Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/38392e34322e3131302e302f32342d3234203d3e203631333137.roa
File: 38392e34322e3131302e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: PU42k0wAchjpLij07Ins7mvpDktS3c483KnPxGuaf7I=
Subject key identifier: 4A:51:75:2D:33:C5:AE:96:1A:FF:C0:58:9A:F5:F7:D7:B8:4D:67:4A
Certificate issuer: /CN=ed9edb2a15871785fbae38e23c38820dbfa2cca4
Certificate serial: 1825D4D98B4975B0671A0FB9F0054C6FA4F40C66
Authority key identifier: ED:9E:DB:2A:15:87:17:85:FB:AE:38:E2:3C:38:82:0D:BF:A2:CC:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/38392e34322e3131302e302f32342d3234203d3e203631333137.roa
Signing time: Wed 24 Jul 2024 12:05:19 +0000
ROA not before: Wed 24 Jul 2024 12:00:19 +0000
ROA not after: Wed 23 Jul 2025 12:05:19 +0000
asID: 61317
IP address blocks: 89.42.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.crl
rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.mft
rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:25:d4:d9:8b:49:75:b0:67:1a:0f:b9:f0:05:4c:6f:a4:f4:0c:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed9edb2a15871785fbae38e23c38820dbfa2cca4
Validity
Not Before: Jul 24 12:00:19 2024 GMT
Not After : Jul 23 12:05:19 2025 GMT
Subject: CN=4A51752D33C5AE961AFFC0589AF5F7D7B84D674A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c4:30:2e:bb:59:32:64:9f:07:3f:a2:de:93:
55:fa:e1:a3:66:9a:77:1b:ac:74:c6:92:9f:05:28:
fc:fe:3a:f4:8d:3a:99:40:19:ae:34:ed:1c:3d:ce:
79:57:87:aa:92:be:46:10:af:ae:08:8d:0f:ce:40:
4e:58:09:9b:a3:ea:cf:06:c6:b3:a9:6d:dd:9d:11:
60:95:56:93:d8:ae:cd:8f:a0:7e:a6:b6:46:1c:a4:
91:66:88:77:bc:ef:bd:38:30:fb:83:b0:01:21:36:
f2:1b:15:47:84:ca:86:9d:9f:9c:2b:eb:0d:94:ae:
58:ff:b1:35:0f:28:34:85:82:6d:59:75:7d:5e:c2:
8b:12:00:8e:1a:fa:6e:cf:9b:b7:cf:90:b0:75:dd:
03:36:45:59:db:8c:38:e7:80:2f:c2:15:f3:9c:e6:
fc:1b:f2:4a:e3:17:19:10:bf:e6:5b:f6:05:c1:f5:
77:9e:84:3e:d5:61:5f:b5:bd:27:c9:cf:e6:25:b5:
9b:89:8c:be:d1:2c:ef:f3:95:28:fa:b4:61:a4:71:
55:1f:b6:ed:69:ad:c3:08:13:5a:8c:9e:6f:de:af:
97:85:e3:ef:3b:7e:42:cb:7e:4b:13:9a:46:a6:b1:
cd:7a:ba:cf:b8:5a:42:fc:5c:c5:5e:3a:29:a3:5c:
c5:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:51:75:2D:33:C5:AE:96:1A:FF:C0:58:9A:F5:F7:D7:B8:4D:67:4A
X509v3 Authority Key Identifier:
keyid:ED:9E:DB:2A:15:87:17:85:FB:AE:38:E2:3C:38:82:0D:BF:A2:CC:A4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/38392e34322e3131302e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.110.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:7d:2b:cb:08:bc:a9:10:2c:82:ae:ad:0d:50:c9:84:7d:3f:
aa:bf:fd:01:a1:63:1b:de:52:66:74:23:59:08:1d:d7:03:46:
c3:9c:81:67:46:78:f6:58:39:e7:59:f3:18:1f:77:aa:1a:00:
e8:7c:e1:00:3c:3d:e2:c8:99:25:fa:5d:f9:05:06:88:1a:95:
79:0e:99:dd:a1:55:42:f4:2c:1d:1b:9e:cf:25:bb:7a:00:08:
cd:f6:c5:6f:ae:55:5b:79:01:8c:57:77:bb:2d:ae:74:f9:3d:
b7:06:0b:aa:5a:38:2b:c6:19:99:f0:19:56:61:52:d6:d6:18:
ce:be:c8:c0:f0:11:07:b0:03:be:f9:4e:42:5c:27:9d:18:12:
9a:a8:4c:c5:98:63:74:8c:39:ad:0a:bd:ba:1b:f0:f1:ea:f8:
a7:c9:7d:d7:ac:f0:08:3b:4f:d5:eb:9f:81:e1:2d:10:7c:23:
d4:b7:e5:69:c4:4b:41:aa:7e:05:49:f5:c1:8b:6c:19:a3:85:
f5:82:f1:78:30:55:5e:9e:11:58:8f:45:b7:ef:b1:f7:49:9b:
46:2b:26:52:ca:eb:20:93:62:b9:4c:d7:ad:1b:ec:cd:c2:67:
84:e2:72:38:1c:00:a9:fb:35:db:02:98:18:73:53:af:42:55:
b4:5b:2a:63
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUGCXU2YtJdbBnGg+58AVMb6T0DGYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWQ5ZWRiMmExNTg3MTc4NWZiYWUzOGUyM2MzODgyMGRi
ZmEyY2NhNDAeFw0yNDA3MjQxMjAwMTlaFw0yNTA3MjMxMjA1MTlaMDMxMTAvBgNV
BAMTKDRBNTE3NTJEMzNDNUFFOTYxQUZGQzA1ODlBRjVGN0Q3Qjg0RDY3NEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFxDAuu1kyZJ8HP6Lek1X64aNm
mncbrHTGkp8FKPz+OvSNOplAGa407Rw9znlXh6qSvkYQr64IjQ/OQE5YCZuj6s8G
xrOpbd2dEWCVVpPYrs2PoH6mtkYcpJFmiHe87704MPuDsAEhNvIbFUeEyoadn5wr
6w2Urlj/sTUPKDSFgm1ZdX1ewosSAI4a+m7Pm7fPkLB13QM2RVnbjDjngC/CFfOc
5vwb8krjFxkQv+Zb9gXB9XeehD7VYV+1vSfJz+YltZuJjL7RLO/zlSj6tGGkcVUf
tu1prcMIE1qMnm/er5eF4+87fkLLfksTmkamsc16us+4WkL8XMVeOimjXMVZAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUSlF1LTPFrpYa/8BYmvX317hNZ0owHwYDVR0j
BBgwFoAU7Z7bKhWHF4X7rjjiPDiCDb+izKQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWEwZGU5N2YtN2VlOC00Y2UwLWIwNDUtZWZhYzhjMjQz
Yzc5LzAvRUQ5RURCMkExNTg3MTc4NUZCQUUzOEUyM0MzODgyMERCRkEyQ0NBNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdaN2JLaFdIRjRYN3JqamlQRGlDRGIt
aXpLUS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWEwZGU5N2Yt
N2VlOC00Y2UwLWIwNDUtZWZhYzhjMjQzYzc5LzAvMzgzOTJlMzQzMjJlMzEzMTMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMTMzMzEzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFkq
bjANBgkqhkiG9w0BAQsFAAOCAQEAn30rywi8qRAsgq6tDVDJhH0/qr/9AaFjG95S
ZnQjWQgd1wNGw5yBZ0Z49lg551nzGB93qhoA6HzhADw94siZJfpd+QUGiBqVeQ6Z
3aFVQvQsHRuezyW7egAIzfbFb65VW3kBjFd3uy2udPk9twYLqlo4K8YZmfAZVmFS
1tYYzr7IwPARB7ADvvlOQlwnnRgSmqhMxZhjdIw5rQq9uhvw8er4p8l916zwCDtP
1eufgeEtEHwj1LflacRLQap+BUn1wYtsGaOF9YLxeDBVXp4RWI9Ft++x90mbRism
UsrrIJNiuUzXrRvszcJnhOJyOBwAqfs12wKYGHNTr0JVtFsqYw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:43:16 2025 by rpki-client