Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3231372e392e3234312e302f32342d3234203d3e203135343139.roa
File: 3231372e392e3234312e302f32342d3234203d3e203135343139.roa (raw, json)
Hash identifier: p4ZDdtK86rJtR1Yy0U4pqQrkMy9Mt2wV6blAzKoSX2U=
Subject key identifier: F3:4A:9D:78:33:7C:12:0B:96:E9:89:8B:B8:F0:8E:BF:6F:87:0C:14
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 269BFC3CFBF4D56F0559EFFF4E98DE795C72C88A
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3231372e392e3234312e302f32342d3234203d3e203135343139.roa
Signing time: Fri 07 Jun 2024 09:01:52 +0000
ROA not before: Fri 07 Jun 2024 08:56:52 +0000
ROA not after: Fri 06 Jun 2025 09:01:52 +0000
asID: 15419
IP address blocks: 217.9.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:9b:fc:3c:fb:f4:d5:6f:05:59:ef:ff:4e:98:de:79:5c:72:c8:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jun 7 08:56:52 2024 GMT
Not After : Jun 6 09:01:52 2025 GMT
Subject: CN=F34A9D78337C120B96E9898BB8F08EBF6F870C14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a0:35:e3:b5:16:28:1b:86:b5:49:ef:36:0b:
e6:6f:b5:64:1e:bb:52:c2:25:c7:92:94:db:2f:4b:
c1:b2:8c:99:4c:d9:53:91:e7:7c:a8:ff:c1:e3:27:
31:2b:d8:b7:0b:8c:ae:90:2e:ac:02:e5:cd:37:ae:
ff:84:49:1a:93:5e:42:08:65:51:a1:c1:27:ae:9e:
63:a6:7b:3a:6b:48:18:07:52:e9:92:c6:f0:a0:c9:
cf:04:45:24:1a:c1:26:e4:92:ab:66:8b:0e:e9:43:
00:5e:b9:99:4c:14:84:e9:db:9a:f7:21:00:3f:ea:
c2:e6:54:28:51:b2:64:1d:b3:cd:49:71:94:ae:56:
bf:0a:8b:53:23:77:6c:96:28:d1:51:0e:d2:84:53:
5d:99:99:8e:7d:b5:fd:34:4a:88:74:87:e8:5e:f8:
ed:fd:9a:30:57:e4:6f:55:c7:a6:5f:3b:85:51:66:
36:8a:b3:6e:40:e2:86:0a:a0:24:5e:34:fb:26:ff:
3e:a3:b6:6f:12:1a:6d:58:c5:ac:b0:c6:96:b8:b4:
53:f3:ed:e6:54:5e:37:1e:78:06:12:27:9c:dc:9d:
61:4a:83:f4:62:bd:f2:f5:e7:f6:97:5e:63:6e:e6:
c0:7b:9c:7e:c0:93:ae:4f:6a:f2:1e:a5:b6:25:72:
67:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:4A:9D:78:33:7C:12:0B:96:E9:89:8B:B8:F0:8E:BF:6F:87:0C:14
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3231372e392e3234312e302f32342d3234203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.9.241.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:46:0a:78:4c:e3:35:00:cb:d7:1c:67:35:c9:45:79:20:e7:
69:be:2d:ce:06:35:12:ac:01:85:b8:d9:f9:ed:4f:6c:9b:7a:
f0:34:4e:09:ff:da:3e:4a:9e:f9:28:46:5a:c6:75:58:bf:62:
42:15:ba:01:a4:3b:60:a6:85:fc:41:b5:a1:a6:15:39:87:80:
ff:cd:85:b1:a4:e2:47:68:3a:7f:05:eb:3c:d4:ad:40:fa:27:
0c:2f:6a:e3:db:19:d7:83:87:b1:ab:2c:e5:1c:60:55:ec:24:
70:64:b1:53:18:50:6c:e0:f6:f3:da:df:a4:44:f1:79:54:8b:
10:0f:6c:69:83:2a:32:71:cb:ab:f8:cc:b9:8e:b1:cd:96:3a:
d9:d7:70:b2:61:8d:58:fb:1b:9c:b9:0b:3e:5c:95:63:f9:3f:
91:1d:08:8b:dc:1a:76:c7:ff:9b:07:50:65:e2:89:57:74:05:
85:45:55:0a:58:4a:fb:50:68:65:20:02:b0:4b:8e:30:a7:d7:
1b:58:06:80:cd:5a:b6:e7:fd:5d:07:be:42:d8:b7:0f:52:9f:
7d:26:78:e6:aa:ae:8c:22:e0:19:71:91:e0:7d:b2:d0:4c:15:
8b:7a:63:e9:7c:c7:1b:94:6d:97:1f:6b:b7:6c:f9:8b:35:48:
a1:06:8d:6b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUJpv8PPv01W8FWe//TpjeeVxyyIowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNDA2MDcwODU2NTJaFw0yNTA2MDYwOTAxNTJaMDMxMTAvBgNV
BAMTKEYzNEE5RDc4MzM3QzEyMEI5NkU5ODk4QkI4RjA4RUJGNkY4NzBDMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMoDXjtRYoG4a1Se82C+ZvtWQe
u1LCJceSlNsvS8GyjJlM2VOR53yo/8HjJzEr2LcLjK6QLqwC5c03rv+ESRqTXkII
ZVGhwSeunmOmezprSBgHUumSxvCgyc8ERSQawSbkkqtmiw7pQwBeuZlMFITp25r3
IQA/6sLmVChRsmQds81JcZSuVr8Ki1Mjd2yWKNFRDtKEU12ZmY59tf00Soh0h+he
+O39mjBX5G9Vx6ZfO4VRZjaKs25A4oYKoCReNPsm/z6jtm8SGm1Yxaywxpa4tFPz
7eZUXjceeAYSJ5zcnWFKg/RivfL15/aXXmNu5sB7nH7Ak65PavIepbYlcmdLAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU80qdeDN8EguW6YmLuPCOv2+HDBQwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzIzMTM3MmUzOTJlMzIzNDMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANkJ
8TANBgkqhkiG9w0BAQsFAAOCAQEAPUYKeEzjNQDL1xxnNclFeSDnab4tzgY1EqwB
hbjZ+e1PbJt68DROCf/aPkqe+ShGWsZ1WL9iQhW6AaQ7YKaF/EG1oaYVOYeA/82F
saTiR2g6fwXrPNStQPonDC9q49sZ14OHsass5RxgVewkcGSxUxhQbOD289rfpETx
eVSLEA9saYMqMnHLq/jMuY6xzZY62ddwsmGNWPsbnLkLPlyVY/k/kR0Ii9wadsf/
mwdQZeKJV3QFhUVVClhK+1BoZSACsEuOMKfXG1gGgM1atuf9XQe+Qti3D1KffSZ4
5qqujCLgGXGR4H2y0EwVi3pj6XzHG5Rtlx9rt2z5izVIoQaNaw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:15 2024 by rpki-client on console-ams.rpki-client.org