Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3133312e302f32342d3234203d3e203135343139.roa
File: 38322e3134302e3133312e302f32342d3234203d3e203135343139.roa (raw, json)
Hash identifier: NPM2yEw11OkbHwQ7vN+lq6WaHRQGeAFFz6T4nsSoJXM=
Subject key identifier: 81:D9:C0:6B:9A:95:72:79:68:87:C0:A5:A4:AD:64:2A:97:4B:D6:28
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 7DDCD7B1F9C321A358286BC0B0C156B6B0D7092A
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3133312e302f32342d3234203d3e203135343139.roa
Signing time: Fri 07 Jul 2023 08:08:17 +0000
ROA not before: Fri 07 Jul 2023 08:03:17 +0000
ROA not after: Fri 05 Jul 2024 08:08:17 +0000
asID: 15419
IP address blocks: 82.140.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:dc:d7:b1:f9:c3:21:a3:58:28:6b:c0:b0:c1:56:b6:b0:d7:09:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jul 7 08:03:17 2023 GMT
Not After : Jul 5 08:08:17 2024 GMT
Subject: CN=81D9C06B9A9572796887C0A5A4AD642A974BD628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e9:e3:2c:80:b8:c9:63:52:4f:7f:b4:1f:3d:
dd:9b:39:29:0d:8d:7b:f4:94:b1:bc:dc:31:7b:05:
93:95:ba:15:66:5a:8b:0a:61:7a:00:e8:2a:94:06:
55:df:10:f4:e0:4a:aa:45:85:9c:b6:1f:7e:d0:15:
88:2c:ff:5c:22:2f:e4:fb:bf:be:cb:e1:4b:b6:eb:
66:07:0d:f5:1b:51:30:dc:8d:bc:ac:ea:a8:8f:1f:
bf:b4:f0:f7:5b:74:a1:be:9b:f2:48:56:e8:5a:bf:
6b:56:e6:d3:c5:a4:bd:83:1f:1c:3d:a8:4b:ab:57:
42:eb:d1:13:6c:82:92:07:9e:5c:ba:4f:57:ca:76:
a5:9a:98:b0:ba:1e:6a:18:07:dd:98:3b:60:71:db:
eb:af:03:d7:c8:49:42:de:33:ce:34:b2:41:d5:7e:
2d:fb:b9:dc:38:ba:e3:a3:5d:b2:6e:b2:eb:c1:e2:
54:b4:0e:bf:28:c3:0c:85:5b:72:97:46:d0:d8:df:
0d:b0:18:99:97:05:c1:fc:0d:6a:5a:b1:e2:1e:92:
fc:b5:4b:40:63:98:18:e4:6f:7e:4f:2d:bd:c2:33:
bc:c1:c8:67:f9:50:57:d5:78:48:5b:f5:c7:38:2b:
5f:f6:bc:bb:a8:3b:65:37:02:b6:58:fd:27:80:d6:
e7:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:D9:C0:6B:9A:95:72:79:68:87:C0:A5:A4:AD:64:2A:97:4B:D6:28
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3133312e302f32342d3234203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.131.0/24
Signature Algorithm: sha256WithRSAEncryption
09:95:93:c9:84:8f:64:39:dc:a4:93:78:85:54:fc:54:b9:c4:
18:90:74:35:45:21:03:1d:16:65:30:7b:1d:d8:09:5f:98:fb:
8f:81:88:a0:5c:b4:03:4c:fd:02:83:49:a5:5d:46:6b:05:f4:
19:3a:80:9b:f2:67:e8:25:99:8b:db:2f:9c:88:75:85:f3:23:
09:7e:87:e6:78:36:f8:b0:83:f9:58:89:c2:2a:b6:95:fd:18:
f1:f8:c4:fe:a8:b9:1c:12:82:46:ff:70:ed:96:36:c6:75:40:
2f:77:d2:d2:c9:15:cd:5d:cd:5d:ed:c0:03:7c:53:9c:09:ca:
e4:0e:7c:06:d7:37:1d:92:ab:e2:0b:7f:aa:f9:12:c5:16:5b:
42:50:b1:bb:8d:e8:32:86:1a:3f:bb:35:9c:c0:db:dc:de:ec:
43:17:98:a1:f5:54:69:b4:65:ef:10:c2:f4:fa:0a:26:1e:40:
29:91:95:54:f5:ec:ca:3c:0d:80:c2:17:07:c8:9e:b7:a6:5a:
ca:25:80:bc:36:73:c0:9c:81:31:ef:ed:fd:07:37:b2:fb:0c:
3f:a2:68:9d:a7:07:4c:aa:a8:ad:b0:2d:f8:79:aa:09:8a:ed:
2f:0b:80:0c:6d:f6:10:dc:43:58:d2:2e:19:70:0c:03:e0:6f:
88:81:f0:da
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUfdzXsfnDIaNYKGvAsMFWtrDXCSowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yMzA3MDcwODAzMTdaFw0yNDA3MDUwODA4MTdaMDMxMTAvBgNV
BAMTKDgxRDlDMDZCOUE5NTcyNzk2ODg3QzBBNUE0QUQ2NDJBOTc0QkQ2MjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj6eMsgLjJY1JPf7QfPd2bOSkN
jXv0lLG83DF7BZOVuhVmWosKYXoA6CqUBlXfEPTgSqpFhZy2H37QFYgs/1wiL+T7
v77L4Uu262YHDfUbUTDcjbys6qiPH7+08PdbdKG+m/JIVuhav2tW5tPFpL2DHxw9
qEurV0Lr0RNsgpIHnly6T1fKdqWamLC6HmoYB92YO2Bx2+uvA9fISULeM840skHV
fi37udw4uuOjXbJusuvB4lS0Dr8owwyFW3KXRtDY3w2wGJmXBcH8DWpaseIekvy1
S0BjmBjkb35PLb3CM7zByGf5UFfVeEhb9cc4K1/2vLuoO2U3ArZY/SeA1ufHAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUgdnAa5qVcnloh8ClpK1kKpdL1igwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzMjJlMzEzNDMwMmUzMTMz
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzQzMTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UoyDMA0GCSqGSIb3DQEBCwUAA4IBAQAJlZPJhI9kOdykk3iFVPxUucQYkHQ1RSED
HRZlMHsd2AlfmPuPgYigXLQDTP0Cg0mlXUZrBfQZOoCb8mfoJZmL2y+ciHWF8yMJ
fofmeDb4sIP5WInCKraV/Rjx+MT+qLkcEoJG/3DtljbGdUAvd9LSyRXNXc1d7cAD
fFOcCcrkDnwG1zcdkqviC3+q+RLFFltCULG7jegyhho/uzWcwNvc3uxDF5ih9VRp
tGXvEML0+gomHkApkZVU9ezKPA2AwhcHyJ63plrKJYC8NnPAnIEx7+39Bzey+ww/
omidpwdMqqitsC34eaoJiu0vC4AMbfYQ3ENY0i4ZcAwD4G+IgfDa
-----END CERTIFICATE-----
Generated at Fri May 17 13:32:17 2024 by rpki-client on console-fra.rpki-client.org