Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39322e3234322e3138392e302f32342d3234203d3e20313336373837.roa
File: 39322e3234322e3138392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 39GNe1eHjdOJMLPFCJWNZUiOzkp2cnogfiZkT7AmR5U=
Subject key identifier: F6:4C:00:28:67:DE:A1:91:D4:67:82:04:EB:48:29:A9:37:4E:19:3E
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 66D725E2689C7B1437D858BC470FBCFBE941A9A1
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39322e3234322e3138392e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 07 Feb 2024 12:34:03 +0000
ROA not before: Wed 07 Feb 2024 12:29:03 +0000
ROA not after: Wed 05 Feb 2025 12:34:03 +0000
asID: 136787
IP address blocks: 92.242.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:d7:25:e2:68:9c:7b:14:37:d8:58:bc:47:0f:bc:fb:e9:41:a9:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 7 12:29:03 2024 GMT
Not After : Feb 5 12:34:03 2025 GMT
Subject: CN=F64C002867DEA191D4678204EB4829A9374E193E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ed:4d:68:d8:2e:0d:99:cd:17:86:50:29:b8:
b4:5b:7c:7a:7b:48:44:25:1b:42:fa:28:ec:c0:ea:
fd:93:e9:fd:b5:2d:c9:cf:26:a1:aa:14:43:ab:6a:
9c:89:9d:fe:7d:d6:94:db:68:11:fd:6f:09:d5:ab:
69:05:73:8e:b3:72:b3:8b:50:2e:ef:54:a0:19:33:
c9:13:47:9f:c6:b1:3b:04:f0:79:b2:48:ab:c9:8a:
80:bb:48:e1:a9:2a:df:e2:fd:aa:08:77:29:aa:2a:
97:5b:50:14:36:22:58:8b:56:73:5a:75:5d:41:cc:
63:7b:40:91:b8:e1:f5:dc:fe:c3:a4:9e:76:b4:60:
be:99:4a:7d:2a:e6:02:ee:f4:fd:82:e6:4a:eb:63:
5c:54:4f:4e:02:17:97:7a:42:cd:c3:1e:1b:ff:93:
6a:b6:95:84:a9:26:63:b1:31:a0:28:4a:83:60:fc:
68:61:32:2a:0e:e5:50:51:c5:cc:9e:25:56:96:3f:
95:cd:68:0e:56:16:42:df:7a:6c:1f:4c:88:6f:2f:
22:9a:46:46:04:1e:86:fa:71:34:89:f8:80:b5:26:
08:d7:57:87:40:15:f4:14:d3:e2:57:4f:77:da:85:
d9:d4:6b:24:3d:e0:34:ed:18:66:ec:f3:05:d2:9c:
a3:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:4C:00:28:67:DE:A1:91:D4:67:82:04:EB:48:29:A9:37:4E:19:3E
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39322e3234322e3138392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.242.189.0/24
Signature Algorithm: sha256WithRSAEncryption
55:9b:b9:cd:d8:24:7c:f1:ea:31:36:5c:07:9a:47:8c:57:16:
f7:07:c1:38:b8:8f:20:d8:6a:ce:0d:63:31:6d:99:3d:77:b1:
dd:e4:09:86:38:3d:1f:f2:0b:84:ed:db:02:3a:b7:9a:8a:24:
e4:0f:60:b4:31:05:cf:2c:7b:03:59:8b:5c:37:64:f8:3c:90:
70:ca:02:52:26:b0:37:bb:8a:af:d7:dc:05:01:f7:4a:08:4b:
03:f4:f7:e7:69:ec:9d:7b:f8:b5:53:2a:ff:67:a4:6a:d9:e3:
04:1e:96:e3:72:97:ff:f2:8c:f3:6e:6a:f6:1d:05:17:ae:23:
62:d0:4a:61:75:8b:f3:c1:1b:f3:0d:27:33:e4:eb:a7:14:13:
e2:71:45:61:85:a9:dc:9d:f8:bb:91:73:37:18:20:c4:ab:da:
26:a2:39:f2:a4:3c:e1:c9:19:28:73:3b:05:0b:55:40:80:2a:
d4:2f:b3:8b:8b:fa:d5:21:db:8a:72:f6:5f:da:56:67:61:89:
15:12:0c:1c:aa:83:c1:ba:88:f6:a3:b9:1c:6e:66:53:cd:8b:
25:34:a4:3a:a7:0b:2c:44:6d:d7:6a:3b:fe:df:02:60:ab:43:
70:6d:63:2b:97:c4:17:c8:40:f7:0a:e6:56:19:5e:9d:14:b5:
8b:a4:69:f0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZtcl4micexQ32Fi8Rw+8++lBqaEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMDcxMjI5MDNaFw0yNTAyMDUxMjM0MDNaMDMxMTAvBgNV
BAMTKEY2NEMwMDI4NjdERUExOTFENDY3ODIwNEVCNDgyOUE5Mzc0RTE5M0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv7U1o2C4Nmc0XhlApuLRbfHp7
SEQlG0L6KOzA6v2T6f21LcnPJqGqFEOrapyJnf591pTbaBH9bwnVq2kFc46zcrOL
UC7vVKAZM8kTR5/GsTsE8HmySKvJioC7SOGpKt/i/aoIdymqKpdbUBQ2IliLVnNa
dV1BzGN7QJG44fXc/sOknna0YL6ZSn0q5gLu9P2C5krrY1xUT04CF5d6Qs3DHhv/
k2q2lYSpJmOxMaAoSoNg/GhhMioO5VBRxcyeJVaWP5XNaA5WFkLfemwfTIhvLyKa
RkYEHob6cTSJ+IC1JgjXV4dAFfQU0+JXT3fahdnUayQ94DTtGGbs8wXSnKNHAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU9kwAKGfeoZHUZ4IE60gpqTdOGT4wHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzkzMjJlMzIzNDMyMmUzMTM4
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABc8r0wDQYJKoZIhvcNAQELBQADggEBAFWbuc3YJHzx6jE2XAeaR4xXFvcHwTi4
jyDYas4NYzFtmT13sd3kCYY4PR/yC4Tt2wI6t5qKJOQPYLQxBc8sewNZi1w3ZPg8
kHDKAlImsDe7iq/X3AUB90oISwP09+dp7J17+LVTKv9npGrZ4wQeluNyl//yjPNu
avYdBReuI2LQSmF1i/PBG/MNJzPk66cUE+JxRWGFqdyd+LuRczcYIMSr2iaiOfKk
POHJGShzOwULVUCAKtQvs4uL+tUh24py9l/aVmdhiRUSDByqg8G6iPajuRxuZlPN
iyU0pDqnCyxEbddqO/7fAmCrQ3BtYyuXxBfIQPcK5lYZXp0UtYukafA=
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:22 2024 by rpki-client on console-fra.rpki-client.org