Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3137382e302f32342d3234203d3e203135343139.roa
File: 38322e3134302e3137382e302f32342d3234203d3e203135343139.roa (raw, json)
Hash identifier: LHj7cEC3np/SL7KrzjVG4YK5k+/6vgSIt6qEAy8t6g8=
Subject key identifier: F4:85:39:3C:8F:BA:56:56:D5:7E:28:88:4B:F0:BD:45:AC:44:DD:D2
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 4D75B5279AF8BD5BA564E4EE2A2B2F05EA9CE3BA
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3137382e302f32342d3234203d3e203135343139.roa
Signing time: Fri 07 Jul 2023 08:08:17 +0000
ROA not before: Fri 07 Jul 2023 08:03:17 +0000
ROA not after: Fri 05 Jul 2024 08:08:17 +0000
asID: 15419
IP address blocks: 82.140.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:75:b5:27:9a:f8:bd:5b:a5:64:e4:ee:2a:2b:2f:05:ea:9c:e3:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jul 7 08:03:17 2023 GMT
Not After : Jul 5 08:08:17 2024 GMT
Subject: CN=F485393C8FBA5656D57E28884BF0BD45AC44DDD2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:37:d5:96:98:46:8f:bd:be:8c:36:ef:ac:81:
8a:fe:b6:eb:d7:9d:e0:3a:48:cc:97:03:20:8a:3f:
cc:e1:ed:9a:d5:56:65:10:b1:3c:ea:f8:67:e8:c4:
5d:93:86:90:b3:09:1d:eb:b9:8f:ac:b0:ad:bd:c7:
09:4f:15:62:fd:2a:d8:68:40:b9:07:ca:4f:a6:79:
e8:eb:46:a1:dc:a1:6b:2d:1e:af:5a:0a:16:ea:0a:
1b:cc:61:21:52:ac:54:ff:55:4f:54:15:b1:a7:ed:
b0:0e:e5:59:b8:fb:5d:31:15:4f:ca:f8:de:eb:bc:
29:57:e1:c3:6e:c3:4b:83:7f:5c:5f:58:2f:4c:67:
f0:85:6e:d1:0e:dd:71:ca:a1:e1:3b:a1:e4:9a:df:
1d:4c:4b:b3:94:90:33:9b:95:72:ee:1f:75:6a:89:
56:84:f1:ae:1e:d5:9d:73:89:af:80:8f:56:10:2c:
44:10:13:61:31:f6:30:fb:f3:9e:93:76:9b:cd:f2:
13:8c:1d:97:e5:de:66:15:7f:85:7d:0d:5e:0a:77:
92:0c:7b:e7:31:5a:fe:ce:e9:ae:d1:e6:17:7f:e2:
90:bf:22:10:ff:b7:81:b1:a2:64:f9:f7:b4:0e:1d:
17:f1:37:68:18:70:09:80:b7:1a:6a:79:b9:4a:10:
59:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:85:39:3C:8F:BA:56:56:D5:7E:28:88:4B:F0:BD:45:AC:44:DD:D2
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3137382e302f32342d3234203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.178.0/24
Signature Algorithm: sha256WithRSAEncryption
89:c2:3f:10:42:90:52:e3:f3:bd:64:50:46:45:7f:8d:a8:e2:
db:17:a8:41:e9:34:4d:1d:28:ed:73:5c:64:84:a2:22:d7:25:
0a:73:db:86:66:ae:21:c9:bc:64:cd:b7:26:29:f5:6e:9d:be:
43:14:da:d3:f0:8b:1f:26:b2:51:d3:97:59:d0:83:77:30:61:
e5:0c:5d:b0:a6:91:79:84:d7:cc:66:9d:68:9f:2d:65:0a:84:
0a:63:a6:f4:cb:2e:b1:79:15:bb:44:ca:80:14:fb:50:b4:12:
e8:e0:15:4d:6d:ab:2f:91:54:62:b4:7b:29:66:a8:25:51:6a:
40:ec:76:aa:ac:4f:13:7c:f1:73:17:c5:19:0f:ca:60:0f:69:
49:34:30:34:64:96:e7:25:25:32:b1:4b:24:cc:5e:3d:58:fd:
1c:5f:be:4f:87:74:d2:af:8e:20:4f:d1:22:70:56:7d:2a:d0:
5f:0e:f9:9d:74:72:27:2a:90:f0:42:ad:09:ce:8c:d2:db:12:
89:7b:fc:70:31:cd:77:e9:2a:67:e8:a2:f0:86:14:10:cc:50:
81:6e:3d:23:d1:8e:90:0c:20:1c:98:16:19:37:4d:94:b8:3f:
92:85:18:b0:2f:39:c8:3c:e2:f7:d9:e4:2b:cd:26:46:ee:08:
62:cf:46:d7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTXW1J5r4vVulZOTuKisvBeqc47owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yMzA3MDcwODAzMTdaFw0yNDA3MDUwODA4MTdaMDMxMTAvBgNV
BAMTKEY0ODUzOTNDOEZCQTU2NTZENTdFMjg4ODRCRjBCRDQ1QUM0NERERDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqN9WWmEaPvb6MNu+sgYr+tuvX
neA6SMyXAyCKP8zh7ZrVVmUQsTzq+GfoxF2ThpCzCR3ruY+ssK29xwlPFWL9Ktho
QLkHyk+meejrRqHcoWstHq9aChbqChvMYSFSrFT/VU9UFbGn7bAO5Vm4+10xFU/K
+N7rvClX4cNuw0uDf1xfWC9MZ/CFbtEO3XHKoeE7oeSa3x1MS7OUkDOblXLuH3Vq
iVaE8a4e1Z1zia+Aj1YQLEQQE2Ex9jD7856TdpvN8hOMHZfl3mYVf4V9DV4Kd5IM
e+cxWv7O6a7R5hd/4pC/IhD/t4GxomT597QOHRfxN2gYcAmAtxpqeblKEFl5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU9IU5PI+6VlbVfiiIS/C9RaxE3dIwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzMjJlMzEzNDMwMmUzMTM3
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzQzMTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UoyyMA0GCSqGSIb3DQEBCwUAA4IBAQCJwj8QQpBS4/O9ZFBGRX+NqOLbF6hB6TRN
HSjtc1xkhKIi1yUKc9uGZq4hybxkzbcmKfVunb5DFNrT8IsfJrJR05dZ0IN3MGHl
DF2wppF5hNfMZp1ony1lCoQKY6b0yy6xeRW7RMqAFPtQtBLo4BVNbasvkVRitHsp
ZqglUWpA7HaqrE8TfPFzF8UZD8pgD2lJNDA0ZJbnJSUysUskzF49WP0cX75Ph3TS
r44gT9EicFZ9KtBfDvmddHInKpDwQq0JzozS2xKJe/xwMc136Spn6KLwhhQQzFCB
bj0j0Y6QDCAcmBYZN02UuD+ShRiwLznIPOL32eQrzSZG7ghiz0bX
-----END CERTIFICATE-----
Generated at Sat Jun 1 01:00:43 2024 by rpki-client on console-fra.rpki-client.org