Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31362e302f32332d3233203d3e203135343139.roa
File: 38392e3131362e31362e302f32332d3233203d3e203135343139.roa (raw, json)
Hash identifier: My3yqf8SZAlUZtlcB3JmnWpb3SRX7htkUcZxm6LuIxA=
Subject key identifier: 80:F8:95:EA:A5:7C:25:C4:61:4C:9B:D1:CA:80:E5:4A:44:72:8E:A3
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 6E8C390FB431E23E9CA30525E7F23F7731974437
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31362e302f32332d3233203d3e203135343139.roa
Signing time: Fri 07 Jun 2024 09:01:56 +0000
ROA not before: Fri 07 Jun 2024 08:56:56 +0000
ROA not after: Fri 06 Jun 2025 09:01:56 +0000
asID: 15419
IP address blocks: 89.116.16.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:8c:39:0f:b4:31:e2:3e:9c:a3:05:25:e7:f2:3f:77:31:97:44:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jun 7 08:56:56 2024 GMT
Not After : Jun 6 09:01:56 2025 GMT
Subject: CN=80F895EAA57C25C4614C9BD1CA80E54A44728EA3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b1:ca:8e:ca:d3:91:4e:36:a5:9d:a2:7d:d4:
f6:f4:89:b0:fc:82:ca:ae:47:31:25:8a:54:a5:25:
cf:a2:1f:8d:9f:de:be:2c:e4:52:ef:43:16:92:38:
c3:76:94:42:0d:49:95:11:e6:e4:4d:35:82:4e:29:
68:71:cd:4a:cf:a3:e6:30:6d:cd:4a:4c:85:24:81:
f2:f4:32:f9:c7:94:cf:ef:be:32:39:dc:01:43:6a:
1d:eb:c9:b4:77:9c:c4:f5:e5:40:ff:c5:b9:fb:32:
a9:93:0a:55:91:82:56:f2:4e:b2:00:73:95:cd:85:
be:45:d4:36:da:1e:ee:2d:af:11:85:23:6f:65:08:
f5:e6:4d:01:bb:cc:3e:4a:61:53:d3:03:92:74:55:
d8:49:67:f4:f2:45:74:86:1b:53:5a:3d:cc:b4:c3:
ae:8c:3c:6d:7a:51:ba:89:88:f8:6e:d0:f2:96:57:
86:5d:b2:2b:5b:55:0b:70:9d:e2:6f:42:69:93:49:
d1:3b:ef:49:57:c4:78:64:53:a2:84:1f:7b:ef:e9:
80:dc:f0:27:40:b9:6d:1f:c8:52:e0:21:75:4c:27:
0e:47:f6:ca:5d:57:de:c7:a0:d1:77:6b:5a:a0:4e:
6a:ce:aa:3e:6f:c1:57:9c:8b:76:1a:4e:54:45:2c:
cb:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:F8:95:EA:A5:7C:25:C4:61:4C:9B:D1:CA:80:E5:4A:44:72:8E:A3
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31362e302f32332d3233203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.16.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:8b:97:db:cb:5b:09:b0:a3:44:84:96:6e:4b:ec:58:d4:8b:
47:21:12:6c:f4:20:91:23:fc:f4:14:14:42:65:e3:ab:8f:43:
c6:a7:11:1e:67:73:37:a3:87:c7:74:5f:ac:6b:ce:a5:29:e8:
ac:36:bf:10:1b:b0:ab:7b:3d:a9:47:4a:0f:f0:c5:df:98:1e:
db:32:c1:89:f7:75:bb:6a:6a:6f:8e:22:c0:cc:e1:ca:12:2e:
fb:c5:7b:fd:3c:d1:61:83:e6:dd:66:db:1e:e2:2f:70:29:22:
3f:01:f5:8a:11:27:c6:7b:6b:e2:33:4c:a5:9b:d3:6e:68:99:
d1:2d:df:c0:9f:08:b7:44:14:bf:2c:3e:c6:93:58:dd:f4:f2:
50:16:ed:1b:60:6b:c9:9a:94:21:4a:14:15:1e:95:6a:39:67:
86:fd:fa:8b:78:9a:76:7d:07:b5:c4:00:0e:f7:99:0e:32:13:
23:a4:58:4f:9a:8a:7c:4c:71:96:4c:6d:3c:0d:55:bb:2d:3a:
70:b5:2f:31:f0:73:dc:88:38:b0:91:40:24:d5:de:8b:d3:ef:
8c:5a:f8:e1:0b:b7:ac:ca:74:b3:43:48:70:03:f5:8f:e0:2c:
fc:f1:2a:8a:95:d9:bc:0e:45:1e:b6:ec:07:97:f9:31:da:25:
8a:d5:24:96
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUbow5D7Qx4j6cowUl5/I/dzGXRDcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNDA2MDcwODU2NTZaFw0yNTA2MDYwOTAxNTZaMDMxMTAvBgNV
BAMTKDgwRjg5NUVBQTU3QzI1QzQ2MTRDOUJEMUNBODBFNTRBNDQ3MjhFQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqscqOytORTjalnaJ91Pb0ibD8
gsquRzElilSlJc+iH42f3r4s5FLvQxaSOMN2lEINSZUR5uRNNYJOKWhxzUrPo+Yw
bc1KTIUkgfL0MvnHlM/vvjI53AFDah3rybR3nMT15UD/xbn7MqmTClWRglbyTrIA
c5XNhb5F1DbaHu4trxGFI29lCPXmTQG7zD5KYVPTA5J0VdhJZ/TyRXSGG1NaPcy0
w66MPG16UbqJiPhu0PKWV4ZdsitbVQtwneJvQmmTSdE770lXxHhkU6KEH3vv6YDc
8CdAuW0fyFLgIXVMJw5H9spdV97HoNF3a1qgTmrOqj5vwVeci3YaTlRFLMvfAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUgPiV6qV8JcRhTJvRyoDlSkRyjqMwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzOTJlMzEzMTM2MmUzMTM2
MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVl0
EDANBgkqhkiG9w0BAQsFAAOCAQEAGouX28tbCbCjRISWbkvsWNSLRyESbPQgkSP8
9BQUQmXjq49DxqcRHmdzN6OHx3RfrGvOpSnorDa/EBuwq3s9qUdKD/DF35ge2zLB
ifd1u2pqb44iwMzhyhIu+8V7/TzRYYPm3WbbHuIvcCkiPwH1ihEnxntr4jNMpZvT
bmiZ0S3fwJ8It0QUvyw+xpNY3fTyUBbtG2BryZqUIUoUFR6Vajlnhv36i3iadn0H
tcQADveZDjITI6RYT5qKfExxlkxtPA1Vuy06cLUvMfBz3Ig4sJFAJNXei9PvjFr4
4Qu3rMp0s0NIcAP1j+As/PEqipXZvA5FHrbsB5f5MdolitUklg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:50 2024 by rpki-client on console-fra.rpki-client.org