Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/39312e3230352e3130362e302f32342d3234203d3e20313336373837.roa
File: 39312e3230352e3130362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 743S+zON6DodqiGOh5x+rh8j4/RApeQ+MABVLi7zJRQ=
Subject key identifier: 90:DF:04:91:76:9B:C0:98:9B:CA:99:FA:8A:E8:26:F5:FE:29:D6:F2
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 37446FDCDBB2887956B521562DE494F0850CF7B1
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/39312e3230352e3130362e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 03 Apr 2024 19:03:27 +0000
ROA not before: Wed 03 Apr 2024 18:58:27 +0000
ROA not after: Wed 02 Apr 2025 19:03:27 +0000
asID: 136787
IP address blocks: 91.205.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:44:6f:dc:db:b2:88:79:56:b5:21:56:2d:e4:94:f0:85:0c:f7:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Apr 3 18:58:27 2024 GMT
Not After : Apr 2 19:03:27 2025 GMT
Subject: CN=90DF0491769BC0989BCA99FA8AE826F5FE29D6F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ef:ea:f4:31:f3:15:b0:ab:48:ba:1d:6b:0c:
82:c2:3f:d4:a0:aa:15:0e:46:4a:98:dd:c5:2f:fd:
35:37:2b:7b:cc:f2:0b:88:db:82:7e:51:8d:0d:8a:
11:fc:7b:7c:51:92:05:a4:fd:2e:61:40:21:8c:ed:
03:f8:e4:f5:c9:68:31:e7:7b:68:10:4a:14:ab:58:
43:e5:ad:8e:c1:93:d5:3d:a1:57:fc:fe:c6:04:6e:
21:a0:fd:ae:ef:cc:96:3c:8e:5f:7b:23:90:a1:62:
a5:93:41:1d:dd:6c:f2:c6:16:e4:2f:08:85:61:be:
18:e6:db:b6:4f:3c:f7:0a:23:98:4f:a3:14:08:03:
a8:8b:df:b5:12:bc:65:0e:2f:cc:5e:04:c3:96:f3:
5a:af:54:87:6b:13:be:ad:b9:f8:d6:35:18:ad:97:
f6:54:f8:d2:19:28:50:fe:f2:70:8e:bb:f0:c5:22:
79:f4:f7:bf:b4:28:53:68:fa:0a:60:b8:8e:3b:8b:
11:22:a0:e0:56:96:76:d2:d5:9b:3b:f1:9c:d8:15:
c1:c4:bd:d0:b2:94:81:43:3f:78:21:aa:16:c7:c3:
9d:17:6d:3e:cd:83:ac:99:af:86:79:8e:c3:62:bf:
fe:8e:c2:89:ec:d2:21:c6:0c:1f:32:21:7c:74:12:
3a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:DF:04:91:76:9B:C0:98:9B:CA:99:FA:8A:E8:26:F5:FE:29:D6:F2
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/39312e3230352e3130362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.106.0/24
Signature Algorithm: sha256WithRSAEncryption
17:87:0a:bb:6d:3e:5a:4b:77:4d:04:f8:f0:4c:fe:ab:e8:98:
cf:41:d9:b8:6a:20:3c:bc:30:36:02:4d:ee:cf:8b:9b:c8:21:
ab:b2:77:9f:c4:3f:81:3f:36:25:1c:05:e5:4a:57:3f:6b:cf:
6d:00:e7:4e:52:b1:2f:24:86:17:d6:91:0d:95:cd:bb:37:49:
32:e4:db:5d:4a:6d:4c:b4:74:c7:ed:0c:03:0d:00:a9:f6:71:
85:89:94:23:47:91:b3:df:fa:55:b8:65:c9:50:a0:77:6e:ce:
53:c2:ae:04:29:f9:a0:ac:8e:03:32:ce:77:ec:da:5b:ce:05:
97:68:6b:9f:92:00:1c:cd:26:6f:de:d5:7e:bc:76:86:07:49:
f0:24:de:75:bf:dd:be:3f:06:51:78:fe:a8:63:8a:28:e3:2b:
b7:3b:9c:e0:a6:fd:33:4a:76:77:c9:89:9e:f0:4f:cc:ab:9d:
4d:a7:4f:01:63:9d:b6:33:86:17:16:03:f8:96:9b:fc:4c:b6:
4f:2f:be:77:4c:eb:98:d4:f9:15:9d:bd:05:1f:84:8b:68:4e:
80:63:1d:75:85:96:f9:cc:93:36:f8:41:f1:dd:27:8a:23:15:
9b:b3:f1:85:1b:3c:58:a0:42:09:bf:06:3b:44:c8:46:f1:bd:
9c:76:00:ce
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUN0Rv3NuyiHlWtSFWLeSU8IUM97EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDA0MDMxODU4MjdaFw0yNTA0MDIxOTAzMjdaMDMxMTAvBgNV
BAMTKDkwREYwNDkxNzY5QkMwOTg5QkNBOTlGQThBRTgyNkY1RkUyOUQ2RjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM7+r0MfMVsKtIuh1rDILCP9Sg
qhUORkqY3cUv/TU3K3vM8guI24J+UY0NihH8e3xRkgWk/S5hQCGM7QP45PXJaDHn
e2gQShSrWEPlrY7Bk9U9oVf8/sYEbiGg/a7vzJY8jl97I5ChYqWTQR3dbPLGFuQv
CIVhvhjm27ZPPPcKI5hPoxQIA6iL37USvGUOL8xeBMOW81qvVIdrE76tufjWNRit
l/ZU+NIZKFD+8nCOu/DFInn097+0KFNo+gpguI47ixEioOBWlnbS1Zs78ZzYFcHE
vdCylIFDP3ghqhbHw50XbT7Ng6yZr4Z5jsNiv/6Owons0iHGDB8yIXx0Ejo1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUkN8EkXabwJibypn6iugm9f4p1vIwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzkzMTJlMzIzMDM1MmUzMTMw
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABbzWowDQYJKoZIhvcNAQELBQADggEBABeHCrttPlpLd00E+PBM/qvomM9B2bhq
IDy8MDYCTe7Pi5vIIauyd5/EP4E/NiUcBeVKVz9rz20A505SsS8khhfWkQ2Vzbs3
STLk211KbUy0dMftDAMNAKn2cYWJlCNHkbPf+lW4ZclQoHduzlPCrgQp+aCsjgMy
znfs2lvOBZdoa5+SABzNJm/e1X68doYHSfAk3nW/3b4/BlF4/qhjiijjK7c7nOCm
/TNKdnfJiZ7wT8yrnU2nTwFjnbYzhhcWA/iWm/xMtk8vvndM65jU+RWdvQUfhIto
ToBjHXWFlvnMkzb4QfHdJ4ojFZuz8YUbPFigQgm/BjtEyEbxvZx2AM4=
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:44:11 2024 by rpki-client on console-fra.rpki-client.org