Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38362e33382e382e302f32312d3231203d3e203135343139.roa
File: 38362e33382e382e302f32312d3231203d3e203135343139.roa (raw, json)
Hash identifier: Jy9FfpiRqJjeQijv4Je6SENUeGndVONxelwvwfNNzXI=
Subject key identifier: C2:99:20:F5:25:75:D6:57:5F:17:E6:61:E5:33:35:AE:82:2C:12:10
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 4D1AB75B631E28AA0A4DD20963C3DB1C8C8A4869
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38362e33382e382e302f32312d3231203d3e203135343139.roa
Signing time: Fri 07 Jun 2024 09:01:54 +0000
ROA not before: Fri 07 Jun 2024 08:56:54 +0000
ROA not after: Fri 06 Jun 2025 09:01:54 +0000
asID: 15419
IP address blocks: 86.38.8.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:1a:b7:5b:63:1e:28:aa:0a:4d:d2:09:63:c3:db:1c:8c:8a:48:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jun 7 08:56:54 2024 GMT
Not After : Jun 6 09:01:54 2025 GMT
Subject: CN=C29920F52575D6575F17E661E53335AE822C1210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:0e:12:27:fd:85:ea:14:38:49:d4:9e:76:35:
c7:6c:9e:c9:3e:0e:31:95:f7:54:c7:11:66:a2:87:
e0:08:b1:75:a0:d9:5d:4f:89:47:e9:d4:4e:72:7d:
83:ca:49:66:ed:9b:2b:c6:c8:e3:e1:64:ae:21:ee:
fe:9b:9a:86:30:ec:12:05:91:a5:ad:63:64:f8:62:
e2:2c:98:ca:ad:8f:d8:32:2f:f7:17:04:bd:a9:77:
0d:c2:0d:37:ee:fb:c1:d5:96:b2:51:3d:b1:9d:1b:
b4:d6:78:fa:cc:14:b2:a5:a0:d0:e8:47:8d:24:43:
48:d1:54:96:ee:57:07:a9:c5:12:77:10:8a:ba:32:
6d:85:59:ab:2c:3c:cb:25:23:0d:3d:fa:15:a5:a6:
71:dd:59:98:70:14:44:e9:a4:34:ef:41:f1:0d:e5:
47:6e:fb:e4:5a:d0:c4:81:ae:97:57:32:79:a9:f7:
11:ba:c0:32:82:f2:8d:12:d1:eb:62:2f:63:ef:39:
61:66:ae:12:0c:c1:43:12:f0:4a:bd:39:46:3f:7e:
52:25:63:4b:72:a0:24:37:13:57:62:74:dd:94:d3:
3a:18:c6:35:54:b1:14:a3:d1:6c:9c:1e:2a:9f:70:
62:f7:d4:11:3d:ff:ad:7a:cd:91:8b:ef:d8:ca:09:
1f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:99:20:F5:25:75:D6:57:5F:17:E6:61:E5:33:35:AE:82:2C:12:10
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38362e33382e382e302f32312d3231203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.8.0/21
Signature Algorithm: sha256WithRSAEncryption
68:0c:6d:fd:32:01:d9:7d:dd:ae:ee:fd:c5:21:65:4f:3b:8c:
9c:be:30:f5:c5:75:ce:dd:0e:6a:46:87:7b:df:ab:2d:e6:d2:
53:e7:b1:dc:b6:bc:15:bc:92:f7:39:2c:5c:7d:31:b7:b5:9c:
c1:97:b9:70:73:95:8c:4f:41:9f:d9:ad:c2:58:94:d7:16:81:
1a:91:39:31:92:1b:aa:dc:7d:57:6d:7f:43:22:03:2d:72:3e:
00:97:4e:43:2a:20:40:e8:34:cc:c2:2a:f1:54:a6:d8:06:3c:
bd:11:9b:51:42:71:29:1c:eb:29:9d:fd:4b:31:2a:f8:57:fd:
7d:83:de:2c:2e:39:ae:3a:ae:25:ee:5d:86:4c:c3:98:d5:47:
03:0d:fd:b6:ad:a6:63:f1:7f:ba:8d:9a:ea:9d:fe:3b:48:5c:
89:73:d5:54:26:20:ce:86:6a:85:76:2a:72:01:dd:9b:96:9e:
71:4b:70:d0:f7:34:04:bc:0b:bc:d9:dd:11:29:b1:f8:49:ae:
64:d2:bd:6d:15:16:4b:96:eb:79:e8:3d:3f:06:b6:14:9a:1d:
2a:60:5d:55:87:2a:f2:e3:bf:d2:33:4c:08:d6:7b:9f:59:e9:
0d:3e:73:3a:41:60:83:a7:30:97:6f:f9:63:5d:6f:a2:94:55:
5b:45:fe:f4
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUTRq3W2MeKKoKTdIJY8PbHIyKSGkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNDA2MDcwODU2NTRaFw0yNTA2MDYwOTAxNTRaMDMxMTAvBgNV
BAMTKEMyOTkyMEY1MjU3NUQ2NTc1RjE3RTY2MUU1MzMzNUFFODIyQzEyMTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGDhIn/YXqFDhJ1J52Ncdsnsk+
DjGV91THEWaih+AIsXWg2V1PiUfp1E5yfYPKSWbtmyvGyOPhZK4h7v6bmoYw7BIF
kaWtY2T4YuIsmMqtj9gyL/cXBL2pdw3CDTfu+8HVlrJRPbGdG7TWePrMFLKloNDo
R40kQ0jRVJbuVwepxRJ3EIq6Mm2FWassPMslIw09+hWlpnHdWZhwFETppDTvQfEN
5Udu++Ra0MSBrpdXMnmp9xG6wDKC8o0S0etiL2PvOWFmrhIMwUMS8Eq9OUY/flIl
Y0tyoCQ3E1didN2U0zoYxjVUsRSj0WycHiqfcGL31BE9/616zZGL79jKCR9TAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUwpkg9SV11ldfF+Zh5TM1roIsEhAwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzNjJlMzMzODJlMzgyZTMw
MmYzMjMxMmQzMjMxMjAzZDNlMjAzMTM1MzQzMTM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDViYIMA0G
CSqGSIb3DQEBCwUAA4IBAQBoDG39MgHZfd2u7v3FIWVPO4ycvjD1xXXO3Q5qRod7
36st5tJT57HctrwVvJL3OSxcfTG3tZzBl7lwc5WMT0Gf2a3CWJTXFoEakTkxkhuq
3H1XbX9DIgMtcj4Al05DKiBA6DTMwirxVKbYBjy9EZtRQnEpHOspnf1LMSr4V/19
g94sLjmuOq4l7l2GTMOY1UcDDf22raZj8X+6jZrqnf47SFyJc9VUJiDOhmqFdipy
Ad2blp5xS3DQ9zQEvAu82d0RKbH4Sa5k0r1tFRZLlut56D0/BrYUmh0qYF1Vhyry
47/SM0wI1nufWekNPnM6QWCDpzCXb/ljXW+ilFVbRf70
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:15 2024 by rpki-client on console-ams.rpki-client.org