Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e382e302f32322d3232203d3e203135343139.roa
File: 38392e3131362e382e302f32322d3232203d3e203135343139.roa (raw, json)
Hash identifier: oliv3UvDFKTa0wiNT7OiJ64JX3DbfwpBCCLlzIdzyhs=
Subject key identifier: 9A:9E:1D:6D:00:C7:21:CF:A7:D1:A1:2C:BE:A5:5E:F3:F1:A5:B7:7B
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 44A3B54DA83799B02BB666670EE90C19B32F2A88
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e382e302f32322d3232203d3e203135343139.roa
Signing time: Fri 07 Jul 2023 08:08:16 +0000
ROA not before: Fri 07 Jul 2023 08:03:16 +0000
ROA not after: Fri 05 Jul 2024 08:08:16 +0000
asID: 15419
IP address blocks: 89.116.8.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 17:41:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:a3:b5:4d:a8:37:99:b0:2b:b6:66:67:0e:e9:0c:19:b3:2f:2a:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jul 7 08:03:16 2023 GMT
Not After : Jul 5 08:08:16 2024 GMT
Subject: CN=9A9E1D6D00C721CFA7D1A12CBEA55EF3F1A5B77B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d6:9e:29:91:70:19:9d:e2:bb:db:8e:57:19:
3e:aa:cd:b3:85:9c:0b:45:eb:ea:27:f2:12:87:c3:
6c:63:dc:f5:6c:5d:8f:da:5b:93:25:79:57:f0:33:
de:46:43:0b:df:83:c5:1f:d7:e1:50:51:dc:45:52:
c1:54:3f:2c:29:0e:b2:9e:1c:2f:66:00:3a:ab:41:
d1:b1:f8:5e:e5:ab:b0:03:56:f9:34:23:62:c9:e2:
a9:22:c0:00:02:13:c4:71:d5:15:41:5b:43:9c:59:
a1:f5:4d:0c:06:f3:53:27:34:b6:a5:3e:cd:f4:2e:
4d:77:f2:b0:40:d7:73:65:43:28:a7:ca:f1:35:20:
8d:c2:6f:10:c2:bf:99:86:6c:ab:a5:c5:41:f9:cf:
0c:f7:ff:15:ee:64:3b:f0:d2:3b:37:60:f8:44:78:
7f:b7:b5:9d:97:e0:7c:8d:47:96:4b:3b:6a:b9:42:
f6:2f:32:44:dd:37:9b:c0:40:f4:bb:36:12:38:d9:
1b:1d:44:90:b5:55:9c:0d:1e:84:83:7c:e7:73:53:
87:aa:1f:6a:78:52:38:e9:ef:63:8c:8c:96:3e:f2:
69:00:01:2c:49:9c:b5:1e:5b:dc:90:4f:3d:a3:5e:
c3:58:b2:8a:06:cc:e9:28:ed:28:ab:53:16:93:90:
e9:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:9E:1D:6D:00:C7:21:CF:A7:D1:A1:2C:BE:A5:5E:F3:F1:A5:B7:7B
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e382e302f32322d3232203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.8.0/22
Signature Algorithm: sha256WithRSAEncryption
11:16:c0:62:20:4c:5f:a7:aa:14:de:c9:01:2d:ed:8b:a2:6a:
7b:03:f8:5c:76:b1:35:6f:33:08:de:41:9c:d4:55:fe:db:6c:
7f:dd:58:75:b1:d8:a6:14:1d:26:d4:58:54:88:42:98:92:df:
09:4d:6b:5d:60:f6:21:ec:c9:2b:86:d2:93:f8:ce:ea:9c:65:
e7:14:fc:a8:c6:e9:8e:b1:ca:69:92:2d:dc:bf:6f:8c:08:96:
d1:aa:f7:57:7c:b8:8b:04:57:ac:ce:86:58:4a:dd:95:25:94:
06:46:49:b3:02:e4:79:4d:35:eb:2d:dd:bf:5e:60:0b:27:17:
f7:92:0a:41:86:36:23:5f:c0:28:f2:51:4e:bb:95:22:d0:b4:
fb:1d:76:d2:c3:72:ce:c9:5d:5c:95:e1:90:32:e6:b1:98:42:
70:43:d4:1f:bd:8f:ab:c0:67:2a:4e:28:e6:69:4a:7e:a1:f7:
35:e9:18:85:51:cb:d6:50:14:0b:0c:b4:d1:e8:d2:df:c2:21:
1d:54:22:bb:0e:68:58:ec:8b:c0:c8:6b:e6:b8:03:b3:4e:57:
98:61:0b:af:63:13:22:18:6a:28:2b:bb:08:4f:cf:8a:6e:0c:
f8:5e:c8:fc:43:38:77:15:6f:01:72:2d:d4:20:0c:90:83:2d:
e9:2a:e3:2c
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIURKO1Tag3mbArtmZnDukMGbMvKogwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yMzA3MDcwODAzMTZaFw0yNDA3MDUwODA4MTZaMDMxMTAvBgNV
BAMTKDlBOUUxRDZEMDBDNzIxQ0ZBN0QxQTEyQ0JFQTU1RUYzRjFBNUI3N0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv1p4pkXAZneK7245XGT6qzbOF
nAtF6+on8hKHw2xj3PVsXY/aW5MleVfwM95GQwvfg8Uf1+FQUdxFUsFUPywpDrKe
HC9mADqrQdGx+F7lq7ADVvk0I2LJ4qkiwAACE8Rx1RVBW0OcWaH1TQwG81MnNLal
Ps30Lk138rBA13NlQyinyvE1II3CbxDCv5mGbKulxUH5zwz3/xXuZDvw0js3YPhE
eH+3tZ2X4HyNR5ZLO2q5QvYvMkTdN5vAQPS7NhI42RsdRJC1VZwNHoSDfOdzU4eq
H2p4Ujjp72OMjJY+8mkAASxJnLUeW9yQTz2jXsNYsooGzOko7SirUxaTkOmJAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUmp4dbQDHIc+n0aEsvqVe8/Glt3swHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzOTJlMzEzMTM2MmUzODJl
MzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMxMzUzNDMxMzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJZdAgw
DQYJKoZIhvcNAQELBQADggEBABEWwGIgTF+nqhTeyQEt7YuiansD+Fx2sTVvMwje
QZzUVf7bbH/dWHWx2KYUHSbUWFSIQpiS3wlNa11g9iHsySuG0pP4zuqcZecU/KjG
6Y6xymmSLdy/b4wIltGq91d8uIsEV6zOhlhK3ZUllAZGSbMC5HlNNest3b9eYAsn
F/eSCkGGNiNfwCjyUU67lSLQtPsddtLDcs7JXVyV4ZAy5rGYQnBD1B+9j6vAZypO
KOZpSn6h9zXpGIVRy9ZQFAsMtNHo0t/CIR1UIrsOaFjsi8DIa+a4A7NOV5hhC69j
EyIYaigruwhPz4puDPheyPxDOHcVbwFyLdQgDJCDLekq4yw=
-----END CERTIFICATE-----
Generated at Sat Jun 1 03:01:08 2024 by rpki-client on console-ams.rpki-client.org