Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38362e33382e382e302f32312d3231203d3e203135343139.roa
File: 38362e33382e382e302f32312d3231203d3e203135343139.roa (raw, json)
Hash identifier: XOUR7jlDOJh+58qxpGQGq2MOlSmScuDMgtUFExt9daE=
Subject key identifier: C1:B3:ED:CB:CA:A8:15:EB:64:02:B6:77:FA:4A:A8:CD:8D:1E:41:CD
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 1A1703A8EB0A0A37BCDFF09F5F63DD397A2C5274
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38362e33382e382e302f32312d3231203d3e203135343139.roa
Signing time: Fri 07 Jul 2023 08:08:17 +0000
ROA not before: Fri 07 Jul 2023 08:03:17 +0000
ROA not after: Fri 05 Jul 2024 08:08:17 +0000
asID: 15419
IP address blocks: 86.38.8.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:17:03:a8:eb:0a:0a:37:bc:df:f0:9f:5f:63:dd:39:7a:2c:52:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jul 7 08:03:17 2023 GMT
Not After : Jul 5 08:08:17 2024 GMT
Subject: CN=C1B3EDCBCAA815EB6402B677FA4AA8CD8D1E41CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:11:71:b7:ed:b2:86:d1:96:13:80:c6:28:d2:
fc:70:34:61:9e:5b:5b:97:5f:7b:a4:50:ae:4a:d4:
3a:1d:34:11:3b:55:00:64:5a:91:6d:46:4e:42:4e:
ef:a0:7d:3a:0b:79:f0:25:ad:f0:49:4e:cd:a8:cc:
3e:09:dd:60:ae:18:11:51:dd:d1:1b:0d:db:5e:01:
c3:3e:9f:56:e2:84:5d:07:79:d0:ee:3c:9f:e5:23:
1d:20:38:fc:6a:ea:8c:4e:dd:ed:bd:5e:cc:41:5d:
6e:95:0e:4c:3c:57:73:40:45:6f:89:fa:43:67:4a:
40:79:9e:3a:d7:c0:0b:0d:e7:e9:f4:3c:77:f8:a3:
f1:14:e3:bd:dc:9d:82:fa:c0:b8:62:4e:9a:fc:cc:
ec:a0:a1:42:31:bd:3c:50:a0:ac:6a:e8:f1:17:0a:
4e:38:b6:5b:29:82:5b:38:11:c5:c7:30:42:5c:fc:
42:e9:98:5b:9b:8d:64:01:d1:1a:40:9e:fa:c8:50:
ce:e6:40:7e:be:30:44:ef:b2:bc:fa:d7:6e:af:83:
5f:fe:90:92:98:4a:f1:ce:70:c3:f6:28:66:b6:57:
3e:26:1e:f2:d9:23:d4:9e:60:82:97:98:90:ea:9a:
75:93:f0:05:53:73:e0:35:7c:4f:6b:c3:a9:7e:4c:
79:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:B3:ED:CB:CA:A8:15:EB:64:02:B6:77:FA:4A:A8:CD:8D:1E:41:CD
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38362e33382e382e302f32312d3231203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.8.0/21
Signature Algorithm: sha256WithRSAEncryption
95:8f:1e:7a:e3:0b:a9:3c:6b:a5:b5:4d:2b:11:8b:74:de:05:
3e:cc:10:2b:dd:69:ea:c5:83:d8:f0:2b:6e:cd:f0:27:43:a3:
76:c4:b3:50:01:e9:7b:1a:e5:4c:8c:8c:ae:ad:de:ec:c3:73:
9a:08:a1:4f:1f:91:c9:8d:94:4f:18:49:41:27:3f:9e:f4:7a:
b9:fd:e0:74:46:76:52:1a:ce:2c:3e:b2:44:eb:01:ed:de:be:
39:de:46:11:0d:60:ec:6d:e3:84:70:b3:0a:9a:2a:96:fc:13:
48:ff:a3:06:cf:50:ae:75:d9:c4:ba:0a:b1:1e:03:6c:7c:cb:
2d:55:6f:c7:b5:60:32:5f:5c:7d:c6:87:ea:8f:78:cf:d8:54:
0f:bf:ef:5f:ea:9a:51:18:a7:22:15:26:0e:ef:09:d2:34:2a:
ee:8f:13:24:71:29:69:d2:cc:a7:05:ab:31:48:d7:aa:21:2b:
07:62:1a:b6:4a:75:7b:be:9a:ab:47:4d:19:bf:da:9e:6d:d5:
8c:c7:04:8b:56:e1:81:0c:2e:08:af:f1:24:32:ca:64:81:9b:
7a:53:05:16:49:8b:f9:00:e7:f0:ee:d4:8a:93:71:87:2d:a6:
78:59:4c:84:eb:1c:bf:b5:d9:3c:a0:b7:8d:ad:05:c2:3a:86:
62:2c:8d:9e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUGhcDqOsKCje83/CfX2PdOXosUnQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yMzA3MDcwODAzMTdaFw0yNDA3MDUwODA4MTdaMDMxMTAvBgNV
BAMTKEMxQjNFRENCQ0FBODE1RUI2NDAyQjY3N0ZBNEFBOENEOEQxRTQxQ0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhEXG37bKG0ZYTgMYo0vxwNGGe
W1uXX3ukUK5K1DodNBE7VQBkWpFtRk5CTu+gfToLefAlrfBJTs2ozD4J3WCuGBFR
3dEbDdteAcM+n1bihF0HedDuPJ/lIx0gOPxq6oxO3e29XsxBXW6VDkw8V3NARW+J
+kNnSkB5njrXwAsN5+n0PHf4o/EU473cnYL6wLhiTpr8zOygoUIxvTxQoKxq6PEX
Ck44tlspgls4EcXHMEJc/ELpmFubjWQB0RpAnvrIUM7mQH6+METvsrz6126vg1/+
kJKYSvHOcMP2KGa2Vz4mHvLZI9SeYIKXmJDqmnWT8AVTc+A1fE9rw6l+THn5AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUwbPty8qoFetkArZ3+kqozY0eQc0wHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzNjJlMzMzODJlMzgyZTMw
MmYzMjMxMmQzMjMxMjAzZDNlMjAzMTM1MzQzMTM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDViYIMA0G
CSqGSIb3DQEBCwUAA4IBAQCVjx564wupPGultU0rEYt03gU+zBAr3WnqxYPY8Ctu
zfAnQ6N2xLNQAel7GuVMjIyurd7sw3OaCKFPH5HJjZRPGElBJz+e9Hq5/eB0RnZS
Gs4sPrJE6wHt3r453kYRDWDsbeOEcLMKmiqW/BNI/6MGz1CuddnEugqxHgNsfMst
VW/HtWAyX1x9xofqj3jP2FQPv+9f6ppRGKciFSYO7wnSNCrujxMkcSlp0synBasx
SNeqISsHYhq2SnV7vpqrR00Zv9qebdWMxwSLVuGBDC4Ir/EkMspkgZt6UwUWSYv5
AOfw7tSKk3GHLaZ4WUyE6xy/tdk8oLeNrQXCOoZiLI2e
-----END CERTIFICATE-----
Generated at Fri May 17 14:34:42 2024 by rpki-client on console-ams.rpki-client.org