Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32382e302f32342d3234203d3e20313734.roa
File: 38322e3131382e32382e302f32342d3234203d3e20313734.roa (raw, json)
Hash identifier: shzncBoqVdvh6bbmFZndUpAc0aPz5VAXguFjFgbOkk0=
Subject key identifier: 71:F8:0B:E8:53:38:3B:6E:38:07:35:5B:AD:B5:A1:3E:EF:7F:A6:BB
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 37ED0D8728B897E354B117FD0A09D1EBA3BB5B45
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32382e302f32342d3234203d3e20313734.roa
Signing time: Wed 17 Apr 2024 09:58:59 +0000
ROA not before: Wed 17 Apr 2024 09:53:59 +0000
ROA not after: Wed 16 Apr 2025 09:58:59 +0000
asID: 174
IP address blocks: 82.118.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 19:30:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:ed:0d:87:28:b8:97:e3:54:b1:17:fd:0a:09:d1:eb:a3:bb:5b:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Apr 17 09:53:59 2024 GMT
Not After : Apr 16 09:58:59 2025 GMT
Subject: CN=71F80BE853383B6E3807355BADB5A13EEF7FA6BB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:17:5a:9e:fd:b0:cb:94:7d:ca:be:d0:eb:0a:
68:59:25:3d:f5:f6:0c:1a:47:42:9c:2c:a6:ca:a8:
a7:ca:d1:cc:ba:e1:1d:bb:bd:2c:f2:e8:90:1e:be:
1a:ea:14:89:20:5d:89:9b:c1:06:c3:b0:5c:be:eb:
25:56:59:88:f0:68:58:68:87:ae:50:6b:57:80:0d:
f4:53:19:66:3f:37:80:d4:fa:0c:76:b0:00:95:a8:
7f:f1:ac:2d:e2:f4:ae:ea:88:2d:1d:cc:29:ee:cf:
7d:4e:ba:50:a2:cb:4a:28:aa:b8:82:f5:c7:94:f9:
91:96:df:ec:f1:52:ba:9e:c4:f2:44:ed:14:80:e9:
05:d4:20:06:ff:8f:a9:d0:13:d7:f6:c1:fe:45:ee:
ef:40:fd:94:4b:c9:84:ed:93:db:88:ed:9d:cf:62:
46:ae:2a:d1:69:a6:1e:d1:20:1d:9a:6b:6d:53:b6:
48:be:b5:71:80:8e:59:66:51:8a:3f:29:0c:ca:02:
f1:d0:95:6e:10:77:f7:84:04:3f:47:4c:1f:67:ef:
99:42:f2:91:39:da:11:d0:48:d0:50:66:f5:03:29:
77:39:8d:77:c5:58:ef:58:07:3e:bc:10:fa:64:f6:
a0:f5:32:e9:73:ad:79:cd:6d:19:72:03:03:1f:35:
d9:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F8:0B:E8:53:38:3B:6E:38:07:35:5B:AD:B5:A1:3E:EF:7F:A6:BB
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32382e302f32342d3234203d3e20313734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.28.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:4a:3b:81:78:7d:0c:2f:a0:bf:5f:3b:a5:67:5c:d5:de:94:
c9:0c:bc:2f:cb:b3:ac:7a:1e:65:31:ac:02:a8:57:57:50:2f:
ea:ff:de:df:8a:b6:63:6a:2f:4a:75:b9:9f:0f:50:db:54:2f:
73:38:40:50:a8:8e:40:e5:85:02:7d:47:10:a6:e7:6e:04:2a:
6d:14:e4:81:bf:04:31:5f:da:cf:6d:0b:9c:d4:d8:4a:2f:2d:
07:ba:60:76:58:c3:3d:96:a2:41:0a:c4:61:d7:5c:94:f2:86:
41:15:55:87:cf:9b:94:f7:84:22:ee:a5:9d:81:be:91:f9:d8:
98:ff:47:0f:89:06:e4:52:c6:ee:80:31:e4:a7:a5:8b:27:cb:
c0:a6:91:a9:9f:6f:1e:b4:a2:ab:24:6c:86:e8:b1:3a:7e:be:
82:7b:fe:29:ab:5b:23:a0:d9:36:c7:96:bf:b5:3f:7f:bd:dd:
00:f3:5b:47:40:e0:5d:1c:1d:ac:4d:c6:bd:08:ec:9d:6f:fe:
0d:fa:6a:7f:34:e6:de:20:39:1f:0e:a0:3e:6e:73:40:c6:f0:
78:dd:a4:79:25:7d:56:1e:8c:bd:78:10:a7:bf:e0:56:9a:16:
8a:5a:b0:c5:90:ce:89:5d:93:b8:a1:da:6d:f3:95:4a:d5:87:
49:a1:12:13
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUN+0Nhyi4l+NUsRf9CgnR66O7W0UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDA0MTcwOTUzNTlaFw0yNTA0MTYwOTU4NTlaMDMxMTAvBgNV
BAMTKDcxRjgwQkU4NTMzODNCNkUzODA3MzU1QkFEQjVBMTNFRUY3RkE2QkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvF1qe/bDLlH3KvtDrCmhZJT31
9gwaR0KcLKbKqKfK0cy64R27vSzy6JAevhrqFIkgXYmbwQbDsFy+6yVWWYjwaFho
h65Qa1eADfRTGWY/N4DU+gx2sACVqH/xrC3i9K7qiC0dzCnuz31OulCiy0ooqriC
9ceU+ZGW3+zxUrqexPJE7RSA6QXUIAb/j6nQE9f2wf5F7u9A/ZRLyYTtk9uI7Z3P
YkauKtFpph7RIB2aa21Ttki+tXGAjllmUYo/KQzKAvHQlW4Qd/eEBD9HTB9n75lC
8pE52hHQSNBQZvUDKXc5jXfFWO9YBz68EPpk9qD1MulzrXnNbRlyAwMfNdnbAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUcfgL6FM4O244BzVbrbWhPu9/prswHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzgzMjJlMzEzMTM4MmUzMjM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUnYcMA0G
CSqGSIb3DQEBCwUAA4IBAQC3SjuBeH0ML6C/XzulZ1zV3pTJDLwvy7Oseh5lMawC
qFdXUC/q/97firZjai9KdbmfD1DbVC9zOEBQqI5A5YUCfUcQpuduBCptFOSBvwQx
X9rPbQuc1NhKLy0HumB2WMM9lqJBCsRh11yU8oZBFVWHz5uU94Qi7qWdgb6R+diY
/0cPiQbkUsbugDHkp6WLJ8vAppGpn28etKKrJGyG6LE6fr6Ce/4pq1sjoNk2x5a/
tT9/vd0A81tHQOBdHB2sTca9COydb/4N+mp/NObeIDkfDqA+bnNAxvB43aR5JX1W
Hoy9eBCnv+BWmhaKWrDFkM6JXZO4odpt85VK1YdJoRIT
-----END CERTIFICATE-----
Generated at Thu May 2 00:12:24 2024 by rpki-client on console-ams.rpki-client.org