Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32372e302f32342d3234203d3e20313532333638.roa
File: 38322e3131382e32372e302f32342d3234203d3e20313532333638.roa (raw, json)
Hash identifier: aQhTEX+vxeV3ZZfNL5D+dCcUW9S6viOj1Qv7aJUTDOo=
Subject key identifier: CF:51:2D:4C:8B:1E:79:BA:35:3C:F9:C9:6B:33:EA:D1:8C:44:0B:DC
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 1B43F65413DD8AD6F8FF3844464330D663C0C3EA
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32372e302f32342d3234203d3e20313532333638.roa
Signing time: Sat 22 Feb 2025 14:10:24 +0000
ROA not before: Sat 22 Feb 2025 14:05:24 +0000
ROA not after: Sat 21 Feb 2026 14:10:24 +0000
asID: 152368
IP address blocks: 82.118.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:43:f6:54:13:dd:8a:d6:f8:ff:38:44:46:43:30:d6:63:c0:c3:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Feb 22 14:05:24 2025 GMT
Not After : Feb 21 14:10:24 2026 GMT
Subject: CN=CF512D4C8B1E79BA353CF9C96B33EAD18C440BDC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:96:58:b1:fa:3a:66:93:4c:60:b4:7e:73:9e:
52:33:75:ed:ae:ea:ca:cb:af:23:2c:5d:f4:27:c8:
4d:e0:96:a4:22:09:fc:7d:89:3c:74:eb:65:8f:7e:
27:38:48:ab:46:de:22:74:67:fe:8c:b2:9c:85:91:
95:49:e0:e2:2c:5b:9c:78:a3:72:c0:0b:3a:5e:01:
25:55:18:12:d5:99:fc:68:41:68:68:ae:dc:79:80:
6a:fa:69:89:e7:b8:00:7d:8c:3a:0b:97:f3:66:f7:
77:db:73:89:f4:d1:48:fd:9f:90:4b:bd:04:77:25:
4d:bd:47:fc:3d:00:2c:0c:8b:24:f0:b6:c2:e8:e0:
19:af:60:fe:a8:59:94:dd:57:cc:0a:ab:55:95:55:
e2:09:7c:44:e4:41:ba:51:e8:af:d7:47:eb:96:3a:
2e:fe:53:0b:c9:d5:e6:26:46:4e:bd:88:8b:37:1b:
56:39:4d:32:a9:2c:13:eb:49:9c:3f:e0:3a:03:7e:
16:bf:49:59:2d:02:ec:d1:d3:7e:ea:a0:32:5e:2c:
60:00:06:18:4a:44:b6:c3:4c:8e:cb:8f:9e:12:b7:
26:54:ae:d5:d5:10:a9:d2:53:b9:6b:be:fa:ec:88:
3d:81:4a:d1:52:0f:a3:07:53:36:0d:9d:7f:0b:83:
ff:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:51:2D:4C:8B:1E:79:BA:35:3C:F9:C9:6B:33:EA:D1:8C:44:0B:DC
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32372e302f32342d3234203d3e20313532333638.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.27.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:3f:df:51:3a:e4:b1:ba:18:dc:e7:99:ef:aa:48:dc:2e:a4:
75:ea:d7:c2:c2:bb:da:15:52:bc:50:21:95:cb:31:09:1d:ea:
3e:ec:20:f9:f4:ed:9a:29:01:b2:ee:89:59:1f:23:d9:09:b0:
e5:98:d3:d6:56:49:82:0b:ff:d9:d0:0b:54:31:6a:ca:32:36:
04:55:63:b2:e8:8f:60:ae:cc:a1:31:a7:49:4d:7d:d0:0f:c3:
8a:57:81:f2:cd:0b:56:de:0b:46:40:4c:e7:c8:94:70:4e:45:
91:f2:af:12:42:eb:78:85:b3:2b:97:cd:a9:9a:d5:8d:ed:27:
b9:ad:08:fd:17:2a:36:31:44:eb:65:8a:34:35:5a:33:c0:30:
b5:70:b7:ce:ff:06:d5:18:6d:4b:28:c5:2e:f8:1d:a6:67:1a:
e7:8c:c2:0c:c7:f6:8b:14:6c:04:17:7a:d2:cd:93:1d:7e:4a:
41:4d:c1:be:d3:f3:29:9f:84:e6:9a:1c:ff:9e:45:d6:54:2a:
a0:a7:9b:a0:82:72:76:1e:22:e5:9b:c8:df:77:55:b5:44:06:
33:85:91:42:14:cb:a2:8d:a4:a2:0e:8e:c8:90:b5:f8:b6:81:
51:1e:42:60:58:74:b2:a6:70:d9:00:a3:42:f4:f0:3c:0b:7a:
57:cc:cb:b8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUG0P2VBPditb4/zhERkMw1mPAw+owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNTAyMjIxNDA1MjRaFw0yNjAyMjExNDEwMjRaMDMxMTAvBgNV
BAMTKENGNTEyRDRDOEIxRTc5QkEzNTNDRjlDOTZCMzNFQUQxOEM0NDBCREMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4llix+jpmk0xgtH5znlIzde2u
6srLryMsXfQnyE3glqQiCfx9iTx062WPfic4SKtG3iJ0Z/6MspyFkZVJ4OIsW5x4
o3LACzpeASVVGBLVmfxoQWhortx5gGr6aYnnuAB9jDoLl/Nm93fbc4n00Uj9n5BL
vQR3JU29R/w9ACwMiyTwtsLo4BmvYP6oWZTdV8wKq1WVVeIJfETkQbpR6K/XR+uW
Oi7+UwvJ1eYmRk69iIs3G1Y5TTKpLBPrSZw/4DoDfha/SVktAuzR037qoDJeLGAA
BhhKRLbDTI7Lj54StyZUrtXVEKnSU7lrvvrsiD2BStFSD6MHUzYNnX8Lg/9hAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUz1EtTIseebo1PPnJazPq0YxEC9wwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzgzMjJlMzEzMTM4MmUzMjM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNTMyMzMzNjM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UnYbMA0GCSqGSIb3DQEBCwUAA4IBAQB9P99ROuSxuhjc55nvqkjcLqR16tfCwrva
FVK8UCGVyzEJHeo+7CD59O2aKQGy7olZHyPZCbDlmNPWVkmCC//Z0AtUMWrKMjYE
VWOy6I9grsyhMadJTX3QD8OKV4HyzQtW3gtGQEznyJRwTkWR8q8SQut4hbMrl82p
mtWN7Se5rQj9Fyo2MUTrZYo0NVozwDC1cLfO/wbVGG1LKMUu+B2mZxrnjMIMx/aL
FGwEF3rSzZMdfkpBTcG+0/Mpn4Tmmhz/nkXWVCqgp5uggnJ2HiLlm8jfd1W1RAYz
hZFCFMuijaSiDo7IkLX4toFRHkJgWHSypnDZAKNC9PA8C3pXzMu4
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:25:45 2025 by rpki-client