Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e34312e302f32342d3234203d3e203135343139.roa
File: 38392e3131362e34312e302f32342d3234203d3e203135343139.roa (raw, json)
Hash identifier: LKcPnvBQTsCR4w5Kx2YxxQoR+f2G/pvTMjh3hci1fU0=
Subject key identifier: F3:8D:30:21:CB:8F:DA:51:0D:97:22:F6:4D:71:60:9E:98:9C:C9:6A
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 3912D1E20DB0A542CA51AB80211FC3CE95FEBAC0
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e34312e302f32342d3234203d3e203135343139.roa
Signing time: Fri 07 Jun 2024 09:01:52 +0000
ROA not before: Fri 07 Jun 2024 08:56:52 +0000
ROA not after: Fri 06 Jun 2025 09:01:52 +0000
asID: 15419
IP address blocks: 89.116.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:12:d1:e2:0d:b0:a5:42:ca:51:ab:80:21:1f:c3:ce:95:fe:ba:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jun 7 08:56:52 2024 GMT
Not After : Jun 6 09:01:52 2025 GMT
Subject: CN=F38D3021CB8FDA510D9722F64D71609E989CC96A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8f:9f:7f:5b:3b:35:48:f6:86:e6:2d:8c:29:
5f:5b:af:13:38:80:37:0e:b0:13:e5:84:aa:d1:f2:
57:19:80:67:50:08:69:49:85:42:bc:20:2f:9a:3a:
65:fe:5d:6f:c4:c3:73:f2:08:06:80:a9:41:c6:91:
bb:47:8b:df:56:35:b6:d1:c2:cd:8b:36:35:fe:72:
e3:e3:79:2c:04:2f:9f:bc:3e:3d:c8:1b:2a:a2:0d:
6a:54:e4:21:af:1e:fd:7d:b3:29:d0:80:d1:42:4d:
1e:a6:c2:83:c9:6d:4b:7d:4b:b6:a8:5b:c2:c1:88:
ee:b3:d8:10:21:f5:fc:79:e5:81:05:08:ec:cb:1c:
ef:35:9f:35:ed:42:ca:69:0a:4a:bc:f8:ed:aa:8a:
86:d5:5a:51:b8:ff:83:80:43:7b:63:99:0b:d2:f2:
93:15:ba:dd:6d:6c:5a:b0:19:3a:ca:44:64:82:a3:
f6:9d:d5:70:50:a4:ae:81:4a:75:3a:42:e8:60:75:
6f:2b:59:54:41:ed:56:0a:9c:87:f4:6c:63:97:b5:
dc:bf:27:07:54:c0:44:e7:df:d8:27:7b:c3:49:33:
69:23:66:d3:72:74:f6:a5:1f:64:51:9b:73:e3:79:
1d:1e:89:ab:60:26:b4:8d:70:44:65:ee:9b:2d:62:
2e:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:8D:30:21:CB:8F:DA:51:0D:97:22:F6:4D:71:60:9E:98:9C:C9:6A
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e34312e302f32342d3234203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.41.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:8b:4c:dc:9b:d7:43:c8:e4:eb:11:4b:55:c3:09:58:36:6d:
a9:5e:84:79:76:9a:eb:a6:eb:77:04:4f:14:d8:13:ad:87:64:
6d:af:82:ca:dd:e7:37:47:77:2e:f6:c6:c0:e2:6c:c5:d5:6c:
3c:0e:c2:91:19:8b:ab:85:7f:73:58:0e:e5:ee:1d:d7:34:e3:
5a:fd:2c:51:e9:f4:3e:c8:da:25:ed:8c:32:53:1b:2d:3d:29:
c9:e0:31:9d:76:ad:3f:f5:65:38:e9:15:6c:f7:67:b6:22:13:
b1:68:fe:ee:3e:61:3c:98:0c:18:cd:4e:9c:cf:1d:c7:a1:4a:
f1:1d:bc:c9:f4:a6:1f:8f:03:4c:31:69:16:9a:eb:41:fb:7d:
39:d6:b2:35:02:f9:ab:22:28:d3:94:99:2b:dc:64:c5:d0:13:
61:d2:be:d3:af:d6:3f:d9:6c:a4:b5:b0:eb:15:cf:a1:aa:0b:
7e:24:43:de:44:13:59:1d:a6:5a:0c:21:ce:04:02:65:48:85:
64:42:e4:e1:70:8a:ea:40:22:d0:ec:9e:91:cf:b0:8a:5b:cf:
5a:3c:f5:11:76:ea:7c:f3:86:e7:8b:d1:ab:00:f8:51:99:e0:
e9:f6:8e:b2:c0:96:92:53:6c:16:e6:d3:38:93:87:93:dc:37:
85:83:fc:81
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUORLR4g2wpULKUauAIR/DzpX+usAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNDA2MDcwODU2NTJaFw0yNTA2MDYwOTAxNTJaMDMxMTAvBgNV
BAMTKEYzOEQzMDIxQ0I4RkRBNTEwRDk3MjJGNjRENzE2MDlFOTg5Q0M5NkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2j59/Wzs1SPaG5i2MKV9brxM4
gDcOsBPlhKrR8lcZgGdQCGlJhUK8IC+aOmX+XW/Ew3PyCAaAqUHGkbtHi99WNbbR
ws2LNjX+cuPjeSwEL5+8Pj3IGyqiDWpU5CGvHv19synQgNFCTR6mwoPJbUt9S7ao
W8LBiO6z2BAh9fx55YEFCOzLHO81nzXtQsppCkq8+O2qiobVWlG4/4OAQ3tjmQvS
8pMVut1tbFqwGTrKRGSCo/ad1XBQpK6BSnU6QuhgdW8rWVRB7VYKnIf0bGOXtdy/
JwdUwETn39gne8NJM2kjZtNydPalH2RRm3PjeR0eiatgJrSNcERl7pstYi7xAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU840wIcuP2lENlyL2TXFgnpicyWowHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzOTJlMzEzMTM2MmUzNDMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFl0
KTANBgkqhkiG9w0BAQsFAAOCAQEAq4tM3JvXQ8jk6xFLVcMJWDZtqV6EeXaa66br
dwRPFNgTrYdkba+Cyt3nN0d3LvbGwOJsxdVsPA7CkRmLq4V/c1gO5e4d1zTjWv0s
Uen0PsjaJe2MMlMbLT0pyeAxnXatP/VlOOkVbPdntiITsWj+7j5hPJgMGM1OnM8d
x6FK8R28yfSmH48DTDFpFprrQft9OdayNQL5qyIo05SZK9xkxdATYdK+06/WP9ls
pLWw6xXPoaoLfiRD3kQTWR2mWgwhzgQCZUiFZELk4XCK6kAi0Oyekc+wilvPWjz1
EXbqfPOG54vRqwD4UZng6faOssCWklNsFubTOJOHk9w3hYP8gQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:50 2024 by rpki-client on console-fra.rpki-client.org