ7SwVCFpd0NVk38H4vWA++aFNMo=
Subject key identifier: 63:12:63:86:7D:5E:E9:73:D0:40:2F:C6:81:95:9F:F8:50:D4:3F:D1
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 282A18969C29686FB65EC880977898199E1E4012
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39322e3234322e3138382e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 07 Feb 2024 12:34:02 +0000
ROA not before: Wed 07 Feb 2024 12:29:02 +0000
ROA not after: Wed 05 Feb 2025 12:34:02 +0000
asID: 136787
IP address blocks: 92.242.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:2a:18:96:9c:29:68:6f:b6:5e:c8:80:97:78:98:19:9e:1e:40:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 7 12:29:02 2024 GMT
Not After : Feb 5 12:34:02 2025 GMT
Subject: CN=631263867D5EE973D0402FC681959FF850D43FD1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9f:a4:bf:06:1b:4b:8f:43:8c:d0:94:2b:a1:
14:bc:9b:99:2b:ad:e3:27:fe:14:eb:2a:a1:0a:c1:
09:0c:11:b8:ac:57:bc:9c:37:7b:a6:1b:8e:90:fd:
3b:66:d6:0b:6a:86:9b:e9:66:a8:61:35:a9:cb:77:
21:c3:44:02:7f:4b:17:2b:a6:43:5c:94:ba:17:b1:
43:b3:fa:6a:69:29:fb:83:06:10:85:f6:22:bc:26:
87:77:b0:ae:5b:a4:36:cb:0f:89:8a:44:42:85:eb:
3a:3b:53:5c:b3:8e:e5:59:36:4d:eb:b8:02:94:78:
2f:7f:81:6b:15:55:ef:eb:f3:50:cf:0f:ec:45:9d:
49:ea:75:8f:cc:15:4e:ae:b7:11:b4:1d:e6:e1:37:
c2:d2:3a:de:2e:e7:0d:4f:8a:44:88:03:ec:28:c3:
40:87:cd:48:50:8b:8e:21:b2:c3:0b:d1:c3:db:36:
f2:13:7f:1f:f7:fb:57:a4:5a:ea:04:48:47:da:f9:
1b:fd:53:3d:67:ff:72:3c:42:ac:9c:b4:e4:29:c1:
08:e4:93:98:b7:4e:16:8f:28:99:88:40:66:58:7f:
4d:29:40:42:61:2d:12:55:3e:b2:75:1f:19:0a:2e:
5d:b7:df:cd:06:8b:53:3c:74:94:25:aa:b1:9b:7d:
89:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:12:63:86:7D:5E:E9:73:D0:40:2F:C6:81:95:9F:F8:50:D4:3F:D1
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39322e3234322e3138382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.242.188.0/24
Signature Algorithm: sha256WithRSAEncryption
16:9f:a2:0c:79:71:98:54:d1:39:ae:cb:04:27:d9:97:d2:d9:
14:3e:e3:5e:d5:31:dc:6d:5b:90:89:b6:a2:e2:ff:3e:a5:40:
bd:ff:dd:35:ae:a1:9f:34:1a:a0:a1:2b:59:5e:a0:2e:26:04:
11:64:86:c4:c3:c1:09:5f:48:e3:bf:3d:39:a1:fb:65:c2:40:
c9:ee:cf:60:3f:d3:ff:f9:77:76:b4:59:be:d3:e9:3d:6f:14:
20:d6:3e:8a:e7:06:c4:fe:b3:cc:f2:95:ad:5e:ab:3a:6b:b9:
7a:6f:cb:2f:e0:25:dd:05:17:82:c2:b1:40:d2:35:d8:77:da:
96:0b:07:87:0b:f4:90:82:2b:58:9f:71:7b:80:de:2b:a8:91:
ba:ad:6c:60:ca:ed:f1:38:83:56:86:f3:c6:71:b4:58:39:33:
49:99:9b:97:cf:d9:a5:63:99:4e:2a:4d:b2:73:39:8f:de:ef:
e1:1e:75:1a:7c:0e:93:92:48:91:7a:ff:7e:ae:7c:3d:5f:e0:
ee:8f:87:eb:13:65:39:c3:4d:63:64:3e:e7:83:17:b7:ff:e2:
8f:85:d1:97:76:f3:ff:6f:eb:2a:87:bd:59:62:ca:bd:40:f0:
90:14:cf:9e:35:12:1f:42:c7:40:ea:a3:e7:76:fd:bf:26:bd:
bf:88:3b:99
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKCoYlpwpaG+2XsiAl3iYGZ4eQBIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMDcxMjI5MDJaFw0yNTAyMDUxMjM0MDJaMDMxMTAvBgNV
BAMTKDYzMTI2Mzg2N0Q1RUU5NzNEMDQwMkZDNjgxOTU5RkY4NTBENDNGRDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/n6S/BhtLj0OM0JQroRS8m5kr
reMn/hTrKqEKwQkMEbisV7ycN3umG46Q/Ttm1gtqhpvpZqhhNanLdyHDRAJ/Sxcr
pkNclLoXsUOz+mppKfuDBhCF9iK8Jod3sK5bpDbLD4mKREKF6zo7U1yzjuVZNk3r
uAKUeC9/gWsVVe/r81DPD+xFnUnqdY/MFU6utxG0HebhN8LSOt4u5w1PikSIA+wo
w0CHzUhQi44hssML0cPbNvITfx/3+1ekWuoESEfa+Rv9Uz1n/3I8QqyctOQpwQjk
k5i3ThaPKJmIQGZYf00pQEJhLRJVPrJ1HxkKLl23380Gi1M8dJQlqrGbfYmlAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUYxJjhn1e6XPQQC/GgZWf+FDUP9EwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzkzMjJlMzIzNDMyMmUzMTM4
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABc8rwwDQYJKoZIhvcNAQELBQADggEBABafogx5cZhU0TmuywQn2ZfS2RQ+417V
MdxtW5CJtqLi/z6lQL3/3TWuoZ80GqChK1leoC4mBBFkhsTDwQlfSOO/PTmh+2XC
QMnuz2A/0//5d3a0Wb7T6T1vFCDWPornBsT+s8zyla1eqzpruXpvyy/gJd0FF4LC
sUDSNdh32pYLB4cL9JCCK1ifcXuA3iuokbqtbGDK7fE4g1aG88ZxtFg5M0mZm5fP
2aVjmU4qTbJzOY/e7+EedRp8DpOSSJF6/36ufD1f4O6Ph+sTZTnDTWNkPueDF7f/
4o+F0Zd28/9v6yqHvVliyr1A8JAUz541Eh9Cx0Dqo+d2/b8mvb+IO5k=
-----END CERTIFICATE-----
Generated at Wed May 8 11:32:57 2024 by rpki-client on console-ams.rpki-client.org