Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e312e302f32342d3234203d3e203135343139.roa
File: 38392e3131362e312e302f32342d3234203d3e203135343139.roa (raw, json)
Hash identifier: LoPTcBT12GlxJeGQytlP+87jwAVqXsZ20yC+f2z0XAE=
Subject key identifier: C3:D9:D7:2D:15:CB:89:F3:09:6C:D7:AE:0A:6E:96:3F:A0:2B:D3:F7
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 7D7D25C707B843F105429A8C5AB72DAB2BB2B7E3
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e312e302f32342d3234203d3e203135343139.roa
Signing time: Fri 07 Jun 2024 09:01:54 +0000
ROA not before: Fri 07 Jun 2024 08:56:54 +0000
ROA not after: Fri 06 Jun 2025 09:01:54 +0000
asID: 15419
IP address blocks: 89.116.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:7d:25:c7:07:b8:43:f1:05:42:9a:8c:5a:b7:2d:ab:2b:b2:b7:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jun 7 08:56:54 2024 GMT
Not After : Jun 6 09:01:54 2025 GMT
Subject: CN=C3D9D72D15CB89F3096CD7AE0A6E963FA02BD3F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1f:9e:d1:6e:02:cd:c4:87:63:2f:ed:07:1e:
23:36:2d:8f:d3:35:a7:88:b3:e7:08:db:30:58:18:
e3:69:7a:f8:9f:2c:55:ea:c5:13:d4:e4:79:56:a7:
97:d0:98:be:7a:df:7e:3e:5b:8a:a0:6b:5a:31:0a:
43:9a:2b:91:df:99:1a:05:85:a6:f9:45:36:ef:f1:
4e:a3:96:c9:6b:ad:23:9f:98:6f:93:18:85:52:74:
70:30:1b:99:e6:fa:8f:9b:a3:ec:59:15:11:65:c1:
16:57:4f:c0:16:dd:e5:a2:72:db:8b:b8:92:20:27:
10:54:12:01:c6:56:dc:dc:a8:b1:b9:df:cc:bd:25:
7f:e0:d7:e1:41:0c:f1:56:d9:a1:fa:32:77:75:c9:
33:ec:b9:38:dc:60:aa:27:c1:a9:82:30:27:66:04:
0d:83:17:93:7f:40:fa:40:5d:ca:57:63:68:80:fa:
f3:7d:dd:b8:3b:6d:25:9c:f8:5f:f9:54:85:bc:39:
56:fe:24:b9:4d:8a:a6:71:0e:91:ca:aa:e7:1f:be:
b3:57:f0:69:97:21:9d:04:e3:0e:5f:60:00:87:3c:
3d:53:78:53:6b:71:6e:6d:35:34:ae:cc:8e:4a:95:
33:39:26:9b:5f:aa:cf:9c:2f:7c:26:37:b1:9c:fd:
44:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:D9:D7:2D:15:CB:89:F3:09:6C:D7:AE:0A:6E:96:3F:A0:2B:D3:F7
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e312e302f32342d3234203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.1.0/24
Signature Algorithm: sha256WithRSAEncryption
41:af:e7:57:15:8d:53:ff:81:f7:3f:8f:67:e6:86:33:f9:00:
8c:8b:23:87:8a:03:ad:86:bd:da:3a:73:b0:8c:6f:84:0f:ed:
62:b1:a6:71:42:9a:e1:27:66:65:a9:54:3d:31:5f:71:5f:4f:
9e:97:b6:e1:fe:cd:40:3b:1a:be:10:29:3a:78:c5:fb:fb:40:
57:c7:0a:e0:f4:6b:22:da:38:f6:66:53:e6:92:dd:bb:57:e4:
c1:19:57:4d:1c:88:4f:5e:32:65:f3:0a:11:8b:45:df:0b:8a:
7c:ea:20:b7:27:69:c7:de:6a:90:58:09:e5:19:48:f4:dd:40:
ab:0c:99:da:e5:14:96:17:ce:37:bc:b8:8f:a5:18:be:99:85:
4e:3f:15:6f:f0:a7:99:c5:3e:33:36:bd:42:d6:98:21:6b:79:
08:8b:07:5a:d2:60:00:ad:20:47:d6:5f:9e:58:52:93:97:ff:
d4:b2:b8:36:68:f4:2d:48:06:70:b4:64:58:90:9c:4f:e0:4d:
01:82:12:77:d5:c4:f3:d6:20:07:03:a2:1f:94:5a:cc:2d:5f:
dd:64:4d:7e:10:84:62:79:78:26:8f:f8:32:68:5e:7b:1f:f8:
56:d1:27:59:2f:37:81:7f:0e:8f:69:f2:24:5e:33:df:8b:de:
8c:59:58:c3
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUfX0lxwe4Q/EFQpqMWrctqyuyt+MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNDA2MDcwODU2NTRaFw0yNTA2MDYwOTAxNTRaMDMxMTAvBgNV
BAMTKEMzRDlENzJEMTVDQjg5RjMwOTZDRDdBRTBBNkU5NjNGQTAyQkQzRjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4H57RbgLNxIdjL+0HHiM2LY/T
NaeIs+cI2zBYGONpevifLFXqxRPU5HlWp5fQmL56334+W4qga1oxCkOaK5HfmRoF
hab5RTbv8U6jlslrrSOfmG+TGIVSdHAwG5nm+o+bo+xZFRFlwRZXT8AW3eWictuL
uJIgJxBUEgHGVtzcqLG538y9JX/g1+FBDPFW2aH6Mnd1yTPsuTjcYKonwamCMCdm
BA2DF5N/QPpAXcpXY2iA+vN93bg7bSWc+F/5VIW8OVb+JLlNiqZxDpHKqucfvrNX
8GmXIZ0E4w5fYACHPD1TeFNrcW5tNTSuzI5KlTM5Jptfqs+cL3wmN7Gc/USDAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUw9nXLRXLifMJbNeuCm6WP6Ar0/cwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzOTJlMzEzMTM2MmUzMTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzUzNDMxMzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABZdAEw
DQYJKoZIhvcNAQELBQADggEBAEGv51cVjVP/gfc/j2fmhjP5AIyLI4eKA62Gvdo6
c7CMb4QP7WKxpnFCmuEnZmWpVD0xX3FfT56XtuH+zUA7Gr4QKTp4xfv7QFfHCuD0
ayLaOPZmU+aS3btX5MEZV00ciE9eMmXzChGLRd8LinzqILcnacfeapBYCeUZSPTd
QKsMmdrlFJYXzje8uI+lGL6ZhU4/FW/wp5nFPjM2vULWmCFreQiLB1rSYACtIEfW
X55YUpOX/9SyuDZo9C1IBnC0ZFiQnE/gTQGCEnfVxPPWIAcDoh+UWswtX91kTX4Q
hGJ5eCaP+DJoXnsf+FbRJ1kvN4F/Do9p8iReM9+L3oxZWMM=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:50 2024 by rpki-client on console-fra.rpki-client.org