Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37322e302f32342d3234203d3e203631333137.roa
File: 3134312e39382e37322e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: 34pAiug0MiBQaUi/CVKPZzIUdkwiMEkphnouASp+Q5Q=
Subject key identifier: D9:09:94:0D:0E:6A:58:BB:27:FD:79:FC:E3:81:67:25:7A:E6:ED:FC
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 316E6FD53B6C64F600E00501A990773AE8781A14
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37322e302f32342d3234203d3e203631333137.roa
Signing time: Thu 04 Apr 2024 11:05:15 +0000
ROA not before: Thu 04 Apr 2024 11:00:15 +0000
ROA not after: Thu 03 Apr 2025 11:05:15 +0000
asID: 61317
IP address blocks: 141.98.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:6e:6f:d5:3b:6c:64:f6:00:e0:05:01:a9:90:77:3a:e8:78:1a:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Apr 4 11:00:15 2024 GMT
Not After : Apr 3 11:05:15 2025 GMT
Subject: CN=D909940D0E6A58BB27FD79FCE38167257AE6EDFC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:bd:86:38:4b:d6:d2:66:e3:b7:5b:eb:a6:96:
d4:2c:eb:24:bb:97:45:cf:97:a8:e2:4d:6c:16:e8:
f3:a9:df:2b:dd:40:9a:30:39:37:0a:87:79:da:66:
7d:09:d6:8c:7a:45:01:3d:1a:59:1f:50:69:98:69:
74:1c:be:c8:ed:73:b4:13:62:7e:73:48:6e:41:83:
e4:4c:b0:72:b7:43:c3:44:df:b6:4a:c2:ad:eb:2e:
72:ce:fd:af:08:e0:ec:fd:89:3e:4e:25:24:99:e0:
84:47:44:76:f2:85:fc:e3:24:57:1a:5f:43:40:0a:
e8:bf:8f:d0:ac:42:a0:ef:24:71:e1:a3:ad:45:9c:
30:ce:df:d3:47:01:46:a4:37:21:79:4f:bc:0d:3a:
57:d8:df:29:48:28:84:9b:8d:2f:37:3a:ad:9a:3f:
74:e7:ce:3a:01:b4:95:11:2b:b2:c2:c7:71:f7:0a:
55:73:ce:52:21:10:76:46:00:81:90:74:84:c9:d1:
64:74:32:a9:37:e4:11:76:62:07:26:81:6a:eb:72:
b9:2b:86:ca:ad:76:3e:d9:cb:b9:85:aa:74:e6:7c:
3e:8e:39:38:2b:69:7c:45:bd:22:f0:35:a5:ff:5b:
c2:5c:e9:79:64:1c:c3:cc:49:52:83:18:ff:ee:01:
a9:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:09:94:0D:0E:6A:58:BB:27:FD:79:FC:E3:81:67:25:7A:E6:ED:FC
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37322e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.72.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:82:97:12:6e:f2:28:84:5f:af:de:b5:37:6e:5b:63:2b:6a:
42:95:07:51:35:a7:21:ca:5a:12:85:f3:ac:39:bc:67:b5:fd:
76:55:23:9d:05:72:3b:97:01:0c:28:62:80:dd:d4:ca:f6:58:
91:32:af:92:f3:d0:6c:cc:79:7e:bb:00:57:e4:96:37:4a:fe:
f3:e0:ba:90:8e:dd:53:c7:ee:50:38:79:fc:0b:c4:b8:48:32:
d4:3b:1a:6c:a6:23:aa:80:50:f3:36:bf:aa:d8:6d:2c:7e:06:
35:64:f2:57:6d:67:92:1d:2e:8a:df:0f:69:be:8b:0a:07:f1:
54:06:07:3e:8f:7d:e9:f1:80:2c:f8:fb:23:90:35:99:08:2d:
f4:9b:c4:93:61:2d:c8:01:5f:98:36:83:c6:f9:73:a8:ec:b8:
10:73:7d:ba:95:a4:9e:da:d8:24:10:9f:8f:48:0e:b0:68:04:
e6:a0:c9:7d:b1:14:a5:0e:62:41:04:02:53:f9:bc:b1:ea:e4:
c5:34:d7:9e:09:b3:7f:4e:24:13:3c:fb:7a:3e:a5:60:82:74:
c7:47:da:9e:e9:44:93:07:13:3d:59:fa:d8:14:14:e6:22:a5:
f6:5f:5b:18:5b:ab:3e:69:b3:66:8c:e7:50:99:8d:bf:04:64:
77:fe:34:82
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUMW5v1TtsZPYA4AUBqZB3Ouh4GhQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDA0MDQxMTAwMTVaFw0yNTA0MDMxMTA1MTVaMDMxMTAvBgNV
BAMTKEQ5MDk5NDBEMEU2QTU4QkIyN0ZENzlGQ0UzODE2NzI1N0FFNkVERkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTvYY4S9bSZuO3W+umltQs6yS7
l0XPl6jiTWwW6POp3yvdQJowOTcKh3naZn0J1ox6RQE9GlkfUGmYaXQcvsjtc7QT
Yn5zSG5Bg+RMsHK3Q8NE37ZKwq3rLnLO/a8I4Oz9iT5OJSSZ4IRHRHbyhfzjJFca
X0NACui/j9CsQqDvJHHho61FnDDO39NHAUakNyF5T7wNOlfY3ylIKISbjS83Oq2a
P3TnzjoBtJURK7LCx3H3ClVzzlIhEHZGAIGQdITJ0WR0Mqk35BF2YgcmgWrrcrkr
hsqtdj7Zy7mFqnTmfD6OOTgraXxFvSLwNaX/W8Jc6XlkHMPMSVKDGP/uAanvAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU2QmUDQ5qWLsn/Xn844FnJXrm7fwwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzEzNDMxMmUzOTM4MmUzNzMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMTMzMzEzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAI1i
SDANBgkqhkiG9w0BAQsFAAOCAQEAuoKXEm7yKIRfr961N25bYytqQpUHUTWnIcpa
EoXzrDm8Z7X9dlUjnQVyO5cBDChigN3UyvZYkTKvkvPQbMx5frsAV+SWN0r+8+C6
kI7dU8fuUDh5/AvEuEgy1DsabKYjqoBQ8za/qthtLH4GNWTyV21nkh0uit8Pab6L
CgfxVAYHPo996fGALPj7I5A1mQgt9JvEk2EtyAFfmDaDxvlzqOy4EHN9upWkntrY
JBCfj0gOsGgE5qDJfbEUpQ5iQQQCU/m8serkxTTXngmzf04kEzz7ej6lYIJ0x0fa
nulEkwcTPVn62BQU5iKl9l9bGFurPmmzZoznUJmNvwRkd/40gg==
-----END CERTIFICATE-----
Generated at Sat May 4 06:18:44 2024 by rpki-client on console-fra.rpki-client.org