Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31392e302f32342d3234203d3e203135343139.roa
File: 38392e3131362e31392e302f32342d3234203d3e203135343139.roa (raw, json)
Hash identifier: bGoZmuVAEB87yvgYuC6xqdUZRj5nlGp3K0afR23g6e0=
Subject key identifier: 99:42:65:BD:92:8C:4C:8C:F8:C7:21:43:9E:43:A3:E2:3C:3E:EC:FC
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 60122C90F6CCEFE72C77F254E659043CABD4A30A
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31392e302f32342d3234203d3e203135343139.roa
Signing time: Fri 07 Jun 2024 09:01:53 +0000
ROA not before: Fri 07 Jun 2024 08:56:53 +0000
ROA not after: Fri 06 Jun 2025 09:01:53 +0000
asID: 15419
IP address blocks: 89.116.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:12:2c:90:f6:cc:ef:e7:2c:77:f2:54:e6:59:04:3c:ab:d4:a3:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jun 7 08:56:53 2024 GMT
Not After : Jun 6 09:01:53 2025 GMT
Subject: CN=994265BD928C4C8CF8C721439E43A3E23C3EECFC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a4:6e:e8:0e:34:c8:0b:f6:e2:37:73:2f:6e:
8c:1a:e1:e1:ad:25:52:4b:45:14:51:5f:72:5b:d9:
4a:f6:6e:83:70:0a:ed:6d:a6:63:8d:2c:97:41:e6:
2c:ee:ec:8f:6e:75:c6:8d:9c:de:f7:a0:d5:ab:de:
17:a9:64:d6:a8:a5:fc:47:da:1d:82:41:2d:25:4c:
b4:58:f7:dd:fc:b0:48:cf:94:01:fa:3a:ec:8b:67:
9b:ae:79:87:41:f6:1e:b3:f5:66:62:fc:2b:6e:83:
bd:80:8b:1d:97:ef:9d:21:89:bd:8b:99:1c:28:b8:
01:40:69:61:da:30:65:99:af:9a:7c:e0:df:c7:dc:
3d:0a:69:0a:1b:dd:c6:9b:2a:d5:0a:cd:51:27:e9:
34:6c:1d:ff:d9:a0:95:2e:6c:40:6a:13:8a:96:61:
f7:e9:4c:9a:2f:13:5a:27:3b:7f:bd:ed:ee:75:4a:
d4:91:d3:02:fe:8e:c7:6b:c0:b7:19:23:3a:cb:e9:
e1:75:a4:76:01:87:4b:83:8a:54:45:67:93:e6:0b:
ed:d5:36:6f:ff:84:d6:65:7c:32:28:91:93:e6:f9:
d3:f1:ea:79:3b:7c:32:97:6c:bd:b7:38:3d:22:db:
e6:da:71:44:12:52:74:b2:84:e3:5a:44:9c:af:77:
b9:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:42:65:BD:92:8C:4C:8C:F8:C7:21:43:9E:43:A3:E2:3C:3E:EC:FC
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31392e302f32342d3234203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.19.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:4c:6b:1f:a4:25:f8:89:2d:28:eb:f2:27:25:f6:44:c3:60:
3c:29:a1:b4:fd:84:ba:2b:2d:e1:b3:74:9b:53:20:1b:1f:0e:
c6:3a:20:bb:47:65:00:b7:f2:79:6e:3e:a9:a9:96:82:46:1e:
64:4e:06:76:93:10:8d:38:1e:53:57:2d:b7:cc:8e:d8:3e:65:
b4:22:37:ab:77:5e:2e:37:5c:aa:13:26:0b:02:82:13:f9:92:
6e:01:4a:fb:a9:a4:cc:a0:be:92:7a:8e:c2:0c:2f:2a:6d:cf:
5e:3b:f3:22:3f:90:32:2c:1d:c2:79:88:95:0d:94:cc:e0:2e:
a6:8e:95:92:c2:29:c5:24:95:73:1d:4c:a4:e4:d9:c5:1b:fc:
89:95:f1:b4:9d:f3:e2:77:12:51:e5:28:27:64:9c:e9:03:9a:
a5:a7:88:6e:1d:19:69:e0:0a:64:74:8f:7b:58:32:58:75:66:
4e:ef:d2:81:dd:42:49:1c:20:d3:a4:97:80:f7:4e:67:9e:26:
4e:e9:38:16:0a:16:d5:23:54:2c:a4:f6:20:9d:38:ab:c9:78:
a3:da:d4:89:05:4e:ef:75:77:c3:12:9b:eb:59:6d:4a:62:18:
b5:21:af:5f:9e:4d:ab:e5:c8:68:fd:71:dd:62:8f:ff:87:de:
76:15:61:97
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUYBIskPbM7+csd/JU5lkEPKvUowowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNDA2MDcwODU2NTNaFw0yNTA2MDYwOTAxNTNaMDMxMTAvBgNV
BAMTKDk5NDI2NUJEOTI4QzRDOENGOEM3MjE0MzlFNDNBM0UyM0MzRUVDRkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnpG7oDjTIC/biN3Mvbowa4eGt
JVJLRRRRX3Jb2Ur2boNwCu1tpmONLJdB5izu7I9udcaNnN73oNWr3hepZNaopfxH
2h2CQS0lTLRY9938sEjPlAH6OuyLZ5uueYdB9h6z9WZi/Ctug72Aix2X750hib2L
mRwouAFAaWHaMGWZr5p84N/H3D0KaQob3cabKtUKzVEn6TRsHf/ZoJUubEBqE4qW
YffpTJovE1onO3+97e51StSR0wL+jsdrwLcZIzrL6eF1pHYBh0uDilRFZ5PmC+3V
Nm//hNZlfDIokZPm+dPx6nk7fDKXbL23OD0i2+bacUQSUnSyhONaRJyvd7mBAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUmUJlvZKMTIz4xyFDnkOj4jw+7PwwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzOTJlMzEzMTM2MmUzMTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFl0
EzANBgkqhkiG9w0BAQsFAAOCAQEAXUxrH6Ql+IktKOvyJyX2RMNgPCmhtP2Euist
4bN0m1MgGx8Oxjogu0dlALfyeW4+qamWgkYeZE4GdpMQjTgeU1ctt8yO2D5ltCI3
q3deLjdcqhMmCwKCE/mSbgFK+6mkzKC+knqOwgwvKm3PXjvzIj+QMiwdwnmIlQ2U
zOAupo6VksIpxSSVcx1MpOTZxRv8iZXxtJ3z4ncSUeUoJ2Sc6QOapaeIbh0ZaeAK
ZHSPe1gyWHVmTu/Sgd1CSRwg06SXgPdOZ54mTuk4FgoW1SNULKT2IJ04q8l4o9rU
iQVO73V3wxKb61ltSmIYtSGvX55Nq+XIaP1x3WKP/4fedhVhlw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:50 2024 by rpki-client on console-fra.rpki-client.org