Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31362e302f32332d3233203d3e203135343139.roa
File: 38392e3131362e31362e302f32332d3233203d3e203135343139.roa (raw, json)
Hash identifier: rhFDH+HSHu4ldLmFGmaAa5PHLCVApED+hpmGpIlda10=
Subject key identifier: BF:86:F7:7A:94:15:7B:BC:CF:C3:F3:6B:CB:71:E2:2E:1E:7A:77:EF
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 703CA9F5C01A64CD7FAAE4A0EEFDD06D84DE2C94
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31362e302f32332d3233203d3e203135343139.roa
Signing time: Fri 07 Jul 2023 08:08:14 +0000
ROA not before: Fri 07 Jul 2023 08:03:14 +0000
ROA not after: Fri 05 Jul 2024 08:08:14 +0000
asID: 15419
IP address blocks: 89.116.16.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 17:41:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:3c:a9:f5:c0:1a:64:cd:7f:aa:e4:a0:ee:fd:d0:6d:84:de:2c:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jul 7 08:03:14 2023 GMT
Not After : Jul 5 08:08:14 2024 GMT
Subject: CN=BF86F77A94157BBCCFC3F36BCB71E22E1E7A77EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:67:95:b8:de:d2:02:40:49:75:ba:d3:38:48:
69:bd:d1:e3:a3:62:34:64:1e:95:3b:9b:21:fb:50:
67:83:98:8a:e2:47:1d:90:9d:19:39:07:e1:90:75:
5b:08:46:40:0f:12:37:d4:62:5f:91:bd:e3:0f:11:
88:b2:9a:c1:2d:7e:c5:69:40:bf:0e:5d:05:f5:44:
91:a8:90:5a:62:bb:b6:b6:82:f5:7f:07:a7:8e:6b:
ba:2f:df:88:5a:cc:61:26:d3:e8:c5:58:98:d2:99:
1f:b2:ab:8e:89:06:52:b7:4c:ac:45:b3:1f:06:6b:
49:97:0f:63:9d:16:3d:0c:99:cc:52:89:e8:99:a1:
14:f4:59:b6:02:dd:f0:43:26:35:a7:4d:3a:ca:98:
41:b1:8e:ca:c8:34:42:2d:a7:ea:3c:23:17:6d:9d:
c1:75:6c:ae:d1:87:f2:a1:05:8c:e2:07:13:83:1f:
a6:06:42:23:73:df:05:82:a8:c5:ac:c6:a8:4d:94:
b1:a5:21:5a:47:4e:30:a8:ef:95:31:2b:8d:7b:1c:
f0:3e:f2:ee:8d:64:93:e8:90:8b:d8:f9:30:47:a7:
6d:a5:0d:38:14:b8:88:ab:31:8e:c7:97:65:e1:df:
b6:fa:ef:db:4a:d2:ce:7e:5c:03:fb:1b:c5:ba:77:
cd:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:86:F7:7A:94:15:7B:BC:CF:C3:F3:6B:CB:71:E2:2E:1E:7A:77:EF
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31362e302f32332d3233203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.16.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:98:59:6f:b7:02:07:04:57:8c:21:df:50:a0:70:01:23:7b:
5b:7f:55:1f:d5:5e:a7:11:a2:05:09:e4:9b:d3:5b:9a:35:d3:
46:df:1a:28:20:7b:69:48:e9:b8:52:07:9d:dd:45:2f:c7:65:
ca:33:d0:6a:59:f0:56:d4:85:92:89:d4:10:01:ef:ed:c2:f6:
94:37:b2:48:61:62:3a:02:b9:30:da:d2:64:5c:d0:12:17:8f:
6a:ef:2b:4a:cb:13:83:25:7d:bc:33:c2:cd:72:55:11:84:0b:
60:64:6d:a3:34:c7:33:67:ad:bd:ae:e1:68:3d:af:21:a4:8e:
d8:f5:f2:74:96:62:18:a0:64:4e:64:c1:a3:3f:9b:5f:d2:0d:
44:d7:0c:a7:b4:16:3a:e1:30:61:dd:67:74:6a:b9:01:8e:8d:
b3:bf:93:a6:54:36:fd:be:bc:17:b5:c7:21:d0:72:9e:c5:38:
b9:c4:a6:fe:25:34:08:7c:78:b9:f7:52:4f:27:ef:5d:e9:bb:
4b:4f:fd:c4:72:91:15:aa:c2:e2:57:cb:72:f1:26:b6:7e:8c:
bc:92:d0:1d:67:f2:8d:bc:aa:9a:de:9d:98:18:2d:61:b6:5f:
cb:fb:46:c0:fc:75:f7:7a:2e:88:8f:2f:c6:bd:bc:e7:5c:05:
63:53:4d:94
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUcDyp9cAaZM1/quSg7v3QbYTeLJQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yMzA3MDcwODAzMTRaFw0yNDA3MDUwODA4MTRaMDMxMTAvBgNV
BAMTKEJGODZGNzdBOTQxNTdCQkNDRkMzRjM2QkNCNzFFMjJFMUU3QTc3RUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVZ5W43tICQEl1utM4SGm90eOj
YjRkHpU7myH7UGeDmIriRx2QnRk5B+GQdVsIRkAPEjfUYl+RveMPEYiymsEtfsVp
QL8OXQX1RJGokFpiu7a2gvV/B6eOa7ov34hazGEm0+jFWJjSmR+yq46JBlK3TKxF
sx8Ga0mXD2OdFj0MmcxSieiZoRT0WbYC3fBDJjWnTTrKmEGxjsrINEItp+o8Ixdt
ncF1bK7Rh/KhBYziBxODH6YGQiNz3wWCqMWsxqhNlLGlIVpHTjCo75UxK417HPA+
8u6NZJPokIvY+TBHp22lDTgUuIirMY7Hl2Xh37b679tK0s5+XAP7G8W6d83fAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUv4b3epQVe7zPw/Nry3HiLh56d+8wHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzOTJlMzEzMTM2MmUzMTM2
MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVl0
EDANBgkqhkiG9w0BAQsFAAOCAQEAe5hZb7cCBwRXjCHfUKBwASN7W39VH9VepxGi
BQnkm9NbmjXTRt8aKCB7aUjpuFIHnd1FL8dlyjPQalnwVtSFkonUEAHv7cL2lDey
SGFiOgK5MNrSZFzQEhePau8rSssTgyV9vDPCzXJVEYQLYGRtozTHM2etva7haD2v
IaSO2PXydJZiGKBkTmTBoz+bX9INRNcMp7QWOuEwYd1ndGq5AY6Ns7+TplQ2/b68
F7XHIdBynsU4ucSm/iU0CHx4ufdSTyfvXem7S0/9xHKRFarC4lfLcvEmtn6MvJLQ
HWfyjbyqmt6dmBgtYbZfy/tGwPx193ouiI8vxr2851wFY1NNlA==
-----END CERTIFICATE-----
Generated at Sat Jun 1 03:01:08 2024 by rpki-client on console-ams.rpki-client.org