Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e342e302f32322d3232203d3e203135343139.roa
File: 38392e3131362e342e302f32322d3232203d3e203135343139.roa (raw, json)
Hash identifier: oRFKCFxJGvX68QWJfvbA6xvAXbsbAtUy8eErblPaedQ=
Subject key identifier: 39:9C:FB:35:12:4B:ED:10:51:06:6F:08:B1:27:06:69:4B:22:3E:E2
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 3BA7BCC497490B64E0133FF1D35B9F2E2FF7D160
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e342e302f32322d3232203d3e203135343139.roa
Signing time: Fri 07 Jun 2024 09:01:55 +0000
ROA not before: Fri 07 Jun 2024 08:56:55 +0000
ROA not after: Fri 06 Jun 2025 09:01:55 +0000
asID: 15419
IP address blocks: 89.116.4.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:a7:bc:c4:97:49:0b:64:e0:13:3f:f1:d3:5b:9f:2e:2f:f7:d1:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jun 7 08:56:55 2024 GMT
Not After : Jun 6 09:01:55 2025 GMT
Subject: CN=399CFB35124BED1051066F08B12706694B223EE2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:79:a3:bd:34:0e:d2:6a:4f:7a:1d:eb:ed:39:
d1:5e:83:f7:cf:2c:92:07:31:ac:6d:89:51:cf:1b:
22:21:74:15:55:2b:5e:03:a7:a2:e9:96:12:57:1f:
78:9d:1a:7e:cf:bd:46:bf:2a:e5:f9:c4:3d:f8:cf:
83:5e:8f:fb:69:31:47:ac:3c:56:5e:89:ff:d9:e5:
8a:74:2a:a8:04:f0:00:9c:4b:00:33:d7:af:50:bf:
31:fa:fb:33:ac:65:9a:dd:b9:8e:a4:02:01:8b:7e:
01:7c:a5:6d:e5:00:70:a8:b6:49:8d:18:4c:8a:3a:
7a:b9:3d:99:b9:15:5c:bd:82:bf:7f:35:28:1f:0c:
53:22:a5:b6:51:3d:00:3a:9d:31:82:39:ad:f4:5c:
3e:21:b5:7f:42:a9:8b:72:26:d0:aa:bd:75:a8:d2:
b4:10:a6:dc:7f:e8:4b:8a:24:95:fa:1d:f3:76:fa:
25:84:87:9d:5b:05:79:cc:80:7a:30:9d:ba:d2:59:
a5:2e:b3:e3:77:dc:77:9f:87:e3:7f:5a:6a:08:8b:
0b:b4:71:a2:64:04:58:05:32:2e:66:0b:c8:19:6e:
90:a3:d0:a8:6b:85:44:24:76:74:7d:fc:5b:ac:44:
0e:d7:7f:b7:03:e4:af:aa:b1:a0:75:29:17:e2:5c:
cb:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:9C:FB:35:12:4B:ED:10:51:06:6F:08:B1:27:06:69:4B:22:3E:E2
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e342e302f32322d3232203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.4.0/22
Signature Algorithm: sha256WithRSAEncryption
47:9b:77:4f:85:5f:3f:2d:48:51:07:1a:80:ce:f1:58:82:6d:
d0:cf:9e:0c:45:1f:06:4d:d8:9b:25:b3:51:8e:a0:b8:34:0c:
67:26:63:73:e2:1d:88:bf:6b:95:9f:64:64:35:87:3f:41:3d:
d3:be:8c:14:ac:b1:f1:75:ff:ee:d5:2e:2e:1b:3b:98:e2:a5:
07:57:ff:23:39:13:a1:c1:57:3b:9f:52:e0:8e:ce:7e:09:7d:
eb:ff:d7:88:88:a0:2e:20:5c:3c:c8:06:71:29:e6:6b:a5:de:
29:cf:7c:53:ae:14:cb:d7:ec:f1:0f:8c:16:26:2e:18:f1:b5:
06:c8:16:44:b6:c9:98:72:eb:7f:29:42:50:c4:d1:f5:8f:ff:
71:0d:74:5e:45:14:3d:32:3c:95:7c:46:ac:a2:83:b6:fc:f0:
9e:af:23:cd:b7:ab:94:05:2c:34:90:f4:f9:0d:f9:16:dc:71:
9b:ab:d2:6e:79:da:84:ca:ce:c8:dc:de:85:69:9d:b9:e5:bb:
f4:44:45:bf:75:0e:1c:37:4a:55:20:06:2e:1b:03:45:79:db:
27:07:a9:99:f1:ce:73:67:9e:93:0a:c9:76:23:06:e7:4e:d9:
16:f1:d8:79:c3:25:1a:1a:4b:e8:ad:ac:fa:d6:3e:90:28:cd:
e6:75:2e:6f
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUO6e8xJdJC2TgEz/x01ufLi/30WAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNDA2MDcwODU2NTVaFw0yNTA2MDYwOTAxNTVaMDMxMTAvBgNV
BAMTKDM5OUNGQjM1MTI0QkVEMTA1MTA2NkYwOEIxMjcwNjY5NEIyMjNFRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoeaO9NA7Sak96HevtOdFeg/fP
LJIHMaxtiVHPGyIhdBVVK14Dp6LplhJXH3idGn7PvUa/KuX5xD34z4Nej/tpMUes
PFZeif/Z5Yp0KqgE8ACcSwAz169QvzH6+zOsZZrduY6kAgGLfgF8pW3lAHCotkmN
GEyKOnq5PZm5FVy9gr9/NSgfDFMipbZRPQA6nTGCOa30XD4htX9CqYtyJtCqvXWo
0rQQptx/6EuKJJX6HfN2+iWEh51bBXnMgHownbrSWaUus+N33Hefh+N/WmoIiwu0
caJkBFgFMi5mC8gZbpCj0KhrhUQkdnR9/FusRA7Xf7cD5K+qsaB1KRfiXMuPAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUOZz7NRJL7RBRBm8IsScGaUsiPuIwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzOTJlMzEzMTM2MmUzNDJl
MzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMxMzUzNDMxMzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJZdAQw
DQYJKoZIhvcNAQELBQADggEBAEebd0+FXz8tSFEHGoDO8ViCbdDPngxFHwZN2Jsl
s1GOoLg0DGcmY3PiHYi/a5WfZGQ1hz9BPdO+jBSssfF1/+7VLi4bO5jipQdX/yM5
E6HBVzufUuCOzn4Jfev/14iIoC4gXDzIBnEp5mul3inPfFOuFMvX7PEPjBYmLhjx
tQbIFkS2yZhy638pQlDE0fWP/3ENdF5FFD0yPJV8Rqyig7b88J6vI823q5QFLDSQ
9PkN+RbccZur0m552oTKzsjc3oVpnbnlu/RERb91Dhw3SlUgBi4bA0V52ycHqZnx
znNnnpMKyXYjBudO2Rbx2HnDJRoaS+itrPrWPpAozeZ1Lm8=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:50 2024 by rpki-client on console-fra.rpki-client.org