Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31322e302f32332d3233203d3e203135343139.roa
File: 38392e3131362e31322e302f32332d3233203d3e203135343139.roa (raw, json)
Hash identifier: gR/LokfWMESnLIj+2pTDgelwBH9gp7u/TXi46OlVsTM=
Subject key identifier: 17:8B:3A:EA:A6:80:AB:F5:60:47:72:83:98:DB:FF:05:09:DB:DB:22
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 986C8F00D2EE55C4845F01423E17DEE2D0F11D
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31322e302f32332d3233203d3e203135343139.roa
Signing time: Fri 07 Jul 2023 08:08:17 +0000
ROA not before: Fri 07 Jul 2023 08:03:17 +0000
ROA not after: Fri 05 Jul 2024 08:08:17 +0000
asID: 15419
IP address blocks: 89.116.12.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
98:6c:8f:00:d2:ee:55:c4:84:5f:01:42:3e:17:de:e2:d0:f1:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jul 7 08:03:17 2023 GMT
Not After : Jul 5 08:08:17 2024 GMT
Subject: CN=178B3AEAA680ABF56047728398DBFF0509DBDB22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:d0:90:b1:29:dc:f1:64:c4:51:58:2d:48:74:
a7:3b:62:0d:ec:29:7f:7c:bd:08:ec:86:6f:eb:bd:
15:20:2d:f3:83:38:c9:ed:00:38:38:5f:6d:bc:08:
b6:80:e4:42:ca:3b:43:ac:59:37:77:3a:4e:3c:67:
ae:df:10:8f:2d:c0:be:b1:81:25:a4:c9:ad:ee:e0:
19:44:ad:a8:3f:d0:e4:55:ac:f4:0a:d2:50:8c:05:
8d:f9:3a:ae:cb:d1:21:4a:10:73:3a:c1:bf:11:00:
8d:4d:eb:e6:38:1f:1b:36:ce:75:27:5c:e3:08:23:
7e:78:07:2b:f1:0a:99:76:1d:13:b2:64:81:68:79:
dd:f5:df:de:ea:cb:a3:31:ee:07:e2:66:8e:bf:f9:
58:2a:4d:bf:07:69:4f:5e:10:5d:b3:e9:38:50:fc:
0b:71:7f:f7:c4:7b:d7:cd:6e:cc:5f:0a:a5:ef:11:
48:70:21:03:18:24:a7:ca:2d:20:e7:01:b1:d5:38:
07:87:40:b0:b3:12:26:bd:85:21:f5:f6:58:af:50:
83:92:5d:0c:dc:a2:23:fb:f9:6e:4f:3e:f3:ea:29:
e4:fb:99:d3:80:9c:54:bf:6c:18:85:15:d0:00:43:
86:92:ce:4e:60:5b:ff:c1:cd:c4:25:ba:be:13:84:
f1:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:8B:3A:EA:A6:80:AB:F5:60:47:72:83:98:DB:FF:05:09:DB:DB:22
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31322e302f32332d3233203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.12.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:6f:94:4b:6d:b1:76:bf:e2:ce:81:5d:51:c2:93:94:c5:f9:
23:d0:a8:2d:81:7a:3d:37:b0:95:e2:4e:7b:c7:68:c9:81:59:
8c:b0:40:88:96:74:6e:1b:50:58:c0:d8:d5:63:d4:ec:e0:bf:
bf:37:f3:c1:53:74:1f:23:bb:ec:3a:38:2b:48:04:30:99:17:
c0:4a:34:55:ad:34:bc:6e:e4:e7:27:d6:9f:82:1e:95:4a:5c:
42:b2:45:cf:66:cf:2d:74:55:cd:a7:e8:55:49:93:fd:54:7a:
f0:1d:d4:d2:5b:61:c3:7a:48:d3:1b:77:c0:15:d5:a9:08:48:
fc:b4:d2:28:9f:d4:2c:40:d2:06:fb:3c:5b:3f:23:41:b8:30:
2a:e6:c5:79:80:1a:e5:28:49:e4:19:a5:5a:6b:c1:8e:8e:88:
47:04:8e:41:21:d6:cf:31:53:65:ca:54:49:44:08:39:7b:3e:
06:34:dd:6f:6a:4e:38:55:e4:73:1f:82:ac:09:9b:9b:bc:3f:
30:16:64:d0:69:3e:0c:71:2e:99:e1:31:de:ac:79:f7:6b:42:
b7:e4:42:39:7c:bf:bf:01:42:71:cb:ae:b5:02:33:2b:e7:2f:
8c:e1:5b:36:27:c3:f9:d4:06:9f:11:f7:db:8e:21:af:d2:b5:
34:cd:58:8f
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUAJhsjwDS7lXEhF8BQj4X3uLQ8R0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yMzA3MDcwODAzMTdaFw0yNDA3MDUwODA4MTdaMDMxMTAvBgNV
BAMTKDE3OEIzQUVBQTY4MEFCRjU2MDQ3NzI4Mzk4REJGRjA1MDlEQkRCMjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT0JCxKdzxZMRRWC1IdKc7Yg3s
KX98vQjshm/rvRUgLfODOMntADg4X228CLaA5ELKO0OsWTd3Ok48Z67fEI8twL6x
gSWkya3u4BlErag/0ORVrPQK0lCMBY35Oq7L0SFKEHM6wb8RAI1N6+Y4Hxs2znUn
XOMII354ByvxCpl2HROyZIFoed31397qy6Mx7gfiZo6/+VgqTb8HaU9eEF2z6ThQ
/Atxf/fEe9fNbsxfCqXvEUhwIQMYJKfKLSDnAbHVOAeHQLCzEia9hSH19livUIOS
XQzcoiP7+W5PPvPqKeT7mdOAnFS/bBiFFdAAQ4aSzk5gW//BzcQlur4ThPELAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUF4s66qaAq/VgR3KDmNv/BQnb2yIwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzOTJlMzEzMTM2MmUzMTMy
MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVl0
DDANBgkqhkiG9w0BAQsFAAOCAQEAfG+US22xdr/izoFdUcKTlMX5I9CoLYF6PTew
leJOe8doyYFZjLBAiJZ0bhtQWMDY1WPU7OC/vzfzwVN0HyO77Do4K0gEMJkXwEo0
Va00vG7k5yfWn4IelUpcQrJFz2bPLXRVzafoVUmT/VR68B3U0lthw3pI0xt3wBXV
qQhI/LTSKJ/ULEDSBvs8Wz8jQbgwKubFeYAa5ShJ5BmlWmvBjo6IRwSOQSHWzzFT
ZcpUSUQIOXs+BjTdb2pOOFXkcx+CrAmbm7w/MBZk0Gk+DHEumeEx3qx592tCt+RC
OXy/vwFCccuutQIzK+cvjOFbNifD+dQGnxH3244hr9K1NM1Yjw==
-----END CERTIFICATE-----
Generated at Fri May 17 13:32:17 2024 by rpki-client on console-fra.rpki-client.org