Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e3131362e302f32322d3232203d3e203135343139.roa
File: 38392e3131362e3131362e302f32322d3232203d3e203135343139.roa (raw, json)
Hash identifier: 2KedoZjsIqS/Z5u2ZKI6scofUoRYRc7bYw1os8PNF44=
Subject key identifier: 88:B7:E2:68:3A:98:95:7F:C6:4C:1D:29:07:12:AB:E7:37:75:FC:3F
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 08541A927F6864419BC12F0997A5600EDF9AEF57
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e3131362e302f32322d3232203d3e203135343139.roa
Signing time: Fri 07 Jul 2023 08:08:16 +0000
ROA not before: Fri 07 Jul 2023 08:03:16 +0000
ROA not after: Fri 05 Jul 2024 08:08:16 +0000
asID: 15419
IP address blocks: 89.116.116.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:54:1a:92:7f:68:64:41:9b:c1:2f:09:97:a5:60:0e:df:9a:ef:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jul 7 08:03:16 2023 GMT
Not After : Jul 5 08:08:16 2024 GMT
Subject: CN=88B7E2683A98957FC64C1D290712ABE73775FC3F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fc:ab:a5:e7:b3:77:85:94:ce:44:d6:84:7c:
3e:fd:9e:42:43:0e:8b:aa:c2:a0:f8:4a:c7:d1:b5:
2a:3b:fe:28:b7:75:b3:fd:b9:d4:6a:95:b7:e0:f6:
30:70:ba:2b:f5:44:3d:38:cf:1c:89:a3:ed:d1:24:
6c:a9:53:f5:e4:8e:5e:ae:5a:e8:38:fb:58:60:ad:
0c:b1:86:f3:0a:1c:48:f3:8e:e2:72:0b:4d:45:70:
d2:a2:73:c9:fd:b9:9e:32:ef:1e:ca:a9:de:69:38:
6e:43:dd:d4:d2:24:73:a6:7d:40:a0:26:f9:6d:3b:
fa:e9:37:38:81:3a:fb:e9:0f:b6:c2:be:b7:d6:5a:
d2:d0:66:bb:8e:46:e3:07:46:5f:7e:df:51:f1:b5:
5c:54:55:32:c3:28:a8:e1:63:12:db:5a:4e:1c:75:
5b:70:1a:0e:cf:3d:14:19:3f:ed:cb:7a:39:99:c7:
65:ec:5a:2f:cd:e2:ed:0d:2d:64:4c:1a:f1:64:65:
97:41:02:15:f0:67:5a:ba:db:2b:04:cb:ec:20:c6:
e4:fa:53:3d:9f:b9:b1:6b:d5:fa:48:ea:24:e5:c7:
0e:62:1d:92:42:17:25:5e:ac:6d:77:c4:20:57:83:
a0:ae:33:35:1e:e6:2e:a3:f2:a1:be:7d:0d:40:ae:
6e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:B7:E2:68:3A:98:95:7F:C6:4C:1D:29:07:12:AB:E7:37:75:FC:3F
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e3131362e302f32322d3232203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.116.0/22
Signature Algorithm: sha256WithRSAEncryption
72:46:3d:e0:7a:09:5e:4f:4a:d8:ba:9d:76:61:92:d2:10:d5:
6a:39:b4:66:df:8e:2a:f5:b9:c4:ea:d5:81:a9:11:4e:12:05:
d4:d7:eb:bd:30:39:2a:b2:ea:43:dd:13:7b:41:bf:64:4b:0c:
26:97:60:f7:a4:49:4e:74:4f:ac:f4:eb:79:1c:24:8c:10:28:
71:a4:a1:b9:1c:6a:0a:b7:f7:9c:03:3b:f4:ef:f4:6b:c0:3a:
14:53:f2:17:7b:b7:39:11:58:f9:d7:55:cd:ee:40:bb:d8:96:
7e:c7:f4:87:22:20:3a:79:c9:94:4d:6c:78:ee:ea:3d:14:33:
5c:67:1c:bf:59:a6:be:df:3c:3f:10:f4:b2:8b:64:5b:af:83:
23:3b:82:c7:04:3e:56:83:3b:45:88:54:cb:21:75:e8:04:64:
bf:26:24:79:25:a8:c1:af:b0:0d:e3:26:b7:a5:31:94:34:1f:
bb:f1:95:ea:50:33:28:0e:08:f9:c5:45:61:98:c9:2b:1d:af:
f1:14:a3:75:8a:a7:07:eb:75:f0:57:d4:da:26:96:11:39:8b:
0b:07:f8:c6:44:bc:3c:2b:ac:e0:56:bc:a5:58:76:d8:9c:41:
0a:a3:9b:7e:a2:af:87:cc:5d:e0:c8:6f:0e:64:78:ff:c7:27:
cc:d2:9c:b2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCFQakn9oZEGbwS8Jl6VgDt+a71cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yMzA3MDcwODAzMTZaFw0yNDA3MDUwODA4MTZaMDMxMTAvBgNV
BAMTKDg4QjdFMjY4M0E5ODk1N0ZDNjRDMUQyOTA3MTJBQkU3Mzc3NUZDM0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz/Kul57N3hZTORNaEfD79nkJD
DouqwqD4SsfRtSo7/ii3dbP9udRqlbfg9jBwuiv1RD04zxyJo+3RJGypU/Xkjl6u
Wug4+1hgrQyxhvMKHEjzjuJyC01FcNKic8n9uZ4y7x7Kqd5pOG5D3dTSJHOmfUCg
JvltO/rpNziBOvvpD7bCvrfWWtLQZruORuMHRl9+31HxtVxUVTLDKKjhYxLbWk4c
dVtwGg7PPRQZP+3LejmZx2XsWi/N4u0NLWRMGvFkZZdBAhXwZ1q62ysEy+wgxuT6
Uz2fubFr1fpI6iTlxw5iHZJCFyVerG13xCBXg6CuMzUe5i6j8qG+fQ1Arm7bAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUiLfiaDqYlX/GTB0pBxKr5zd1/D8wHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzOTJlMzEzMTM2MmUzMTMx
MzYyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMTM1MzQzMTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
WXR0MA0GCSqGSIb3DQEBCwUAA4IBAQByRj3gegleT0rYup12YZLSENVqObRm344q
9bnE6tWBqRFOEgXU1+u9MDkqsupD3RN7Qb9kSwwml2D3pElOdE+s9Ot5HCSMEChx
pKG5HGoKt/ecAzv07/RrwDoUU/IXe7c5EVj511XN7kC72JZ+x/SHIiA6ecmUTWx4
7uo9FDNcZxy/Waa+3zw/EPSyi2Rbr4MjO4LHBD5WgztFiFTLIXXoBGS/JiR5JajB
r7AN4ya3pTGUNB+78ZXqUDMoDgj5xUVhmMkrHa/xFKN1iqcH63XwV9TaJpYROYsL
B/jGRLw8K6zgVrylWHbYnEEKo5t+oq+HzF3gyG8OZHj/xyfM0pyy
-----END CERTIFICATE-----
Generated at Fri May 17 13:32:17 2024 by rpki-client on console-fra.rpki-client.org