Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38362e33382e332e302f32342d3234203d3e203135343139.roa
File: 38362e33382e332e302f32342d3234203d3e203135343139.roa (raw, json)
Hash identifier: 2tsvA7xPz9IQULjIyLmZ9Zph2TZWDiyvUyvfFqz1Unw=
Subject key identifier: 08:1E:AE:04:D4:4E:88:B0:2E:5F:CE:D2:18:5B:97:AF:ED:40:31:25
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 4183B82041562147D2A10DC0649AB15268A9464F
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38362e33382e332e302f32342d3234203d3e203135343139.roa
Signing time: Fri 07 Jul 2023 08:08:15 +0000
ROA not before: Fri 07 Jul 2023 08:03:15 +0000
ROA not after: Fri 05 Jul 2024 08:08:15 +0000
asID: 15419
IP address blocks: 86.38.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:83:b8:20:41:56:21:47:d2:a1:0d:c0:64:9a:b1:52:68:a9:46:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jul 7 08:03:15 2023 GMT
Not After : Jul 5 08:08:15 2024 GMT
Subject: CN=081EAE04D44E88B02E5FCED2185B97AFED403125
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:69:2a:ed:24:14:c2:be:27:b6:a8:c7:cd:11:
2b:42:cd:22:3d:3b:97:06:06:99:5d:bc:7c:7c:6c:
5d:49:c6:00:ec:7f:46:f9:7b:db:88:04:ed:5b:33:
d1:7e:02:0a:74:0d:a2:07:32:00:d8:c3:19:db:15:
cb:8e:85:4b:9b:30:5d:1f:f0:08:02:3c:88:3b:3d:
0f:98:61:66:24:13:6a:04:52:87:eb:b0:ca:27:4f:
7b:bc:12:84:70:6d:61:5d:82:0e:8c:c3:f4:03:5d:
0d:13:c0:62:33:92:c5:f0:04:d0:3d:c4:00:65:a5:
d6:50:5a:cd:73:f7:24:12:d3:14:cc:7b:88:ba:79:
27:1f:e3:d3:a4:d4:2d:3b:bf:7c:04:89:cd:51:3f:
ed:44:ff:23:c1:6d:88:b9:20:80:e8:39:f4:d8:7f:
c1:56:f2:b6:92:81:f7:04:47:0f:a9:a2:ab:51:82:
97:d4:4e:ad:1e:21:35:89:3b:62:d1:4a:29:8b:a4:
01:c2:63:7d:5a:64:56:c4:21:bb:63:fc:95:3a:fc:
bc:a8:ac:62:dc:a2:86:b5:ad:41:c4:12:c6:fb:63:
51:a1:ba:ec:f2:34:46:1c:8a:fb:a8:0b:5e:81:68:
68:ed:1c:15:92:b4:61:c3:4f:fa:53:3c:c6:56:db:
a7:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:1E:AE:04:D4:4E:88:B0:2E:5F:CE:D2:18:5B:97:AF:ED:40:31:25
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38362e33382e332e302f32342d3234203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.3.0/24
Signature Algorithm: sha256WithRSAEncryption
22:e1:a6:6b:24:a6:42:5a:df:0f:8d:4a:11:a7:c5:1a:c4:49:
21:2d:0b:a4:50:1a:af:35:cd:b1:02:7b:01:6a:9a:c8:4a:ab:
16:02:b2:29:63:c7:a7:a9:48:30:23:8a:1f:55:32:ad:9b:d7:
1a:fa:a0:c8:70:e9:e7:9a:2b:bf:33:64:ea:aa:ea:e2:b2:41:
0a:a8:85:1c:93:a4:05:8a:2f:c7:7f:e8:05:7a:63:76:fe:51:
50:f6:92:56:50:87:47:43:14:c5:e3:8a:66:4c:fc:13:7a:60:
d3:05:80:31:bd:30:2f:bd:3b:55:d8:91:df:3b:4a:81:ac:7c:
9f:78:9b:95:ac:18:df:b7:9b:45:95:b0:df:d7:db:b9:1f:e7:
28:1d:d4:0b:18:df:d2:a7:a0:e5:ce:fc:6e:a0:de:24:fb:f8:
66:b5:c7:66:6d:21:6d:af:16:fc:af:f9:6e:dd:71:80:54:1d:
2e:fa:a9:4a:7c:17:78:fb:90:2b:71:f5:61:81:05:d7:95:04:
97:35:aa:f0:68:6e:93:a1:20:a3:6f:9d:30:c0:a4:56:cd:60:
b4:60:30:52:3f:05:e4:b4:2e:9b:04:ad:3a:fa:1e:f4:9e:98:
d2:aa:1c:53:87:ee:69:b5:6b:24:99:e5:2d:a4:da:b2:06:3f:
27:c2:19:6f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUQYO4IEFWIUfSoQ3AZJqxUmipRk8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yMzA3MDcwODAzMTVaFw0yNDA3MDUwODA4MTVaMDMxMTAvBgNV
BAMTKDA4MUVBRTA0RDQ0RTg4QjAyRTVGQ0VEMjE4NUI5N0FGRUQ0MDMxMjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVaSrtJBTCvie2qMfNEStCzSI9
O5cGBpldvHx8bF1JxgDsf0b5e9uIBO1bM9F+Agp0DaIHMgDYwxnbFcuOhUubMF0f
8AgCPIg7PQ+YYWYkE2oEUofrsMonT3u8EoRwbWFdgg6Mw/QDXQ0TwGIzksXwBNA9
xABlpdZQWs1z9yQS0xTMe4i6eScf49Ok1C07v3wEic1RP+1E/yPBbYi5IIDoOfTY
f8FW8raSgfcERw+poqtRgpfUTq0eITWJO2LRSimLpAHCY31aZFbEIbtj/JU6/Lyo
rGLcooa1rUHEEsb7Y1GhuuzyNEYcivuoC16BaGjtHBWStGHDT/pTPMZW26cHAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUCB6uBNROiLAuX87SGFuXr+1AMSUwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzNjJlMzMzODJlMzMyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzQzMTM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAViYDMA0G
CSqGSIb3DQEBCwUAA4IBAQAi4aZrJKZCWt8PjUoRp8UaxEkhLQukUBqvNc2xAnsB
aprISqsWArIpY8enqUgwI4ofVTKtm9ca+qDIcOnnmiu/M2TqquriskEKqIUck6QF
ii/Hf+gFemN2/lFQ9pJWUIdHQxTF44pmTPwTemDTBYAxvTAvvTtV2JHfO0qBrHyf
eJuVrBjft5tFlbDf19u5H+coHdQLGN/Sp6DlzvxuoN4k+/hmtcdmbSFtrxb8r/lu
3XGAVB0u+qlKfBd4+5ArcfVhgQXXlQSXNarwaG6ToSCjb50wwKRWzWC0YDBSPwXk
tC6bBK06+h70npjSqhxTh+5ptWskmeUtpNqyBj8nwhlv
-----END CERTIFICATE-----
Generated at Fri May 17 13:32:17 2024 by rpki-client on console-fra.rpki-client.org