Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39322e3234322e3139302e302f32342d3234203d3e20313336373837.roa
File: 39322e3234322e3139302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: EMu6qqZG+ICTLROsRqV65++tU6h5woheKT2tDx6NxxA=
Subject key identifier: 5F:AB:33:DE:9D:71:44:D0:99:78:7E:DC:0D:9B:AB:03:45:96:10:6F
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 291DA3D81B8C3880F317B4C8E8F06EF133478970
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39322e3234322e3139302e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 07 Feb 2024 12:34:04 +0000
ROA not before: Wed 07 Feb 2024 12:29:04 +0000
ROA not after: Wed 05 Feb 2025 12:34:04 +0000
asID: 136787
IP address blocks: 92.242.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:1d:a3:d8:1b:8c:38:80:f3:17:b4:c8:e8:f0:6e:f1:33:47:89:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 7 12:29:04 2024 GMT
Not After : Feb 5 12:34:04 2025 GMT
Subject: CN=5FAB33DE9D7144D099787EDC0D9BAB034596106F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:42:78:01:57:a1:b3:33:5c:7e:cb:52:ef:9c:
e2:ac:a4:ba:ea:ca:70:0c:dc:c8:d4:9f:b5:6f:1c:
1c:70:1d:71:f1:f6:70:61:fe:41:6a:3d:76:10:74:
07:1a:aa:67:e8:3b:47:5c:53:0e:be:1a:fc:d5:e7:
92:4e:90:8c:3b:0c:07:d4:46:45:2c:30:83:46:26:
d9:cf:88:35:72:29:05:75:75:e4:9b:3e:fb:d7:1a:
aa:74:5d:c8:c0:30:a4:35:1e:ae:60:a8:e4:39:ab:
0c:e4:a6:5f:3a:08:69:8d:3d:77:c5:53:6a:eb:1a:
e5:b3:6c:8a:62:36:47:c1:4e:84:70:2f:ab:d5:85:
e9:0c:52:dd:96:8c:35:a7:87:1a:4e:59:38:e9:12:
e5:e7:b8:80:98:c3:56:e3:71:0b:b9:81:01:a9:a7:
42:e9:86:b9:53:c3:24:d8:3d:1a:36:7f:f4:23:08:
39:9d:a6:af:5e:2c:2c:8d:29:49:39:e8:39:8e:26:
9e:79:6d:49:ea:db:68:3d:9f:3f:22:cf:90:a5:2e:
f0:48:12:52:a4:9d:24:86:8b:49:79:6c:5f:f0:cd:
58:2e:5f:ad:2b:78:f2:55:74:1f:14:40:84:d0:d9:
0d:39:cd:c7:04:96:70:a3:5b:fa:8f:68:99:ee:e3:
f8:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:AB:33:DE:9D:71:44:D0:99:78:7E:DC:0D:9B:AB:03:45:96:10:6F
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39322e3234322e3139302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.242.190.0/24
Signature Algorithm: sha256WithRSAEncryption
13:e8:8f:49:1e:3d:28:22:38:76:1e:5b:35:53:36:4f:68:33:
45:aa:16:c9:99:79:20:d4:75:07:8b:79:2c:d3:1c:ae:14:8d:
5b:ce:36:3c:3b:5f:29:e5:4b:dd:e1:50:ff:10:15:16:a5:4b:
9f:44:24:15:ce:f1:2a:24:d9:02:2e:7a:a2:49:50:29:3e:8a:
5d:d9:7c:66:1b:5f:43:4c:5f:34:a5:7c:f2:39:59:20:b3:c5:
02:5e:16:3d:3b:92:9a:44:e3:18:97:ec:dc:97:c9:6f:9a:d2:
6b:ea:0a:b8:3e:c5:19:5d:c0:0c:35:7b:9b:8e:f9:13:53:a5:
f1:c7:6b:62:8f:72:02:4d:e7:49:dd:dc:f0:ba:a1:ca:16:ed:
2c:a3:41:c3:fb:43:b9:87:56:f4:95:ad:de:c1:39:e6:4f:66:
67:c2:eb:ff:35:dc:a8:fe:b1:e9:0e:b8:07:17:ff:18:9b:92:
0a:7c:64:08:75:47:33:4f:10:76:26:9c:1a:90:18:7f:19:e2:
a7:82:7b:47:3d:25:45:d2:61:27:b1:49:56:60:56:f2:65:0d:
ee:5e:0a:5b:4c:a7:5d:3e:12:f4:46:32:56:be:07:16:50:f6:
8b:48:4b:8d:10:c0:e0:8e:80:6e:cb:56:0d:7f:5c:49:29:52:
80:b8:ac:c4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKR2j2BuMOIDzF7TI6PBu8TNHiXAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMDcxMjI5MDRaFw0yNTAyMDUxMjM0MDRaMDMxMTAvBgNV
BAMTKDVGQUIzM0RFOUQ3MTQ0RDA5OTc4N0VEQzBEOUJBQjAzNDU5NjEwNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPQngBV6GzM1x+y1LvnOKspLrq
ynAM3MjUn7VvHBxwHXHx9nBh/kFqPXYQdAcaqmfoO0dcUw6+GvzV55JOkIw7DAfU
RkUsMINGJtnPiDVyKQV1deSbPvvXGqp0XcjAMKQ1Hq5gqOQ5qwzkpl86CGmNPXfF
U2rrGuWzbIpiNkfBToRwL6vVhekMUt2WjDWnhxpOWTjpEuXnuICYw1bjcQu5gQGp
p0LphrlTwyTYPRo2f/QjCDmdpq9eLCyNKUk56DmOJp55bUnq22g9nz8iz5ClLvBI
ElKknSSGi0l5bF/wzVguX60rePJVdB8UQITQ2Q05zccElnCjW/qPaJnu4/hxAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUX6sz3p1xRNCZeH7cDZurA0WWEG8wHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzkzMjJlMzIzNDMyMmUzMTM5
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABc8r4wDQYJKoZIhvcNAQELBQADggEBABPoj0kePSgiOHYeWzVTNk9oM0WqFsmZ
eSDUdQeLeSzTHK4UjVvONjw7XynlS93hUP8QFRalS59EJBXO8Sok2QIueqJJUCk+
il3ZfGYbX0NMXzSlfPI5WSCzxQJeFj07kppE4xiX7NyXyW+a0mvqCrg+xRldwAw1
e5uO+RNTpfHHa2KPcgJN50nd3PC6ocoW7SyjQcP7Q7mHVvSVrd7BOeZPZmfC6/81
3Kj+sekOuAcX/xibkgp8ZAh1RzNPEHYmnBqQGH8Z4qeCe0c9JUXSYSexSVZgVvJl
De5eCltMp10+EvRGMla+BxZQ9otIS40QwOCOgG7LVg1/XEkpUoC4rMQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org