Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3231372e392e3235342e302f32332d3233203d3e203135343139.roa
File: 3231372e392e3235342e302f32332d3233203d3e203135343139.roa (raw, json)
Hash identifier: ytIjzRM2QHUDdWLnY1oaDhW3e5kak0xdKzdBBDfsG6c=
Subject key identifier: C9:00:D2:4C:A4:BA:84:64:A5:B8:13:5A:25:7C:23:BC:04:7B:B2:74
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 2A17CFA8F7BAD086BAE0F5979EF41F4FD80C3B2B
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3231372e392e3235342e302f32332d3233203d3e203135343139.roa
Signing time: Fri 07 Jul 2023 08:08:14 +0000
ROA not before: Fri 07 Jul 2023 08:03:14 +0000
ROA not after: Fri 05 Jul 2024 08:08:14 +0000
asID: 15419
IP address blocks: 217.9.254.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:17:cf:a8:f7:ba:d0:86:ba:e0:f5:97:9e:f4:1f:4f:d8:0c:3b:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jul 7 08:03:14 2023 GMT
Not After : Jul 5 08:08:14 2024 GMT
Subject: CN=C900D24CA4BA8464A5B8135A257C23BC047BB274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:53:03:e7:d7:7e:cb:3f:83:52:b9:b3:95:74:
69:6e:e0:72:7a:2d:60:5a:b2:9b:a1:76:6a:a0:f3:
7c:64:ec:d9:ba:af:07:d5:fb:e5:77:d6:8f:cd:10:
35:03:22:aa:e4:5e:94:10:fb:84:59:69:9f:7e:8a:
35:a4:43:89:fe:8d:a3:7b:91:8f:d1:d5:18:d2:49:
46:74:50:52:65:41:f1:e8:fc:63:82:c6:08:3e:5e:
e1:16:34:b2:6e:78:5e:64:3f:06:db:ec:17:7e:b7:
18:5e:25:9a:a9:61:92:e8:39:e0:7e:73:17:95:84:
5b:7f:b0:fe:f2:b9:fa:f6:f4:96:c4:ab:b7:d3:08:
64:82:98:f9:67:f2:09:ac:a8:3f:b8:43:fe:b2:28:
37:85:79:7d:5a:69:6e:77:27:a0:dd:22:a4:6c:73:
7b:f1:f1:5e:38:68:2b:5e:a8:6f:67:e6:9b:b5:71:
a1:81:8b:dc:5b:f2:82:a3:7a:5c:99:98:3b:7f:33:
35:f5:5c:81:a9:29:6c:ce:69:50:3c:45:86:ef:74:
4b:83:0d:8a:a3:80:ff:b3:51:26:97:60:0f:9a:3e:
69:22:6d:ec:96:34:57:1f:ce:b0:15:f7:13:c4:fd:
7f:c2:98:74:7d:20:cb:da:79:40:ae:a3:9d:82:b2:
dc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:00:D2:4C:A4:BA:84:64:A5:B8:13:5A:25:7C:23:BC:04:7B:B2:74
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3231372e392e3235342e302f32332d3233203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.9.254.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:fc:39:a3:fc:1a:e8:ca:11:af:41:2b:77:b0:69:e0:56:85:
9b:ba:a7:f0:b9:d6:11:77:4c:c5:e9:3b:1f:71:cb:cc:27:48:
52:b4:fc:53:f3:5a:fd:17:f5:64:06:c4:3e:08:44:5e:b1:32:
d0:58:8e:8b:ed:4b:0c:66:d9:4f:8d:0c:6e:a0:2a:ce:36:0e:
be:35:e1:f7:04:58:d7:89:77:e3:5c:0e:43:5e:06:3b:a5:51:
23:92:6b:66:22:0f:bb:8d:60:b4:e1:7f:5a:d0:6b:52:1b:23:
b0:97:c4:49:6f:9c:47:1c:2c:d7:40:8e:fa:12:fa:2c:7f:0c:
97:13:03:a5:c2:dc:89:44:46:78:ca:c0:2c:93:b1:0b:d9:17:
77:a1:58:14:fa:c0:55:93:8b:8b:bb:a3:93:c7:81:d9:22:15:
bc:db:a4:59:f6:0e:8a:22:68:dc:1d:de:06:e1:cf:f1:92:c4:
63:f8:88:e7:3b:53:4c:47:2a:fb:7d:3d:db:17:30:af:64:92:
a7:5f:7d:bb:f4:5b:73:0e:4d:07:b3:23:bb:01:e8:14:ee:c7:
79:b2:7d:46:6d:13:eb:ba:71:4c:b6:8e:c2:34:b4:fc:8d:5c:
da:3a:8c:1f:ab:05:0b:b7:cb:f0:a9:a2:36:76:b8:37:db:36:
09:6f:03:d9
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUKhfPqPe60Ia64PWXnvQfT9gMOyswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yMzA3MDcwODAzMTRaFw0yNDA3MDUwODA4MTRaMDMxMTAvBgNV
BAMTKEM5MDBEMjRDQTRCQTg0NjRBNUI4MTM1QTI1N0MyM0JDMDQ3QkIyNzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQUwPn137LP4NSubOVdGlu4HJ6
LWBaspuhdmqg83xk7Nm6rwfV++V31o/NEDUDIqrkXpQQ+4RZaZ9+ijWkQ4n+jaN7
kY/R1RjSSUZ0UFJlQfHo/GOCxgg+XuEWNLJueF5kPwbb7Bd+txheJZqpYZLoOeB+
cxeVhFt/sP7yufr29JbEq7fTCGSCmPln8gmsqD+4Q/6yKDeFeX1aaW53J6DdIqRs
c3vx8V44aCteqG9n5pu1caGBi9xb8oKjelyZmDt/MzX1XIGpKWzOaVA8RYbvdEuD
DYqjgP+zUSaXYA+aPmkibeyWNFcfzrAV9xPE/X/CmHR9IMvaeUCuo52CstxVAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUyQDSTKS6hGSluBNaJXwjvAR7snQwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzIzMTM3MmUzOTJlMzIzNTM0
MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdkJ
/jANBgkqhkiG9w0BAQsFAAOCAQEAHfw5o/wa6MoRr0Erd7Bp4FaFm7qn8LnWEXdM
xek7H3HLzCdIUrT8U/Na/Rf1ZAbEPghEXrEy0FiOi+1LDGbZT40MbqAqzjYOvjXh
9wRY14l341wOQ14GO6VRI5JrZiIPu41gtOF/WtBrUhsjsJfESW+cRxws10CO+hL6
LH8MlxMDpcLciURGeMrALJOxC9kXd6FYFPrAVZOLi7ujk8eB2SIVvNukWfYOiiJo
3B3eBuHP8ZLEY/iI5ztTTEcq+3092xcwr2SSp199u/Rbcw5NB7MjuwHoFO7HebJ9
Rm0T67pxTLaOwjS0/I1c2jqMH6sFC7fL8KmiNna4N9s2CW8D2Q==
-----END CERTIFICATE-----
Generated at Fri May 17 13:32:17 2024 by rpki-client on console-fra.rpki-client.org