Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31322e302f32332d3233203d3e203135343139.roa
File: 38392e3131362e31322e302f32332d3233203d3e203135343139.roa (raw, json)
Hash identifier: +Vx7cPWX17QUm5q4oEHBBrGiQvI6E8LOHxd5Tzb+tsE=
Subject key identifier: 77:96:B0:E1:7B:C2:62:23:A3:22:D8:19:F1:54:64:9F:F8:9D:AF:6F
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 6E1B6A8067AC0040AFC0FEA8445DA3A76C3B01A8
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31322e302f32332d3233203d3e203135343139.roa
Signing time: Fri 07 Jun 2024 09:01:54 +0000
ROA not before: Fri 07 Jun 2024 08:56:54 +0000
ROA not after: Fri 06 Jun 2025 09:01:54 +0000
asID: 15419
IP address blocks: 89.116.12.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:1b:6a:80:67:ac:00:40:af:c0:fe:a8:44:5d:a3:a7:6c:3b:01:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jun 7 08:56:54 2024 GMT
Not After : Jun 6 09:01:54 2025 GMT
Subject: CN=7796B0E17BC26223A322D819F154649FF89DAF6F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8f:bc:e4:a6:fd:31:8b:a0:62:ef:d5:f4:79:
d5:d6:f2:c3:a2:be:1f:5b:6f:e7:20:e2:1b:75:4b:
a8:d7:55:04:b5:07:2d:dc:40:00:2d:11:cd:f6:cc:
46:39:80:4a:51:9a:29:d4:e5:92:b0:c9:96:0e:3b:
0d:c5:ca:34:e1:19:9e:8c:41:22:54:6e:44:b6:ec:
25:0b:6f:d3:27:d4:99:7e:b8:9e:86:69:3d:b9:f5:
7f:e2:7c:a5:03:80:1f:81:c7:12:3a:c4:c8:6f:97:
d2:04:f7:bf:01:9b:11:5b:60:9b:83:6a:47:26:69:
5b:c5:5e:67:8f:bc:d2:fb:1f:c3:f7:38:06:8d:ae:
42:27:6a:55:2c:dd:c9:6e:72:15:8b:fb:25:42:92:
ac:c5:81:67:c0:ad:04:d1:3b:76:e7:0b:55:3f:8a:
3b:e6:21:b0:11:f1:d5:66:35:0a:20:79:ca:67:40:
84:e3:7b:96:33:12:3c:a4:de:43:10:9d:4e:a4:2b:
b2:5f:73:98:4a:c2:53:55:de:5d:9c:af:25:58:66:
15:21:bb:4c:48:ae:18:a9:03:f2:8e:9c:db:6f:7a:
a9:3b:cc:50:fd:54:38:d2:96:9e:13:cd:8f:1f:f2:
1d:3c:a3:f1:91:21:ea:32:b2:86:f8:4c:10:a1:8e:
b6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:96:B0:E1:7B:C2:62:23:A3:22:D8:19:F1:54:64:9F:F8:9D:AF:6F
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31322e302f32332d3233203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.12.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:ff:27:ee:b0:87:cf:96:e0:8b:ec:4d:81:6e:8a:4e:c6:97:
87:44:01:d8:6f:68:5c:9b:fd:e9:3c:03:db:b8:46:db:7a:04:
9f:a3:97:a2:20:48:fc:f9:d2:32:2a:49:69:89:0a:f8:93:11:
90:26:8f:6b:a8:51:8d:9f:32:00:7a:e5:f2:dc:d8:82:7e:5d:
33:9d:93:42:65:cb:07:a6:ae:fb:06:06:83:aa:3b:b7:58:fb:
63:a6:08:80:b4:92:31:e0:51:f9:22:4f:06:21:76:8d:54:d0:
46:fb:b6:6c:43:87:0b:95:54:4e:dd:a7:af:e1:13:aa:f8:4b:
5e:e8:7f:0b:88:9c:5a:00:60:f4:d5:8c:b4:a9:55:8d:13:2a:
06:e0:c1:d4:a9:bc:76:62:61:5d:57:44:06:c4:61:5e:60:00:
ce:95:b4:ec:29:c9:af:d2:38:a6:8c:0c:ff:a1:e6:c2:40:48:
5f:a8:b3:a2:5b:01:af:bb:41:0e:6b:d9:fe:7d:1e:ab:48:30:
cd:dd:f5:b6:9d:40:1e:c8:a5:2c:80:06:39:6f:e4:66:fa:79:
61:48:20:c4:d5:a3:53:15:5a:95:a7:cb:2b:f6:99:3f:4e:2a:
93:d7:d6:90:53:f2:2e:65:57:93:80:e1:60:1f:45:67:f3:cb:
13:91:6c:b7
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUbhtqgGesAECvwP6oRF2jp2w7AagwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNDA2MDcwODU2NTRaFw0yNTA2MDYwOTAxNTRaMDMxMTAvBgNV
BAMTKDc3OTZCMEUxN0JDMjYyMjNBMzIyRDgxOUYxNTQ2NDlGRjg5REFGNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQj7zkpv0xi6Bi79X0edXW8sOi
vh9bb+cg4ht1S6jXVQS1By3cQAAtEc32zEY5gEpRminU5ZKwyZYOOw3FyjThGZ6M
QSJUbkS27CULb9Mn1Jl+uJ6GaT259X/ifKUDgB+BxxI6xMhvl9IE978BmxFbYJuD
akcmaVvFXmePvNL7H8P3OAaNrkInalUs3cluchWL+yVCkqzFgWfArQTRO3bnC1U/
ijvmIbAR8dVmNQogecpnQITje5YzEjyk3kMQnU6kK7Jfc5hKwlNV3l2cryVYZhUh
u0xIrhipA/KOnNtveqk7zFD9VDjSlp4TzY8f8h08o/GRIeoysob4TBChjrYpAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUd5aw4XvCYiOjItgZ8VRkn/idr28wHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzOTJlMzEzMTM2MmUzMTMy
MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVl0
DDANBgkqhkiG9w0BAQsFAAOCAQEAW/8n7rCHz5bgi+xNgW6KTsaXh0QB2G9oXJv9
6TwD27hG23oEn6OXoiBI/PnSMipJaYkK+JMRkCaPa6hRjZ8yAHrl8tzYgn5dM52T
QmXLB6au+wYGg6o7t1j7Y6YIgLSSMeBR+SJPBiF2jVTQRvu2bEOHC5VUTt2nr+ET
qvhLXuh/C4icWgBg9NWMtKlVjRMqBuDB1Km8dmJhXVdEBsRhXmAAzpW07CnJr9I4
powM/6HmwkBIX6izolsBr7tBDmvZ/n0eq0gwzd31tp1AHsilLIAGOW/kZvp5YUgg
xNWjUxValafLK/aZP04qk9fWkFPyLmVXk4DhYB9FZ/PLE5Fstw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:15 2024 by rpki-client on console-ams.rpki-client.org