Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39322e3234322e3139312e302f32342d3234203d3e20313336373837.roa
File: 39322e3234322e3139312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: rL3tRz8hDlhXJYsXHAdatlyIoU2q+qOYSUGm52mzBF4=
Subject key identifier: 08:11:DA:87:78:EB:EE:37:D7:21:99:64:2C:13:7B:FF:42:02:34:86
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 64C8C7EF931D290E03C1D49A2DC4BA6F36F88C01
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39322e3234322e3139312e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 07 Feb 2024 12:34:06 +0000
ROA not before: Wed 07 Feb 2024 12:29:06 +0000
ROA not after: Wed 05 Feb 2025 12:34:06 +0000
asID: 136787
IP address blocks: 92.242.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:c8:c7:ef:93:1d:29:0e:03:c1:d4:9a:2d:c4:ba:6f:36:f8:8c:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 7 12:29:06 2024 GMT
Not After : Feb 5 12:34:06 2025 GMT
Subject: CN=0811DA8778EBEE37D72199642C137BFF42023486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f0:ad:c4:28:cf:39:b3:65:6b:9a:d5:8e:73:
fe:a0:67:d4:90:9b:a1:cd:6c:21:c4:94:8c:7d:7c:
76:c6:8b:1b:8d:ea:6b:99:14:f7:04:62:49:c4:87:
f1:11:36:27:03:55:aa:87:e7:3e:60:0a:03:da:43:
55:47:ee:1b:51:75:d4:ea:35:23:39:01:a6:da:37:
6e:e7:f9:cc:59:70:ed:ab:71:23:b4:db:0d:10:4a:
6a:be:d6:37:ab:13:40:4e:7e:54:40:cc:b9:4e:40:
b3:13:c3:a4:af:85:7c:64:33:7b:52:ca:df:c7:e2:
c4:ce:9b:1a:78:0a:39:be:c1:81:ad:ef:fb:db:8d:
71:53:48:d8:aa:5e:b9:ee:57:c0:c9:1c:08:01:24:
f2:57:6b:a0:14:aa:ac:1f:5c:df:90:70:24:84:b0:
51:27:1d:a1:9e:de:bc:1e:32:de:ff:ee:45:35:5c:
fa:a2:6c:34:fb:27:8d:4a:f5:4d:93:75:03:8c:66:
7a:fc:12:3e:bc:18:38:53:ed:74:a2:38:53:8a:50:
0a:e5:d1:07:f6:01:72:0a:c7:ef:f1:b1:29:92:70:
7b:52:a7:fb:ca:bf:0f:cb:94:6b:1e:d4:ab:66:12:
62:53:2e:15:e4:95:a9:db:d5:80:08:73:13:e1:39:
df:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:11:DA:87:78:EB:EE:37:D7:21:99:64:2C:13:7B:FF:42:02:34:86
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39322e3234322e3139312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.242.191.0/24
Signature Algorithm: sha256WithRSAEncryption
52:b9:90:e6:21:51:75:11:e6:7b:fd:d8:09:b3:f4:20:54:9b:
c4:15:67:21:f9:f6:88:80:f1:a3:25:32:cd:7d:9f:de:b2:22:
65:c4:cb:4a:68:70:ac:17:1f:d8:05:f2:82:2c:5f:ed:7e:a5:
3a:80:6a:1a:f2:13:1e:ab:82:41:d2:1c:c7:a7:81:ca:54:6f:
1d:96:5a:cf:55:c1:e3:9f:6e:fa:82:39:8d:ff:28:8e:07:54:
8a:ee:0d:f3:6a:c6:c7:00:4a:45:71:56:5d:fd:10:38:10:1f:
9a:bd:8b:51:16:14:e3:a6:ed:0e:1a:59:97:2d:22:d8:85:62:
a0:46:ab:78:a6:7a:6b:0a:85:44:87:16:31:60:d4:06:d9:7b:
f8:b0:37:71:a3:60:04:61:7a:77:fa:35:ae:1a:59:54:cc:a6:
f5:be:a9:25:cf:e9:c2:70:6f:6d:90:e5:42:86:2b:33:49:ee:
37:65:82:53:fd:25:c0:e7:15:91:60:64:59:bd:53:13:c5:a1:
da:fc:95:ed:34:b3:fa:5d:27:0b:7c:c5:aa:92:1e:6f:79:fa:
2c:9e:d4:8c:e1:f3:02:57:36:34:08:a9:8e:08:47:2d:f4:79:
9b:5f:fd:43:51:c8:b0:35:d2:ee:7f:46:a5:e6:67:6b:a8:51:
23:85:44:3f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZMjH75MdKQ4DwdSaLcS6bzb4jAEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMDcxMjI5MDZaFw0yNTAyMDUxMjM0MDZaMDMxMTAvBgNV
BAMTKDA4MTFEQTg3NzhFQkVFMzdENzIxOTk2NDJDMTM3QkZGNDIwMjM0ODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr8K3EKM85s2VrmtWOc/6gZ9SQ
m6HNbCHElIx9fHbGixuN6muZFPcEYknEh/ERNicDVaqH5z5gCgPaQ1VH7htRddTq
NSM5AabaN27n+cxZcO2rcSO02w0QSmq+1jerE0BOflRAzLlOQLMTw6SvhXxkM3tS
yt/H4sTOmxp4Cjm+wYGt7/vbjXFTSNiqXrnuV8DJHAgBJPJXa6AUqqwfXN+QcCSE
sFEnHaGe3rweMt7/7kU1XPqibDT7J41K9U2TdQOMZnr8Ej68GDhT7XSiOFOKUArl
0Qf2AXIKx+/xsSmScHtSp/vKvw/LlGse1KtmEmJTLhXklanb1YAIcxPhOd9FAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUCBHah3jr7jfXIZlkLBN7/0ICNIYwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzkzMjJlMzIzNDMyMmUzMTM5
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABc8r8wDQYJKoZIhvcNAQELBQADggEBAFK5kOYhUXUR5nv92Amz9CBUm8QVZyH5
9oiA8aMlMs19n96yImXEy0pocKwXH9gF8oIsX+1+pTqAahryEx6rgkHSHMengcpU
bx2WWs9VweOfbvqCOY3/KI4HVIruDfNqxscASkVxVl39EDgQH5q9i1EWFOOm7Q4a
WZctItiFYqBGq3imemsKhUSHFjFg1AbZe/iwN3GjYARhenf6Na4aWVTMpvW+qSXP
6cJwb22Q5UKGKzNJ7jdlglP9JcDnFZFgZFm9UxPFodr8le00s/pdJwt8xaqSHm95
+iye1Izh8wJXNjQIqY4IRy30eZtf/UNRyLA10u5/RqXmZ2uoUSOFRD8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:44 2024 by rpki-client on console-ams.rpki-client.org