Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e3131362e302f32322d3232203d3e203135343139.roa
File: 38392e3131362e3131362e302f32322d3232203d3e203135343139.roa (raw, json)
Hash identifier: fHsDulc+1xp80jqhKPKtHjI+D1+Glp+svd8TMxrbCTU=
Subject key identifier: AB:AE:06:76:07:A0:BA:87:14:CF:75:90:64:FE:19:30:70:08:C4:DE
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 38E956EEBB0F4E3A52D212BA86036B89717736F6
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e3131362e302f32322d3232203d3e203135343139.roa
Signing time: Fri 07 Jun 2024 09:01:55 +0000
ROA not before: Fri 07 Jun 2024 08:56:55 +0000
ROA not after: Fri 06 Jun 2025 09:01:55 +0000
asID: 15419
IP address blocks: 89.116.116.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:e9:56:ee:bb:0f:4e:3a:52:d2:12:ba:86:03:6b:89:71:77:36:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jun 7 08:56:55 2024 GMT
Not After : Jun 6 09:01:55 2025 GMT
Subject: CN=ABAE067607A0BA8714CF759064FE19307008C4DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2a:92:a1:62:18:f2:c0:80:27:61:dd:b4:64:
ca:28:fb:3c:67:7d:ab:82:4a:15:00:50:7f:11:19:
f1:a4:8e:e2:b0:70:17:d5:b4:eb:40:e3:ac:3e:a6:
14:95:5e:ea:ac:38:92:40:39:99:eb:cc:75:a5:fe:
0a:52:ef:67:ff:38:24:35:c2:83:b8:78:3f:3a:3a:
2a:06:4d:88:dd:db:99:38:fd:af:d8:cd:da:93:19:
2f:47:b8:3b:ed:46:36:f2:b1:a0:10:42:a1:53:9d:
33:e7:a2:aa:25:ae:13:84:6e:98:d1:bb:83:d1:31:
39:df:27:ae:b2:d5:ee:b6:10:67:e6:5e:b0:3a:e7:
e2:2a:cb:ba:88:76:af:3d:c7:cf:7a:8e:85:c9:5f:
a2:3c:29:45:6b:4c:2a:72:33:33:ea:9b:70:00:5b:
c2:c1:e2:d6:e3:af:f8:bf:74:f0:4d:72:e9:95:e1:
d7:8a:57:e4:bf:be:fb:b7:9d:31:e8:1a:aa:02:2f:
8f:80:09:4a:a1:5f:00:05:18:da:2b:07:02:b4:dd:
a5:90:f8:d8:7c:cf:ab:06:12:73:1c:e6:36:69:fb:
88:d5:3e:72:e3:05:da:32:40:94:c1:b9:18:2a:8e:
a9:e5:0c:bf:10:1c:ab:d8:da:48:01:2d:8c:7b:32:
e7:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:AE:06:76:07:A0:BA:87:14:CF:75:90:64:FE:19:30:70:08:C4:DE
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e3131362e302f32322d3232203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.116.0/22
Signature Algorithm: sha256WithRSAEncryption
83:ad:93:35:45:9d:d9:a3:3c:f2:c8:7a:18:e4:2e:9a:cf:c8:
09:84:79:46:95:f3:49:c1:2f:4f:c5:f1:69:ca:fe:3c:3c:90:
a5:ec:84:8b:0f:fe:1c:68:57:33:d7:1a:12:0a:57:76:5f:bb:
15:da:e7:e6:31:9e:55:2a:a7:82:63:7f:57:0a:48:97:91:a1:
0f:07:bb:f8:15:5b:b5:7e:d5:9a:43:58:9e:48:84:e3:7e:37:
6f:da:d7:b5:f8:61:b6:a7:89:9b:c5:41:1e:ea:53:f3:ac:4a:
18:8e:eb:ce:09:d7:8c:ba:ea:3b:74:3b:a4:07:e1:ca:c6:1a:
f3:b6:e3:19:38:0f:1b:c0:24:ae:71:f0:ba:26:c9:28:6e:be:
66:2c:75:17:90:1f:a6:e0:3c:fc:67:c0:6c:0e:57:81:16:0a:
c2:6f:0d:c0:11:5a:47:e8:aa:8a:d9:42:a5:b9:b1:f7:7d:ec:
31:3f:e0:33:84:10:28:4f:5d:bb:0c:c0:d5:d7:16:f1:df:57:
2a:11:80:72:85:65:37:b7:b2:6c:15:60:8e:cb:d3:a2:84:fb:
b4:d9:b0:e8:7d:ce:86:f2:40:7e:a2:21:e8:d4:bd:c2:4f:08:
a5:e2:5a:50:fb:b5:af:37:eb:ea:5e:0a:b3:e7:02:9a:76:c2:
79:33:66:fd
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUOOlW7rsPTjpS0hK6hgNriXF3NvYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNDA2MDcwODU2NTVaFw0yNTA2MDYwOTAxNTVaMDMxMTAvBgNV
BAMTKEFCQUUwNjc2MDdBMEJBODcxNENGNzU5MDY0RkUxOTMwNzAwOEM0REUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClKpKhYhjywIAnYd20ZMoo+zxn
fauCShUAUH8RGfGkjuKwcBfVtOtA46w+phSVXuqsOJJAOZnrzHWl/gpS72f/OCQ1
woO4eD86OioGTYjd25k4/a/YzdqTGS9HuDvtRjbysaAQQqFTnTPnoqolrhOEbpjR
u4PRMTnfJ66y1e62EGfmXrA65+Iqy7qIdq89x896joXJX6I8KUVrTCpyMzPqm3AA
W8LB4tbjr/i/dPBNcumV4deKV+S/vvu3nTHoGqoCL4+ACUqhXwAFGNorBwK03aWQ
+Nh8z6sGEnMc5jZp+4jVPnLjBdoyQJTBuRgqjqnlDL8QHKvY2kgBLYx7Muc/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUq64GdgeguocUz3WQZP4ZMHAIxN4wHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzOTJlMzEzMTM2MmUzMTMx
MzYyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMTM1MzQzMTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
WXR0MA0GCSqGSIb3DQEBCwUAA4IBAQCDrZM1RZ3ZozzyyHoY5C6az8gJhHlGlfNJ
wS9PxfFpyv48PJCl7ISLD/4caFcz1xoSCld2X7sV2ufmMZ5VKqeCY39XCkiXkaEP
B7v4FVu1ftWaQ1ieSITjfjdv2te1+GG2p4mbxUEe6lPzrEoYjuvOCdeMuuo7dDuk
B+HKxhrztuMZOA8bwCSucfC6Jskobr5mLHUXkB+m4Dz8Z8BsDleBFgrCbw3AEVpH
6KqK2UKlubH3fewxP+AzhBAoT127DMDV1xbx31cqEYByhWU3t7JsFWCOy9OihPu0
2bDofc6G8kB+oiHo1L3CTwil4lpQ+7WvN+vqXgqz5wKadsJ5M2b9
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:50 2024 by rpki-client on console-fra.rpki-client.org