Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/38392e34322e3131312e302f32342d3234203d3e203631333137.roa
File: 38392e34322e3131312e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: n60Ach8hEgM+hAZ0p4+yFnGLDWngU7Mbs027Tbg+PaQ=
Subject key identifier: 53:BD:BF:24:7B:8F:86:51:11:C2:56:5D:BC:C6:D9:9D:A8:CF:53:BF
Certificate issuer: /CN=ed9edb2a15871785fbae38e23c38820dbfa2cca4
Certificate serial: 4785120A2F110D38CD8A424BCBF3E664FDA30FC0
Authority key identifier: ED:9E:DB:2A:15:87:17:85:FB:AE:38:E2:3C:38:82:0D:BF:A2:CC:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/38392e34322e3131312e302f32342d3234203d3e203631333137.roa
Signing time: Wed 23 Aug 2023 11:20:26 +0000
ROA not before: Wed 23 Aug 2023 11:15:26 +0000
ROA not after: Wed 21 Aug 2024 11:20:26 +0000
asID: 61317
IP address blocks: 89.42.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.crl
rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.mft
rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:85:12:0a:2f:11:0d:38:cd:8a:42:4b:cb:f3:e6:64:fd:a3:0f:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed9edb2a15871785fbae38e23c38820dbfa2cca4
Validity
Not Before: Aug 23 11:15:26 2023 GMT
Not After : Aug 21 11:20:26 2024 GMT
Subject: CN=53BDBF247B8F865111C2565DBCC6D99DA8CF53BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:02:a2:70:0d:a7:5f:a8:f0:72:ba:bd:b4:55:
65:07:e0:07:7d:2d:e6:0e:6f:90:7b:c4:44:9f:f6:
f2:54:bb:34:41:15:2d:4d:42:5d:03:e6:8a:4b:bb:
1c:82:e7:26:27:81:9d:a3:57:e3:c2:6d:0c:af:6d:
0d:54:e6:86:cd:b2:cd:ae:c5:a4:ee:6a:8d:f0:fd:
ae:58:b0:59:1a:f0:5f:81:a9:ac:6e:5c:67:47:41:
15:a3:56:b0:b7:1d:18:7c:da:33:d4:6b:ac:ea:4a:
81:ac:69:07:5c:e9:d0:bc:76:42:bb:f5:fe:0b:17:
2b:28:38:83:d6:19:74:d6:08:5e:82:e6:fd:02:f7:
c3:49:ca:a7:2d:5f:c2:bf:8d:3f:54:6d:c5:97:fb:
6a:82:d7:65:41:0f:13:c4:e3:ea:e6:d3:05:c2:76:
03:3c:b4:f1:6d:40:7a:26:36:22:56:4b:9a:18:04:
b9:04:e2:7e:35:04:ec:44:3c:1f:03:a6:93:b9:f1:
fc:5f:8e:c0:9b:48:60:93:2e:bd:81:e9:d0:97:16:
1d:9f:49:51:73:0e:7d:9e:47:a7:da:43:d3:00:23:
26:df:a4:fa:11:ba:06:57:70:a6:bb:ee:77:39:be:
80:03:3b:b3:42:6e:31:e9:da:a9:2a:6f:86:89:de:
17:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:BD:BF:24:7B:8F:86:51:11:C2:56:5D:BC:C6:D9:9D:A8:CF:53:BF
X509v3 Authority Key Identifier:
keyid:ED:9E:DB:2A:15:87:17:85:FB:AE:38:E2:3C:38:82:0D:BF:A2:CC:A4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/38392e34322e3131312e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.111.0/24
Signature Algorithm: sha256WithRSAEncryption
69:aa:f9:4d:37:ab:72:53:92:ca:f1:45:ef:37:3b:7a:7b:ff:
be:93:41:16:ef:0d:1e:e9:5f:fd:2c:1d:49:da:c2:24:3f:72:
0e:c3:52:63:35:5e:88:82:d5:e2:7b:b9:c8:2d:21:3f:4a:a1:
35:8a:b8:3c:37:e9:56:84:6f:95:2d:3f:f6:5b:49:50:0d:e9:
81:c5:b3:c3:69:79:be:18:5a:2a:1e:0d:f1:2e:0a:57:61:aa:
20:18:3e:fb:5c:ee:8b:0e:90:71:ff:56:6d:6b:ca:41:98:1e:
89:84:a4:0c:e5:08:0b:1e:cd:c6:26:b1:03:56:06:b5:4d:98:
ee:f2:22:94:f9:c8:3f:2d:94:e4:4b:79:a4:96:22:1e:d5:3c:
58:bb:b6:1f:a3:65:70:a0:34:ad:68:54:53:36:a4:49:e6:12:
0f:12:39:1a:21:3c:62:90:95:c2:2f:34:89:49:79:e7:4f:a3:
41:11:bf:ac:ba:3e:f6:37:1b:45:d9:66:15:d5:9f:8b:89:62:
b3:29:1b:a5:53:66:2b:fb:d4:9b:63:b6:58:77:eb:89:9f:a9:
da:13:38:a9:17:e4:33:d6:33:94:2a:95:6c:61:a1:20:ed:1d:
64:40:b1:43:65:3c:c9:08:87:a6:1b:76:45:5a:f4:80:db:9c:
7d:ac:3e:d5
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUR4USCi8RDTjNikJLy/PmZP2jD8AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWQ5ZWRiMmExNTg3MTc4NWZiYWUzOGUyM2MzODgyMGRi
ZmEyY2NhNDAeFw0yMzA4MjMxMTE1MjZaFw0yNDA4MjExMTIwMjZaMDMxMTAvBgNV
BAMTKDUzQkRCRjI0N0I4Rjg2NTExMUMyNTY1REJDQzZEOTlEQThDRjUzQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFAqJwDadfqPByur20VWUH4Ad9
LeYOb5B7xESf9vJUuzRBFS1NQl0D5opLuxyC5yYngZ2jV+PCbQyvbQ1U5obNss2u
xaTuao3w/a5YsFka8F+BqaxuXGdHQRWjVrC3HRh82jPUa6zqSoGsaQdc6dC8dkK7
9f4LFysoOIPWGXTWCF6C5v0C98NJyqctX8K/jT9UbcWX+2qC12VBDxPE4+rm0wXC
dgM8tPFtQHomNiJWS5oYBLkE4n41BOxEPB8DppO58fxfjsCbSGCTLr2B6dCXFh2f
SVFzDn2eR6faQ9MAIybfpPoRugZXcKa77nc5voADO7NCbjHp2qkqb4aJ3heTAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUU72/JHuPhlERwlZdvMbZnajPU78wHwYDVR0j
BBgwFoAU7Z7bKhWHF4X7rjjiPDiCDb+izKQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWEwZGU5N2YtN2VlOC00Y2UwLWIwNDUtZWZhYzhjMjQz
Yzc5LzAvRUQ5RURCMkExNTg3MTc4NUZCQUUzOEUyM0MzODgyMERCRkEyQ0NBNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdaN2JLaFdIRjRYN3JqamlQRGlDRGIt
aXpLUS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWEwZGU5N2Yt
N2VlOC00Y2UwLWIwNDUtZWZhYzhjMjQzYzc5LzAvMzgzOTJlMzQzMjJlMzEzMTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMTMzMzEzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFkq
bzANBgkqhkiG9w0BAQsFAAOCAQEAaar5TTerclOSyvFF7zc7env/vpNBFu8NHulf
/SwdSdrCJD9yDsNSYzVeiILV4nu5yC0hP0qhNYq4PDfpVoRvlS0/9ltJUA3pgcWz
w2l5vhhaKh4N8S4KV2GqIBg++1zuiw6Qcf9WbWvKQZgeiYSkDOUICx7NxiaxA1YG
tU2Y7vIilPnIPy2U5Et5pJYiHtU8WLu2H6NlcKA0rWhUUzakSeYSDxI5GiE8YpCV
wi80iUl550+jQRG/rLo+9jcbRdlmFdWfi4lisykbpVNmK/vUm2O2WHfriZ+p2hM4
qRfkM9YzlCqVbGGhIO0dZECxQ2U8yQiHpht2RVr0gNucfaw+1Q==
-----END CERTIFICATE-----
Generated at Sat May 4 12:14:13 2024 by rpki-client on console-ams.rpki-client.org