Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/38392e33362e32312e302f32342d3234203d3e203339373538.roa
File: 38392e33362e32312e302f32342d3234203d3e203339373538.roa (raw, json)
Hash identifier: /ijy9l0HI8HaAO9MAnWtpH4k0u2zyPz2YOLtlAx415c=
Subject key identifier: 64:EF:EC:A6:2A:CC:02:56:A1:63:98:8A:F3:8E:A8:21:FF:AD:64:8F
Certificate issuer: /CN=ed9edb2a15871785fbae38e23c38820dbfa2cca4
Certificate serial: 30FC94803C9715C339A343461C7B9EEFF43B6BF3
Authority key identifier: ED:9E:DB:2A:15:87:17:85:FB:AE:38:E2:3C:38:82:0D:BF:A2:CC:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/38392e33362e32312e302f32342d3234203d3e203339373538.roa
Signing time: Wed 23 Aug 2023 11:20:11 +0000
ROA not before: Wed 23 Aug 2023 11:15:11 +0000
ROA not after: Wed 21 Aug 2024 11:20:11 +0000
asID: 39758
IP address blocks: 89.36.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.crl
rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.mft
rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Jun 2024 13:15:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:fc:94:80:3c:97:15:c3:39:a3:43:46:1c:7b:9e:ef:f4:3b:6b:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed9edb2a15871785fbae38e23c38820dbfa2cca4
Validity
Not Before: Aug 23 11:15:11 2023 GMT
Not After : Aug 21 11:20:11 2024 GMT
Subject: CN=64EFECA62ACC0256A163988AF38EA821FFAD648F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:26:0b:3a:67:51:7f:01:5f:a1:57:7e:5a:31:
40:55:72:9f:88:86:55:59:41:da:fa:c2:d6:d8:a8:
fb:d0:65:73:98:79:fe:62:2e:83:e2:36:06:36:2d:
59:23:5a:f6:f7:7a:a4:1d:7b:d6:a0:77:27:14:9a:
55:80:7a:19:42:b0:37:81:d0:27:37:02:5e:ea:37:
a3:61:33:1f:35:7a:d2:12:f7:15:63:ad:66:d4:9f:
7c:1c:76:ef:85:23:be:c3:c3:56:82:4f:0c:65:16:
7a:c1:d4:1e:49:f0:65:eb:2b:9c:61:bf:5b:9f:22:
f2:05:2c:d5:8e:45:53:cf:73:25:be:99:bf:b2:3b:
2c:0c:fd:0d:8d:81:d9:0a:77:d2:39:7b:4e:33:fa:
91:38:20:59:de:59:56:37:b9:c4:d2:96:f2:10:f3:
a2:2c:2f:1c:75:68:fd:ad:04:35:92:7b:36:25:a3:
a8:4d:e6:f5:f8:f3:6f:d8:6a:f3:37:12:1a:9a:9f:
7d:8d:bc:5c:44:b3:57:83:d4:e0:3e:3d:bd:43:3f:
9f:72:c7:f9:07:38:1f:82:eb:91:31:f5:62:5c:5e:
44:23:3b:90:2f:76:3a:45:b8:3f:c7:f5:b3:10:7e:
3e:6c:4b:e0:22:9f:8f:df:62:70:d5:ce:af:df:94:
27:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:EF:EC:A6:2A:CC:02:56:A1:63:98:8A:F3:8E:A8:21:FF:AD:64:8F
X509v3 Authority Key Identifier:
keyid:ED:9E:DB:2A:15:87:17:85:FB:AE:38:E2:3C:38:82:0D:BF:A2:CC:A4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/38392e33362e32312e302f32342d3234203d3e203339373538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.21.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:14:65:8a:6b:d1:df:7c:88:2a:79:b0:b1:be:e1:ee:c9:11:
35:86:d2:3f:86:8b:6d:05:fd:64:2e:c1:56:de:aa:bd:e4:bb:
6c:e6:69:e1:fb:56:18:2e:14:50:c9:13:a3:b1:f5:29:29:41:
99:dc:e0:01:13:fb:2d:f6:33:d6:b6:9e:b4:3a:6b:62:d5:c6:
aa:5c:8a:b7:f7:23:e2:41:19:f5:d5:59:80:94:f0:55:ed:c6:
2a:50:3d:9d:ee:e6:b5:74:b0:af:85:b6:22:3e:6a:7e:be:73:
e8:06:26:2a:8e:1b:f2:50:b0:6b:b8:5e:51:a5:3e:ea:56:83:
42:77:de:fb:0d:68:be:97:35:80:37:a8:25:d0:6d:b3:c7:3c:
d2:e1:7d:4f:90:ad:53:d5:d0:90:ae:b3:cd:b9:de:80:68:24:
46:e0:59:d6:7b:ba:d1:94:22:4d:c1:5b:ee:5e:47:26:41:b5:
ab:0f:50:1e:18:2d:da:05:67:bb:a9:00:00:42:ab:71:78:a2:
e0:81:0b:d9:70:78:18:99:b1:32:df:ca:e1:7d:12:04:d0:4a:
a2:7d:25:06:f2:77:f1:53:61:95:dd:21:25:c6:30:70:fa:cb:
19:9e:26:32:1c:9b:dc:79:5a:2c:a2:b8:c1:62:92:5c:b8:59:
e8:83:c6:a2
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUMPyUgDyXFcM5o0NGHHue7/Q7a/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWQ5ZWRiMmExNTg3MTc4NWZiYWUzOGUyM2MzODgyMGRi
ZmEyY2NhNDAeFw0yMzA4MjMxMTE1MTFaFw0yNDA4MjExMTIwMTFaMDMxMTAvBgNV
BAMTKDY0RUZFQ0E2MkFDQzAyNTZBMTYzOTg4QUYzOEVBODIxRkZBRDY0OEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpJgs6Z1F/AV+hV35aMUBVcp+I
hlVZQdr6wtbYqPvQZXOYef5iLoPiNgY2LVkjWvb3eqQde9agdycUmlWAehlCsDeB
0Cc3Al7qN6NhMx81etIS9xVjrWbUn3wcdu+FI77Dw1aCTwxlFnrB1B5J8GXrK5xh
v1ufIvIFLNWORVPPcyW+mb+yOywM/Q2NgdkKd9I5e04z+pE4IFneWVY3ucTSlvIQ
86IsLxx1aP2tBDWSezYlo6hN5vX482/YavM3Ehqan32NvFxEs1eD1OA+Pb1DP59y
x/kHOB+C65Ex9WJcXkQjO5AvdjpFuD/H9bMQfj5sS+Ain4/fYnDVzq/flCd5AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUZO/spirMAlahY5iK846oIf+tZI8wHwYDVR0j
BBgwFoAU7Z7bKhWHF4X7rjjiPDiCDb+izKQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWEwZGU5N2YtN2VlOC00Y2UwLWIwNDUtZWZhYzhjMjQz
Yzc5LzAvRUQ5RURCMkExNTg3MTc4NUZCQUUzOEUyM0MzODgyMERCRkEyQ0NBNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdaN2JLaFdIRjRYN3JqamlQRGlDRGIt
aXpLUS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWEwZGU5N2Yt
N2VlOC00Y2UwLWIwNDUtZWZhYzhjMjQzYzc5LzAvMzgzOTJlMzMzNjJlMzIzMTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzNzM1Mzgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABZJBUw
DQYJKoZIhvcNAQELBQADggEBAJoUZYpr0d98iCp5sLG+4e7JETWG0j+Gi20F/WQu
wVbeqr3ku2zmaeH7VhguFFDJE6Ox9SkpQZnc4AET+y32M9a2nrQ6a2LVxqpcirf3
I+JBGfXVWYCU8FXtxipQPZ3u5rV0sK+FtiI+an6+c+gGJiqOG/JQsGu4XlGlPupW
g0J33vsNaL6XNYA3qCXQbbPHPNLhfU+QrVPV0JCus8253oBoJEbgWdZ7utGUIk3B
W+5eRyZBtasPUB4YLdoFZ7upAABCq3F4ouCBC9lweBiZsTLfyuF9EgTQSqJ9JQby
d/FTYZXdISXGMHD6yxmeJjIcm9x5WiyiuMFikly4WeiDxqI=
-----END CERTIFICATE-----
Generated at Wed Jun 12 18:11:49 2024 by rpki-client on console-ams.rpki-client.org