Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e34312e302f32342d3234203d3e203135343139.roa
File: 38392e3131362e34312e302f32342d3234203d3e203135343139.roa (raw, json)
Hash identifier: LqVWkT/zceAzbvveNwhUbB73xAD4FqZemL5aMFNpkaM=
Subject key identifier: DF:2B:71:A7:BF:A4:27:AE:25:25:DF:C4:E9:59:4D:64:C5:FB:98:D6
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 496504D7C88AA0899C37F7D6C4E0828E1AEE751C
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e34312e302f32342d3234203d3e203135343139.roa
Signing time: Fri 07 Jul 2023 08:08:15 +0000
ROA not before: Fri 07 Jul 2023 08:03:15 +0000
ROA not after: Fri 05 Jul 2024 08:08:15 +0000
asID: 15419
IP address blocks: 89.116.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:65:04:d7:c8:8a:a0:89:9c:37:f7:d6:c4:e0:82:8e:1a:ee:75:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jul 7 08:03:15 2023 GMT
Not After : Jul 5 08:08:15 2024 GMT
Subject: CN=DF2B71A7BFA427AE2525DFC4E9594D64C5FB98D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:89:32:f8:e8:00:fd:a9:62:bd:10:78:f7:89:
b3:0e:c6:4b:94:18:78:b7:cc:72:e0:e4:73:79:01:
7e:9e:2e:96:46:84:f9:4a:c2:33:c2:4f:db:61:0b:
0c:b2:6a:77:b0:e8:ff:44:4d:9f:43:36:7e:c7:85:
d1:34:e1:5a:9a:41:83:e2:d7:30:14:bd:70:36:37:
c3:72:ae:d0:fb:da:9a:26:da:48:e7:65:1b:f2:97:
1c:40:d7:2d:25:58:0d:ae:ef:86:9e:b7:a4:c3:77:
7a:c1:f7:32:c5:fa:17:65:fc:31:3d:c6:3b:ab:39:
4d:0d:e0:82:05:69:d2:a3:29:1a:86:30:05:9d:aa:
d2:5f:5e:b2:e2:c3:95:a8:4f:7a:c5:ad:f5:2a:b6:
2b:7b:10:82:e0:c4:60:65:51:eb:84:f6:91:b5:91:
6c:d8:98:84:a1:61:58:91:03:61:36:e7:f8:2d:e5:
b0:2e:54:0d:fa:14:d0:e5:1d:ca:d9:ee:39:cb:e9:
56:c9:d3:52:81:63:15:18:0f:7d:e1:af:38:6e:72:
ca:b4:04:64:5e:e6:a3:b7:69:88:10:5c:38:74:30:
c5:10:95:4a:3d:35:dd:9c:1c:9b:ec:b5:9b:9f:b0:
0a:ae:5b:ea:92:1b:47:b1:55:ad:ae:91:bb:2b:2c:
0c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:2B:71:A7:BF:A4:27:AE:25:25:DF:C4:E9:59:4D:64:C5:FB:98:D6
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e34312e302f32342d3234203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.41.0/24
Signature Algorithm: sha256WithRSAEncryption
38:91:e5:0b:67:bd:7d:39:0d:9b:de:59:86:3c:d5:e7:ae:6c:
ed:ba:ed:21:ab:4d:7f:ef:c8:74:b9:18:24:6c:4b:74:d8:61:
7a:d2:0b:58:be:ae:8b:87:17:e8:05:cd:aa:6e:7f:81:64:c7:
11:05:3b:32:5b:60:50:0b:77:81:93:06:21:62:ad:cc:22:d6:
5b:06:f6:af:48:07:9d:77:bb:6a:a8:1e:69:b7:20:27:f6:e3:
f5:49:c0:06:d3:88:02:e2:5a:35:13:38:9a:1c:6e:c3:82:f8:
72:ba:00:2e:a9:66:f5:3c:62:62:b7:ce:56:ff:ea:08:f2:ee:
48:5c:a7:86:1d:40:dc:a2:d2:6f:6d:13:39:a8:e5:6b:bd:0b:
1b:c0:6b:54:99:c2:8e:c9:ff:5e:2b:df:5e:b9:11:6f:b4:18:
c1:4b:04:e2:a3:55:f2:a9:a9:52:dd:0e:7d:4e:39:39:de:a4:
5f:c3:6e:d4:7c:69:c9:7c:ca:65:32:9d:73:8b:b0:24:d1:d5:
35:56:24:ac:01:62:1d:46:1a:cb:81:24:fa:4c:0e:35:55:ec:
29:62:4b:50:7a:e7:20:ef:77:0a:4d:91:59:34:69:d4:69:64:
0a:a1:1f:46:84:3b:46:1c:3d:41:22:c6:35:c9:4d:7a:09:55:
c3:4a:42:e3
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUSWUE18iKoImcN/fWxOCCjhrudRwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yMzA3MDcwODAzMTVaFw0yNDA3MDUwODA4MTVaMDMxMTAvBgNV
BAMTKERGMkI3MUE3QkZBNDI3QUUyNTI1REZDNEU5NTk0RDY0QzVGQjk4RDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYiTL46AD9qWK9EHj3ibMOxkuU
GHi3zHLg5HN5AX6eLpZGhPlKwjPCT9thCwyyanew6P9ETZ9DNn7HhdE04VqaQYPi
1zAUvXA2N8NyrtD72pom2kjnZRvylxxA1y0lWA2u74aet6TDd3rB9zLF+hdl/DE9
xjurOU0N4IIFadKjKRqGMAWdqtJfXrLiw5WoT3rFrfUqtit7EILgxGBlUeuE9pG1
kWzYmIShYViRA2E25/gt5bAuVA36FNDlHcrZ7jnL6VbJ01KBYxUYD33hrzhucsq0
BGRe5qO3aYgQXDh0MMUQlUo9Nd2cHJvstZufsAquW+qSG0exVa2ukbsrLAzdAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU3ytxp7+kJ64lJd/E6VlNZMX7mNYwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzOTJlMzEzMTM2MmUzNDMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFl0
KTANBgkqhkiG9w0BAQsFAAOCAQEAOJHlC2e9fTkNm95ZhjzV565s7brtIatNf+/I
dLkYJGxLdNhhetILWL6ui4cX6AXNqm5/gWTHEQU7MltgUAt3gZMGIWKtzCLWWwb2
r0gHnXe7aqgeabcgJ/bj9UnABtOIAuJaNRM4mhxuw4L4croALqlm9TxiYrfOVv/q
CPLuSFynhh1A3KLSb20TOajla70LG8BrVJnCjsn/XivfXrkRb7QYwUsE4qNV8qmp
Ut0OfU45Od6kX8Nu1HxpyXzKZTKdc4uwJNHVNVYkrAFiHUYay4Ek+kwONVXsKWJL
UHrnIO93Ck2RWTRp1GlkCqEfRoQ7Rhw9QSLGNclNeglVw0pC4w==
-----END CERTIFICATE-----
Generated at Fri May 17 13:32:17 2024 by rpki-client on console-fra.rpki-client.org