Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32352e302f32342d3234203d3e20323030303137.roa
File: 38322e3131382e32352e302f32342d3234203d3e20323030303137.roa (raw, json)
Hash identifier: Xj7QxUfE1+rgtzmJXbnH2kKq/cpDO1+ep/dj/5Rqfgw=
Subject key identifier: EF:4E:11:3D:C3:A6:23:6C:77:98:4E:0D:33:AC:E4:B8:43:E3:DB:62
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: DD67C4342211B795DFAAC1638A5DB91644D08B
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32352e302f32342d3234203d3e20323030303137.roa
Signing time: Mon 25 Mar 2024 11:19:11 +0000
ROA not before: Mon 25 Mar 2024 11:14:11 +0000
ROA not after: Mon 24 Mar 2025 11:19:11 +0000
asID: 200017
IP address blocks: 82.118.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
dd:67:c4:34:22:11:b7:95:df:aa:c1:63:8a:5d:b9:16:44:d0:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Mar 25 11:14:11 2024 GMT
Not After : Mar 24 11:19:11 2025 GMT
Subject: CN=EF4E113DC3A6236C77984E0D33ACE4B843E3DB62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:fc:76:1d:e6:f2:96:5c:ed:15:6e:74:9a:29:
4d:44:2c:46:77:53:3d:b3:b2:c1:64:4f:fa:41:ef:
3c:2d:b2:f9:07:c1:eb:ef:f9:51:12:4b:82:58:45:
3c:47:b8:97:16:3f:a3:d2:cf:fb:0f:4e:fc:b0:f4:
2a:f6:84:f6:7f:44:dc:fe:ba:29:06:c7:94:bb:9a:
88:29:02:97:8d:74:21:1e:16:67:28:ca:41:c5:65:
f2:14:33:88:d1:6d:8c:17:9d:1d:b7:ab:7a:1b:70:
2d:c0:6c:79:d1:4a:6c:eb:6e:48:e6:2e:46:19:69:
7d:22:2e:4a:32:fc:3b:e6:f2:f6:26:0a:38:00:d1:
8f:ec:ad:36:ec:99:49:9a:73:bd:aa:03:f7:3e:ec:
aa:cc:bc:9c:0d:02:71:40:d6:c6:2c:ca:d6:bc:6c:
18:47:14:60:a5:c1:28:c4:3c:d9:a0:ca:64:c0:6a:
24:bb:60:16:de:5e:9b:d6:67:c4:a1:97:4b:fc:6d:
4c:a0:3e:e3:09:5e:62:61:59:8b:e9:fc:f2:16:54:
12:78:75:94:22:ac:24:63:b3:27:4d:71:69:1c:eb:
d6:2f:91:b3:ef:b5:28:20:c0:c8:a9:37:52:eb:dc:
f0:35:26:08:8a:58:cd:2c:92:c1:a1:cf:6d:d3:4f:
f2:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:4E:11:3D:C3:A6:23:6C:77:98:4E:0D:33:AC:E4:B8:43:E3:DB:62
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32352e302f32342d3234203d3e20323030303137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.25.0/24
Signature Algorithm: sha256WithRSAEncryption
52:e5:02:e7:aa:13:81:0e:e7:ef:e6:b8:ad:de:28:17:4e:05:
4a:dc:65:cb:95:c7:2d:16:ca:0b:a9:0e:49:be:e1:81:13:d1:
9c:22:43:90:db:f3:30:b0:6e:93:9a:81:8d:47:6c:89:8c:4d:
68:69:46:0b:8c:b0:d9:11:ab:d9:5d:94:f2:80:95:f2:cc:1e:
29:ad:52:b3:b8:63:42:df:38:69:d9:9f:d8:d2:16:b2:5b:a1:
ac:a5:a1:dc:c8:2b:dd:a9:28:c9:4a:38:a5:6c:e9:3e:35:96:
04:5e:e5:eb:17:37:fd:15:96:49:52:f3:4f:69:28:64:f5:29:
8e:86:62:bb:7b:be:23:25:62:25:08:eb:82:42:df:db:14:c3:
b1:fb:6a:ab:77:97:ec:a9:bd:e9:66:81:3d:ef:bc:50:16:86:
7b:94:41:18:14:3d:2b:83:00:c6:db:2e:8c:42:22:6f:e8:f8:
72:83:39:67:5f:0a:41:64:f6:b2:e5:78:f3:d4:5b:9b:1d:44:
63:fc:7d:03:7b:65:7c:f5:10:2d:a4:e5:7e:08:33:b8:42:5e:
c0:58:ae:8e:39:2a:7e:f7:4b:5e:7b:0b:a0:d6:20:89:b5:3e:
0f:49:69:70:8d:22:5b:4c:ab:ae:18:70:1a:d5:f7:8a:dc:3e:
02:58:6f:0d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUAN1nxDQiEbeV36rBY4pduRZE0IswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDAzMjUxMTE0MTFaFw0yNTAzMjQxMTE5MTFaMDMxMTAvBgNV
BAMTKEVGNEUxMTNEQzNBNjIzNkM3Nzk4NEUwRDMzQUNFNEI4NDNFM0RCNjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCS/HYd5vKWXO0VbnSaKU1ELEZ3
Uz2zssFkT/pB7zwtsvkHwevv+VESS4JYRTxHuJcWP6PSz/sPTvyw9Cr2hPZ/RNz+
uikGx5S7mogpApeNdCEeFmcoykHFZfIUM4jRbYwXnR23q3obcC3AbHnRSmzrbkjm
LkYZaX0iLkoy/Dvm8vYmCjgA0Y/srTbsmUmac72qA/c+7KrMvJwNAnFA1sYsyta8
bBhHFGClwSjEPNmgymTAaiS7YBbeXpvWZ8Shl0v8bUygPuMJXmJhWYvp/PIWVBJ4
dZQirCRjsydNcWkc69YvkbPvtSggwMipN1Lr3PA1JgiKWM0sksGhz23TT/LjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU704RPcOmI2x3mE4NM6zkuEPj22IwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzgzMjJlMzEzMTM4MmUzMjM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMwMzAzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UnYZMA0GCSqGSIb3DQEBCwUAA4IBAQBS5QLnqhOBDufv5rit3igXTgVK3GXLlcct
FsoLqQ5JvuGBE9GcIkOQ2/MwsG6TmoGNR2yJjE1oaUYLjLDZEavZXZTygJXyzB4p
rVKzuGNC3zhp2Z/Y0hayW6GspaHcyCvdqSjJSjilbOk+NZYEXuXrFzf9FZZJUvNP
aShk9SmOhmK7e74jJWIlCOuCQt/bFMOx+2qrd5fsqb3pZoE977xQFoZ7lEEYFD0r
gwDG2y6MQiJv6PhygzlnXwpBZPay5Xjz1FubHURj/H0De2V89RAtpOV+CDO4Ql7A
WK6OOSp+90teewug1iCJtT4PSWlwjSJbTKuuGHAa1feK3D4CWG8N
-----END CERTIFICATE-----
Generated at Fri Nov 22 07:03:46 2024 by rpki-client on console-fra.rpki-client.org