Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32392e302f32342d3234203d3e20323036303932.roa
File: 38322e3131382e32392e302f32342d3234203d3e20323036303932.roa (raw, json)
Hash identifier: uLUXrefiNXN8kmVmzHSF89K0flnZSJLa0AIllUoq5G0=
Subject key identifier: 08:6E:64:14:E4:E0:42:3D:27:03:74:7D:4D:37:98:63:50:FB:AD:07
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 24E645B89019B939A044FACC97AB8168E59F48EF
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32392e302f32342d3234203d3e20323036303932.roa
Signing time: Thu 06 Mar 2025 11:53:55 +0000
ROA not before: Thu 06 Mar 2025 11:48:55 +0000
ROA not after: Thu 05 Mar 2026 11:53:55 +0000
asID: 206092
IP address blocks: 82.118.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:e6:45:b8:90:19:b9:39:a0:44:fa:cc:97:ab:81:68:e5:9f:48:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Mar 6 11:48:55 2025 GMT
Not After : Mar 5 11:53:55 2026 GMT
Subject: CN=086E6414E4E0423D2703747D4D37986350FBAD07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:52:e8:e8:d7:17:ca:1d:c3:d7:79:3e:36:fd:
5a:5d:00:8b:50:38:d5:81:97:23:f0:5d:d4:f4:06:
35:d9:c2:47:74:13:4c:8e:7b:ca:0c:f7:2d:02:89:
db:9b:b1:e4:b1:48:3d:7e:f6:f3:1f:18:d6:ed:32:
0e:6d:dc:96:01:54:4f:9f:02:92:32:78:99:0b:7c:
64:ac:d2:38:94:b4:07:58:77:9b:a1:01:76:6f:1f:
02:23:38:1a:31:92:ba:c4:66:60:de:3b:f3:5c:f3:
d1:09:dd:14:7e:0a:e7:e2:df:58:7c:aa:65:ed:89:
da:7f:73:da:3e:5c:10:23:46:da:15:da:11:78:f5:
e3:dd:38:c5:68:a5:05:bd:ee:93:c8:12:60:0c:ba:
47:c6:4d:43:c0:2d:82:a0:ff:1c:3a:7f:95:82:fd:
95:e6:eb:bf:23:6b:85:ff:50:7e:dd:c2:fc:df:a1:
35:81:b8:45:b0:d0:85:a3:dd:2c:8b:91:7b:3f:e2:
61:fc:c2:f3:bb:be:6e:03:c4:7d:19:42:69:d4:60:
41:ad:01:03:65:5d:0c:2e:d9:26:e1:2f:b0:91:c8:
6c:c0:0a:95:d7:4a:00:60:b8:d6:1c:cb:e2:2b:2f:
78:b6:15:f6:d0:a6:68:a8:97:99:7b:c0:bf:c8:d9:
05:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:6E:64:14:E4:E0:42:3D:27:03:74:7D:4D:37:98:63:50:FB:AD:07
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32392e302f32342d3234203d3e20323036303932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.29.0/24
Signature Algorithm: sha256WithRSAEncryption
00:f2:a8:44:e8:b3:b0:52:38:95:be:e4:91:18:07:17:2c:c8:
fb:7d:99:08:cf:98:7f:71:e9:2c:97:22:7f:55:2f:14:dd:73:
ba:e0:93:eb:73:d2:6f:a5:19:0d:d3:b4:05:2f:20:b4:12:ac:
ef:9f:39:97:5d:7f:5c:c1:73:f9:fd:1a:63:71:51:28:49:67:
41:3e:f7:bf:fb:7a:ec:04:a0:7a:d6:b6:c7:b6:0c:04:73:82:
a3:75:30:8b:e8:36:6a:b9:28:8a:31:e4:f0:a9:0c:66:c4:2d:
64:a0:69:4a:8f:81:66:6f:c1:ea:2b:3f:5d:d9:82:5f:1a:66:
9e:9c:cc:27:07:25:e5:f2:d3:f5:61:11:43:36:bc:2d:27:79:
44:56:67:ad:0d:5e:7f:cd:d8:31:c8:48:ed:56:95:23:b4:70:
b4:fe:9a:fe:16:23:c2:2a:64:cb:eb:86:da:e9:69:a0:9b:dd:
54:ad:f3:97:b4:fe:24:62:cb:7f:d7:de:43:cd:a8:87:cd:15:
ae:85:30:74:8b:64:02:b5:f1:80:a3:8d:46:62:6b:36:ed:4a:
d1:84:da:e6:38:28:22:4e:86:0e:38:ea:77:da:a2:e9:ee:2a:
1b:4a:49:3f:87:c2:20:b7:2f:ef:ea:7b:33:f0:50:54:5c:e5:
c1:00:90:d0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUJOZFuJAZuTmgRPrMl6uBaOWfSO8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNTAzMDYxMTQ4NTVaFw0yNjAzMDUxMTUzNTVaMDMxMTAvBgNV
BAMTKDA4NkU2NDE0RTRFMDQyM0QyNzAzNzQ3RDREMzc5ODYzNTBGQkFEMDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5Uujo1xfKHcPXeT42/VpdAItQ
ONWBlyPwXdT0BjXZwkd0E0yOe8oM9y0CidubseSxSD1+9vMfGNbtMg5t3JYBVE+f
ApIyeJkLfGSs0jiUtAdYd5uhAXZvHwIjOBoxkrrEZmDeO/Nc89EJ3RR+Cufi31h8
qmXtidp/c9o+XBAjRtoV2hF49ePdOMVopQW97pPIEmAMukfGTUPALYKg/xw6f5WC
/ZXm678ja4X/UH7dwvzfoTWBuEWw0IWj3SyLkXs/4mH8wvO7vm4DxH0ZQmnUYEGt
AQNlXQwu2SbhL7CRyGzACpXXSgBguNYcy+IrL3i2FfbQpmiol5l7wL/I2QUbAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUCG5kFOTgQj0nA3R9TTeYY1D7rQcwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzgzMjJlMzEzMTM4MmUzMjM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM2MzAzOTMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UnYdMA0GCSqGSIb3DQEBCwUAA4IBAQAA8qhE6LOwUjiVvuSRGAcXLMj7fZkIz5h/
cekslyJ/VS8U3XO64JPrc9JvpRkN07QFLyC0EqzvnzmXXX9cwXP5/RpjcVEoSWdB
Pve/+3rsBKB61rbHtgwEc4KjdTCL6DZquSiKMeTwqQxmxC1koGlKj4Fmb8HqKz9d
2YJfGmaenMwnByXl8tP1YRFDNrwtJ3lEVmetDV5/zdgxyEjtVpUjtHC0/pr+FiPC
KmTL64ba6Wmgm91UrfOXtP4kYst/195DzaiHzRWuhTB0i2QCtfGAo41GYms27UrR
hNrmOCgiToYOOOp32qLp7iobSkk/h8Igty/v6nsz8FBUXOXBAJDQ
-----END CERTIFICATE-----
Generated at Thu Apr 10 13:26:42 2025 by rpki-client