Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31352e302f32342d3234203d3e203135343139.roa
File: 38392e3131362e31352e302f32342d3234203d3e203135343139.roa (raw, json)
Hash identifier: DRa+aO7PfiWNiVUAYWYYHBzJhLs+CludiMSn8iGHVjs=
Subject key identifier: 6E:B0:97:A9:E5:4E:2D:CC:8F:27:D4:66:9B:73:12:45:C6:1B:EA:B6
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 5CE846ADD7B8E47F0CEA7F7BCDB1E5D2583ADF7A
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31352e302f32342d3234203d3e203135343139.roa
Signing time: Fri 07 Jun 2024 09:01:53 +0000
ROA not before: Fri 07 Jun 2024 08:56:53 +0000
ROA not after: Fri 06 Jun 2025 09:01:53 +0000
asID: 15419
IP address blocks: 89.116.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:e8:46:ad:d7:b8:e4:7f:0c:ea:7f:7b:cd:b1:e5:d2:58:3a:df:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jun 7 08:56:53 2024 GMT
Not After : Jun 6 09:01:53 2025 GMT
Subject: CN=6EB097A9E54E2DCC8F27D4669B731245C61BEAB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:56:33:d3:56:e5:3b:23:e6:50:88:a4:e3:e3:
49:69:b4:5b:d6:91:d7:0e:fb:1b:c2:c7:d9:08:7a:
3a:ac:3a:4c:e4:c0:0a:bb:e3:05:9d:e8:51:ad:b5:
e5:98:e6:eb:f5:01:25:60:e2:86:76:53:1b:f4:90:
38:73:bc:3d:71:f0:4c:fa:08:fc:d5:53:49:77:a8:
d0:11:dc:8b:01:e0:78:12:5c:20:1c:1b:16:1d:ed:
2b:52:bb:4e:0f:ca:39:79:cf:cf:c2:2a:46:d5:35:
2b:fb:0b:d7:3e:f7:12:da:14:35:5f:bb:6c:4f:06:
a8:20:13:d9:d0:5c:6f:ca:d4:c0:7a:d4:51:b6:88:
d2:f2:36:50:65:ea:73:b7:5e:10:a7:e9:e0:25:f2:
bd:cc:44:c7:35:1e:d9:e2:49:32:ab:dc:34:af:ba:
15:a8:4d:ee:4c:51:58:a6:af:bd:80:75:96:b7:b2:
88:e4:5c:c5:6e:8b:60:f0:3a:c8:74:45:1e:02:3d:
6b:cb:9c:fa:6d:2f:de:93:f0:15:22:7b:b7:4c:6d:
71:01:c1:58:10:46:96:ee:96:5f:dc:23:8c:df:c8:
72:4f:90:8e:ef:3b:7c:35:98:3b:9a:68:67:94:54:
06:ad:a8:70:c3:04:42:7c:79:62:9e:e4:20:c2:ef:
b4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:B0:97:A9:E5:4E:2D:CC:8F:27:D4:66:9B:73:12:45:C6:1B:EA:B6
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31352e302f32342d3234203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.15.0/24
Signature Algorithm: sha256WithRSAEncryption
38:91:3d:75:55:cf:0b:94:e1:3b:cb:c2:58:95:3d:6c:73:c7:
11:e8:d6:05:e1:cf:17:e8:7f:01:25:ab:f2:28:be:d5:72:49:
f7:71:7b:f3:ee:41:97:38:5e:fa:b3:aa:3e:00:28:f6:d3:9b:
74:53:11:fa:bc:ab:77:57:57:9e:fa:14:c5:90:22:cc:10:c9:
64:8f:c9:49:af:1c:c4:9c:7b:f2:14:ce:66:ee:e1:94:88:62:
f2:96:8b:f9:d1:e9:ee:46:51:0d:fa:90:5e:a6:81:5f:fe:76:
ea:f7:b5:51:59:49:65:ad:58:ad:8b:95:fe:42:de:91:30:c9:
0f:88:f3:be:cc:05:cd:17:5e:13:19:39:d2:ff:f5:0b:6f:e7:
cf:c4:1e:fc:33:21:97:5b:a7:8b:e9:6a:cb:16:48:36:70:dc:
8e:14:a1:54:2f:f0:db:a8:d2:8b:e8:d9:9b:b5:52:1f:a7:3d:
c7:cf:92:82:c8:f2:66:b6:ee:a7:9d:5c:f0:22:f7:8d:ec:44:
f9:7c:58:67:4f:54:79:e7:f9:4d:24:7d:b5:e0:8d:00:f3:4b:
59:01:e7:80:94:43:1b:9e:93:e4:d0:11:c9:e7:54:53:45:a9:
88:c8:e3:7d:f2:ae:57:f3:4d:02:51:36:93:81:b8:c5:7e:86:
a1:d3:de:da
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUXOhGrde45H8M6n97zbHl0lg633owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNDA2MDcwODU2NTNaFw0yNTA2MDYwOTAxNTNaMDMxMTAvBgNV
BAMTKDZFQjA5N0E5RTU0RTJEQ0M4RjI3RDQ2NjlCNzMxMjQ1QzYxQkVBQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwVjPTVuU7I+ZQiKTj40lptFvW
kdcO+xvCx9kIejqsOkzkwAq74wWd6FGtteWY5uv1ASVg4oZ2Uxv0kDhzvD1x8Ez6
CPzVU0l3qNAR3IsB4HgSXCAcGxYd7StSu04Pyjl5z8/CKkbVNSv7C9c+9xLaFDVf
u2xPBqggE9nQXG/K1MB61FG2iNLyNlBl6nO3XhCn6eAl8r3MRMc1HtniSTKr3DSv
uhWoTe5MUVimr72AdZa3sojkXMVui2DwOsh0RR4CPWvLnPptL96T8BUie7dMbXEB
wVgQRpbull/cI4zfyHJPkI7vO3w1mDuaaGeUVAatqHDDBEJ8eWKe5CDC77R9AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUbrCXqeVOLcyPJ9Rmm3MSRcYb6rYwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzOTJlMzEzMTM2MmUzMTM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFl0
DzANBgkqhkiG9w0BAQsFAAOCAQEAOJE9dVXPC5ThO8vCWJU9bHPHEejWBeHPF+h/
ASWr8ii+1XJJ93F78+5Blzhe+rOqPgAo9tObdFMR+ryrd1dXnvoUxZAizBDJZI/J
Sa8cxJx78hTOZu7hlIhi8paL+dHp7kZRDfqQXqaBX/526ve1UVlJZa1YrYuV/kLe
kTDJD4jzvswFzRdeExk50v/1C2/nz8Qe/DMhl1uni+lqyxZINnDcjhShVC/w26jS
i+jZm7VSH6c9x8+SgsjyZrbup51c8CL3jexE+XxYZ09Ueef5TSR9teCNAPNLWQHn
gJRDG56T5NARyedUU0WpiMjjffKuV/NNAlE2k4G4xX6GodPe2g==
-----END CERTIFICATE-----
Generated at Mon Nov 25 14:29:08 2024 by rpki-client on console-ams.rpki-client.org