Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3231372e392e3234312e302f32342d3234203d3e203135343139.roa
File: 3231372e392e3234312e302f32342d3234203d3e203135343139.roa (raw, json)
Hash identifier: L21kRkdZ2QmcX+cx/JVTrHttc0a4k1I07irYyy6DF3U=
Subject key identifier: 96:74:BD:95:DF:32:39:4B:FC:C2:EA:9F:58:B6:70:D2:2D:44:33:72
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 387F05A3704A63ADB744AA7A3377785271814EBE
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3231372e392e3234312e302f32342d3234203d3e203135343139.roa
Signing time: Fri 07 Jul 2023 08:08:16 +0000
ROA not before: Fri 07 Jul 2023 08:03:16 +0000
ROA not after: Fri 05 Jul 2024 08:08:16 +0000
asID: 15419
IP address blocks: 217.9.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 17:41:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:7f:05:a3:70:4a:63:ad:b7:44:aa:7a:33:77:78:52:71:81:4e:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jul 7 08:03:16 2023 GMT
Not After : Jul 5 08:08:16 2024 GMT
Subject: CN=9674BD95DF32394BFCC2EA9F58B670D22D443372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0f:17:a0:c7:b3:79:e2:17:d0:ec:cf:42:d3:
fb:0f:24:96:1d:a9:c8:02:f9:75:3e:f9:ae:3b:95:
95:ca:da:5c:7e:4b:dc:b3:8f:c1:7c:b0:dd:54:80:
03:12:9d:fe:8d:95:41:44:9c:5e:a8:bf:13:e7:f7:
40:de:d4:13:49:4c:98:7b:4e:bc:af:6d:1c:fc:53:
33:d2:d6:cd:df:28:d9:18:a3:6a:89:26:83:76:67:
14:22:49:6b:2e:7b:7a:10:b0:4a:98:27:67:3e:f0:
49:4e:f6:59:53:49:b8:00:1d:cb:3f:2d:3c:1a:95:
09:49:1e:0a:34:0c:30:f4:58:73:e4:0c:23:8b:15:
41:77:ba:7e:f2:9f:61:c0:dd:4e:fd:6f:7e:40:ac:
01:f8:1b:d0:ac:85:82:75:18:3d:d8:48:61:9b:2c:
e0:62:00:b5:f8:4c:56:f5:aa:aa:27:bf:ad:57:20:
a1:14:1c:b3:68:61:9f:ac:2a:4c:ce:34:64:10:df:
5b:7c:95:46:d2:53:25:24:c3:5b:7a:7b:91:9b:80:
da:0f:f0:fb:60:fd:e9:c4:6b:bb:91:3c:33:3d:f5:
cb:ac:a0:e4:92:f7:eb:94:8b:ba:7e:42:14:da:50:
c4:e2:32:c0:5a:2d:07:68:a0:5a:3e:f4:ae:05:3c:
db:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:74:BD:95:DF:32:39:4B:FC:C2:EA:9F:58:B6:70:D2:2D:44:33:72
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3231372e392e3234312e302f32342d3234203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.9.241.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:a9:af:5b:e7:1d:3b:66:1d:4e:08:ec:55:98:4b:f0:8d:31:
d6:fe:4f:10:cd:44:c0:9b:0d:7e:d8:d1:7d:b2:fb:50:36:11:
2e:4c:dd:62:0b:e5:b3:80:28:eb:d4:24:5d:1f:31:a1:6e:8e:
15:58:1c:d7:a5:ee:9d:2c:66:8a:f7:1c:5a:9f:71:87:d2:04:
69:bf:b0:37:c0:5c:16:a3:f1:8d:b9:07:2f:9d:95:b8:8b:5c:
10:a8:c1:1c:8b:ca:93:76:52:93:5f:09:e1:9a:a2:e2:2c:62:
01:8d:54:ee:91:b7:fe:cd:62:c6:36:95:b7:96:b8:69:3c:78:
5b:9c:8f:2c:ff:0d:5b:47:02:c0:19:46:9a:f0:fb:70:d0:85:
34:71:20:3a:cf:3c:62:78:d6:8f:d1:f6:60:28:ea:bb:18:78:
00:f1:a2:aa:08:31:df:11:27:86:a2:5b:61:33:16:e5:59:d8:
79:de:46:cc:35:30:ab:18:6d:bf:23:ea:8d:76:ae:87:df:82:
a3:80:94:97:7f:84:e4:78:66:8a:de:96:8b:8a:59:e6:f4:b1:
28:16:7a:47:e4:46:84:c6:0a:a8:f2:81:a3:7e:c7:9e:da:f4:
94:26:a6:7b:c7:00:9a:84:9e:d4:6c:58:7e:30:1a:88:35:36:
1a:33:17:38
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUOH8Fo3BKY623RKp6M3d4UnGBTr4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yMzA3MDcwODAzMTZaFw0yNDA3MDUwODA4MTZaMDMxMTAvBgNV
BAMTKDk2NzRCRDk1REYzMjM5NEJGQ0MyRUE5RjU4QjY3MEQyMkQ0NDMzNzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/Dxegx7N54hfQ7M9C0/sPJJYd
qcgC+XU++a47lZXK2lx+S9yzj8F8sN1UgAMSnf6NlUFEnF6ovxPn90De1BNJTJh7
TryvbRz8UzPS1s3fKNkYo2qJJoN2ZxQiSWsue3oQsEqYJ2c+8ElO9llTSbgAHcs/
LTwalQlJHgo0DDD0WHPkDCOLFUF3un7yn2HA3U79b35ArAH4G9CshYJ1GD3YSGGb
LOBiALX4TFb1qqonv61XIKEUHLNoYZ+sKkzONGQQ31t8lUbSUyUkw1t6e5GbgNoP
8Ptg/enEa7uRPDM99cusoOSS9+uUi7p+QhTaUMTiMsBaLQdooFo+9K4FPNvzAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUlnS9ld8yOUv8wuqfWLZw0i1EM3IwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzIzMTM3MmUzOTJlMzIzNDMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANkJ
8TANBgkqhkiG9w0BAQsFAAOCAQEAjKmvW+cdO2YdTgjsVZhL8I0x1v5PEM1EwJsN
ftjRfbL7UDYRLkzdYgvls4Ao69QkXR8xoW6OFVgc16XunSxmivccWp9xh9IEab+w
N8BcFqPxjbkHL52VuItcEKjBHIvKk3ZSk18J4Zqi4ixiAY1U7pG3/s1ixjaVt5a4
aTx4W5yPLP8NW0cCwBlGmvD7cNCFNHEgOs88YnjWj9H2YCjquxh4APGiqggx3xEn
hqJbYTMW5VnYed5GzDUwqxhtvyPqjXauh9+Co4CUl3+E5Hhmit6Wi4pZ5vSxKBZ6
R+RGhMYKqPKBo37Hntr0lCame8cAmoSe1GxYfjAaiDU2GjMXOA==
-----END CERTIFICATE-----
Generated at Sat Jun 1 03:01:08 2024 by rpki-client on console-ams.rpki-client.org