Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31352e302f32342d3234203d3e203135343139.roa
File: 38392e3131362e31352e302f32342d3234203d3e203135343139.roa (raw, json)
Hash identifier: QPZQLVOhfep2eSy91Ni75k8palTbuqH2cMFGoGjEWTE=
Subject key identifier: 41:6C:B9:33:20:D5:0C:01:3F:A6:2D:E5:92:9C:CE:67:74:C1:BA:7D
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 3C4C62A7E4B134A8EAC48ED433A1FF181B90A228
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31352e302f32342d3234203d3e203135343139.roa
Signing time: Fri 07 Jul 2023 08:08:16 +0000
ROA not before: Fri 07 Jul 2023 08:03:16 +0000
ROA not after: Fri 05 Jul 2024 08:08:16 +0000
asID: 15419
IP address blocks: 89.116.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:4c:62:a7:e4:b1:34:a8:ea:c4:8e:d4:33:a1:ff:18:1b:90:a2:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jul 7 08:03:16 2023 GMT
Not After : Jul 5 08:08:16 2024 GMT
Subject: CN=416CB93320D50C013FA62DE5929CCE6774C1BA7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5a:0d:84:69:99:08:a6:ef:30:f1:7d:87:bf:
c9:25:d0:58:b2:28:97:55:f3:d7:89:d6:8b:32:86:
bb:f8:87:8c:c7:e5:55:ab:7e:a7:ae:93:7e:2f:70:
a1:38:c3:9d:fd:24:b6:4e:4f:29:19:4d:07:11:d4:
b2:74:56:13:68:51:b9:d6:b8:46:9f:ae:a9:8e:85:
a9:ee:23:ae:4a:a6:0e:c4:d6:7e:21:01:ca:70:a9:
d4:7d:89:50:3a:34:3a:97:15:1f:f2:c9:e4:3e:41:
f4:3f:96:f7:61:3f:9d:eb:22:55:6d:44:a4:fd:f2:
29:c6:5a:05:3e:35:ae:96:b0:c6:13:c8:e2:9b:fd:
ad:06:94:12:2d:26:67:bb:db:07:51:2d:41:cd:3c:
85:52:a5:82:91:3b:80:b7:a9:16:a3:97:69:8e:a4:
89:8d:84:80:04:43:aa:8b:17:d4:9a:e6:4f:ab:5f:
38:3d:d5:d0:2d:31:ac:7c:07:6d:65:4d:b0:34:1f:
f6:08:a4:c1:bf:77:93:4c:47:6d:36:7a:09:95:18:
37:99:1a:c2:20:01:c2:0c:3e:85:9f:1d:4b:f0:b8:
b1:98:46:51:dc:96:be:d6:c2:02:8d:ba:57:99:73:
50:5e:5d:af:fb:4f:30:93:5a:de:80:e8:f6:b6:d5:
55:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:6C:B9:33:20:D5:0C:01:3F:A6:2D:E5:92:9C:CE:67:74:C1:BA:7D
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31352e302f32342d3234203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.15.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:a4:23:87:d8:56:23:02:e2:d2:99:75:f4:87:9b:bd:21:34:
38:c2:00:3c:7c:fb:0b:61:6c:35:21:b7:f8:6f:c2:40:06:b3:
e9:b0:a6:d7:28:74:a1:e5:2e:d0:0d:62:8e:12:29:00:ab:30:
a2:b5:5e:50:b2:85:e7:87:13:b8:fe:71:81:b1:95:cf:f9:dc:
7d:b0:bb:0d:b6:f0:04:d3:e7:c7:ca:6f:79:b0:7b:9f:5f:6c:
e9:1b:eb:f7:5d:01:73:d5:44:2c:98:de:67:5d:16:a2:53:06:
19:9a:96:7d:21:93:30:94:db:17:59:80:d3:8b:36:03:89:77:
d0:0d:bf:9a:af:6c:b1:a0:8e:0f:94:ee:f5:f6:5c:1e:2c:10:
71:93:6a:f8:8c:65:0a:14:12:92:39:4f:06:2e:17:61:cd:9c:
c1:8b:34:f0:01:f0:03:f0:99:87:97:f6:68:19:ab:e3:43:9b:
04:3e:d7:5d:e8:ab:30:ca:c2:a5:5c:c7:3b:a4:5f:54:23:52:
a0:12:0b:4e:95:18:ce:7c:22:f4:74:2f:1c:88:47:06:54:70:
0b:0c:9c:06:d5:c5:72:92:4a:6d:fb:4d:90:4e:5f:8f:35:d5:
87:d7:50:1e:e4:40:44:94:fc:10:ee:72:51:dd:ae:49:02:2f:
17:63:c8:6b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUPExip+SxNKjqxI7UM6H/GBuQoigwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yMzA3MDcwODAzMTZaFw0yNDA3MDUwODA4MTZaMDMxMTAvBgNV
BAMTKDQxNkNCOTMzMjBENTBDMDEzRkE2MkRFNTkyOUNDRTY3NzRDMUJBN0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJWg2EaZkIpu8w8X2Hv8kl0Fiy
KJdV89eJ1osyhrv4h4zH5VWrfqeuk34vcKE4w539JLZOTykZTQcR1LJ0VhNoUbnW
uEafrqmOhanuI65Kpg7E1n4hAcpwqdR9iVA6NDqXFR/yyeQ+QfQ/lvdhP53rIlVt
RKT98inGWgU+Na6WsMYTyOKb/a0GlBItJme72wdRLUHNPIVSpYKRO4C3qRajl2mO
pImNhIAEQ6qLF9Sa5k+rXzg91dAtMax8B21lTbA0H/YIpMG/d5NMR202egmVGDeZ
GsIgAcIMPoWfHUvwuLGYRlHclr7WwgKNuleZc1BeXa/7TzCTWt6A6Pa21VURAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUQWy5MyDVDAE/pi3lkpzOZ3TBun0wHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzOTJlMzEzMTM2MmUzMTM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFl0
DzANBgkqhkiG9w0BAQsFAAOCAQEATaQjh9hWIwLi0pl19IebvSE0OMIAPHz7C2Fs
NSG3+G/CQAaz6bCm1yh0oeUu0A1ijhIpAKsworVeULKF54cTuP5xgbGVz/ncfbC7
DbbwBNPnx8pvebB7n19s6Rvr910Bc9VELJjeZ10WolMGGZqWfSGTMJTbF1mA04s2
A4l30A2/mq9ssaCOD5Tu9fZcHiwQcZNq+IxlChQSkjlPBi4XYc2cwYs08AHwA/CZ
h5f2aBmr40ObBD7XXeirMMrCpVzHO6RfVCNSoBILTpUYznwi9HQvHIhHBlRwCwyc
BtXFcpJKbftNkE5fjzXVh9dQHuRARJT8EO5yUd2uSQIvF2PIaw==
-----END CERTIFICATE-----
Generated at Fri May 17 13:32:17 2024 by rpki-client on console-fra.rpki-client.org