Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31392e302f32342d3234203d3e203135343139.roa
File: 38392e3131362e31392e302f32342d3234203d3e203135343139.roa (raw, json)
Hash identifier: J34QjF816p0aSnQhWLllJT3x/G7EZmHiKTc4oGtQixM=
Subject key identifier: A5:B0:8E:6C:C5:44:6B:E0:09:BD:91:2B:29:EE:CB:DA:78:9E:19:A0
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 57FB3FAD622018A7E34CBE446C5CB29F411BEABA
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31392e302f32342d3234203d3e203135343139.roa
Signing time: Fri 07 Jul 2023 08:08:14 +0000
ROA not before: Fri 07 Jul 2023 08:03:14 +0000
ROA not after: Fri 05 Jul 2024 08:08:14 +0000
asID: 15419
IP address blocks: 89.116.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:fb:3f:ad:62:20:18:a7:e3:4c:be:44:6c:5c:b2:9f:41:1b:ea:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jul 7 08:03:14 2023 GMT
Not After : Jul 5 08:08:14 2024 GMT
Subject: CN=A5B08E6CC5446BE009BD912B29EECBDA789E19A0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ef:c4:06:d8:ac:34:38:25:56:09:85:c3:d3:
31:b5:1e:9c:f4:cf:18:f7:5d:64:d1:94:df:5c:ee:
82:f0:0c:24:df:57:8f:3c:88:48:35:5a:0e:00:a1:
0e:d1:21:43:d0:12:f8:40:d9:da:ef:9f:74:4c:e5:
22:c5:e8:93:63:73:26:48:e5:ea:5c:97:58:66:e3:
6d:9f:93:87:d2:eb:c9:2e:5a:e6:e4:ba:b1:68:1c:
93:d7:57:cd:da:2d:c9:fb:4d:fc:8b:6b:9a:09:ff:
2d:ba:96:c4:2d:f3:51:d6:97:ec:83:a0:51:11:bf:
48:54:80:be:1c:51:db:19:67:8e:ed:24:8f:8f:da:
e4:ee:a9:e1:d9:08:e9:4e:d3:42:5d:fc:63:90:8d:
c0:27:f0:04:55:16:40:0a:eb:2a:b8:4e:8a:4f:97:
f0:53:b9:f7:e3:1a:f9:3b:57:ec:74:10:3d:17:42:
26:9d:a6:30:07:6a:95:61:cd:e8:56:18:4b:e1:26:
58:08:39:ec:16:dd:34:d4:e0:7b:44:d7:ae:f9:30:
99:d8:5c:57:0c:80:8d:6e:ef:65:57:c0:3a:9c:d9:
b6:16:9f:f7:59:32:c5:cf:1b:df:0e:7a:c5:c6:38:
dd:0e:db:c7:6e:72:1f:3f:30:30:db:37:7a:f9:f5:
f3:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:B0:8E:6C:C5:44:6B:E0:09:BD:91:2B:29:EE:CB:DA:78:9E:19:A0
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31392e302f32342d3234203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.19.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:e3:47:ca:26:b6:cb:1d:df:18:6d:66:7b:7a:c9:04:2a:e0:
4a:7a:ea:a9:b4:97:29:6d:14:20:98:39:02:a0:f2:e3:01:3a:
b9:2a:88:59:3a:a2:03:ff:5e:ae:ab:5c:70:84:e5:f4:c3:a1:
f8:b4:8e:14:ed:45:ad:a7:cd:26:d9:60:5b:1e:83:d6:8d:f7:
08:bc:98:91:a2:d0:b4:ae:45:99:b8:9f:14:54:7a:5f:b0:77:
08:df:be:ea:eb:be:db:6b:b9:64:8c:53:5b:54:46:9e:8c:cb:
ef:97:f2:f7:14:65:dc:cc:5a:12:27:22:5b:a8:9b:79:cb:92:
5d:81:ce:86:54:42:80:a5:a8:7c:ee:7d:b3:80:6f:31:ea:b5:
18:54:da:77:24:f9:64:21:40:0c:77:1c:54:89:f0:c2:e4:bd:
9f:fe:74:aa:8a:fe:05:34:e1:85:4d:e9:7c:b2:0d:5c:cb:f7:
39:bf:5e:d4:dd:5d:83:3e:fb:dc:a3:24:f3:95:b2:11:2f:9d:
c3:fa:34:be:91:11:b9:e8:e3:35:e7:95:ca:79:94:d5:62:91:
4d:68:8a:9e:b2:1d:dd:a4:e1:5a:c7:a0:02:79:64:ca:49:df:
34:f6:32:44:42:29:99:d6:f6:41:ac:59:8d:5d:dc:69:32:79:
14:ef:52:16
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUV/s/rWIgGKfjTL5EbFyyn0Eb6rowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yMzA3MDcwODAzMTRaFw0yNDA3MDUwODA4MTRaMDMxMTAvBgNV
BAMTKEE1QjA4RTZDQzU0NDZCRTAwOUJEOTEyQjI5RUVDQkRBNzg5RTE5QTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs78QG2Kw0OCVWCYXD0zG1Hpz0
zxj3XWTRlN9c7oLwDCTfV488iEg1Wg4AoQ7RIUPQEvhA2drvn3RM5SLF6JNjcyZI
5epcl1hm422fk4fS68kuWubkurFoHJPXV83aLcn7TfyLa5oJ/y26lsQt81HWl+yD
oFERv0hUgL4cUdsZZ47tJI+P2uTuqeHZCOlO00Jd/GOQjcAn8ARVFkAK6yq4TopP
l/BTuffjGvk7V+x0ED0XQiadpjAHapVhzehWGEvhJlgIOewW3TTU4HtE1675MJnY
XFcMgI1u72VXwDqc2bYWn/dZMsXPG98OesXGON0O28duch8/MDDbN3r59fPTAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUpbCObMVEa+AJvZErKe7L2nieGaAwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzOTJlMzEzMTM2MmUzMTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFl0
EzANBgkqhkiG9w0BAQsFAAOCAQEACuNHyia2yx3fGG1me3rJBCrgSnrqqbSXKW0U
IJg5AqDy4wE6uSqIWTqiA/9erqtccITl9MOh+LSOFO1FrafNJtlgWx6D1o33CLyY
kaLQtK5FmbifFFR6X7B3CN++6uu+22u5ZIxTW1RGnozL75fy9xRl3MxaEiciW6ib
ecuSXYHOhlRCgKWofO59s4BvMeq1GFTadyT5ZCFADHccVInwwuS9n/50qor+BTTh
hU3pfLINXMv3Ob9e1N1dgz773KMk85WyES+dw/o0vpERuejjNeeVynmU1WKRTWiK
nrId3aThWsegAnlkyknfNPYyREIpmdb2QaxZjV3caTJ5FO9SFg==
-----END CERTIFICATE-----
Generated at Sat Jun 1 01:00:43 2024 by rpki-client on console-fra.rpki-client.org