Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e33302e302f32342d3234203d3e20323036303932.roa
File: 38322e3131382e33302e302f32342d3234203d3e20323036303932.roa (raw, json)
Hash identifier: xEUwTVN0T1kCySOuAi3sG9aFDJlCk0a7jxrttP9gwng=
Subject key identifier: 40:7F:81:41:E6:17:33:44:81:35:ED:7E:7B:05:14:2A:A0:6A:CC:8E
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 7231682D86129CC888F2996FF98E8ACE56C64842
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e33302e302f32342d3234203d3e20323036303932.roa
Signing time: Thu 06 Mar 2025 11:53:55 +0000
ROA not before: Thu 06 Mar 2025 11:48:55 +0000
ROA not after: Thu 05 Mar 2026 11:53:55 +0000
asID: 206092
IP address blocks: 82.118.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:31:68:2d:86:12:9c:c8:88:f2:99:6f:f9:8e:8a:ce:56:c6:48:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Mar 6 11:48:55 2025 GMT
Not After : Mar 5 11:53:55 2026 GMT
Subject: CN=407F8141E61733448135ED7E7B05142AA06ACC8E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ba:4b:79:e5:60:9d:ca:06:44:b5:b7:37:f6:
78:b3:a5:cf:35:ca:6b:7b:9c:c3:fe:43:3a:c9:e1:
48:88:5f:56:59:45:05:7e:f7:eb:9d:43:f3:03:d8:
12:48:07:df:b1:0e:c6:5e:f2:65:b9:a5:82:bf:e0:
44:03:d3:60:53:bb:de:4d:c3:b1:d9:9a:97:40:38:
6d:e4:da:d8:f9:1d:ee:3d:c9:c6:21:7a:aa:2b:04:
f1:c9:c9:80:21:56:03:91:c4:e5:57:f7:04:e9:dd:
54:ca:ae:b4:53:59:23:0c:8a:30:f9:d0:65:f0:96:
b4:9b:5d:e9:8d:6b:50:77:2d:bd:17:ec:8c:b2:f2:
bd:1b:95:89:11:f2:fc:b2:e8:f8:88:21:d5:22:4d:
9a:c0:ca:74:01:f7:11:f0:cf:d7:21:62:b2:2e:8a:
fa:ce:50:2c:28:bc:0c:3b:cc:9c:7f:75:f7:87:ab:
85:b4:f1:16:83:d2:1b:d9:59:20:90:f0:cb:4b:c0:
2e:fc:fd:3b:b7:a7:18:a3:5a:d2:bb:cf:db:77:d1:
c5:dd:51:5d:d6:c9:80:9e:d1:82:0b:40:4c:d5:46:
c5:fd:11:e5:42:4e:ce:54:79:7e:0d:99:0b:8e:94:
cc:db:3b:87:0f:d2:8b:ef:e2:3c:92:e4:21:8d:3c:
80:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:7F:81:41:E6:17:33:44:81:35:ED:7E:7B:05:14:2A:A0:6A:CC:8E
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e33302e302f32342d3234203d3e20323036303932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.30.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:e3:e7:f9:69:e6:55:c9:70:6b:e0:0a:a1:8d:37:75:8f:49:
61:08:df:73:1d:92:64:e9:c5:a3:3e:da:b4:6f:47:2c:b6:04:
47:69:bd:43:f1:04:7c:f5:26:cd:9f:2c:37:a0:20:f1:f7:fc:
6b:4e:a8:fa:8f:e6:8a:5f:95:1f:0f:b6:79:33:1a:32:02:26:
05:b4:0a:35:24:4f:00:f1:09:46:87:f6:d7:77:00:b8:52:7f:
fc:7c:43:d1:c9:9c:20:77:59:9d:05:bb:0b:1a:de:16:1f:8e:
04:bb:13:2e:72:5c:f5:19:b1:bf:22:63:00:86:33:ef:34:84:
f3:16:7a:e2:88:40:c3:e4:c4:da:c8:6a:cb:51:96:41:bb:44:
d9:dc:23:af:7b:43:e0:d5:b3:23:a6:86:20:e7:7f:e3:96:40:
02:b9:37:9b:ce:8c:98:f4:21:72:d7:c3:ca:79:51:e8:48:06:
b8:cb:3f:fa:4c:23:83:e9:8d:b4:c3:6d:d7:7e:11:a1:92:1e:
02:37:b8:19:b6:1b:30:7d:25:24:ea:dc:26:2f:5c:df:96:0b:
e1:e9:6a:96:9d:eb:c4:cb:b9:49:1c:c5:cb:2a:51:8a:25:ad:
43:c8:0b:11:aa:8a:57:8e:69:fe:c0:c5:bd:d7:f8:d8:12:9e:
0c:5a:9d:1a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUcjFoLYYSnMiI8plv+Y6KzlbGSEIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNTAzMDYxMTQ4NTVaFw0yNjAzMDUxMTUzNTVaMDMxMTAvBgNV
BAMTKDQwN0Y4MTQxRTYxNzMzNDQ4MTM1RUQ3RTdCMDUxNDJBQTA2QUNDOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnukt55WCdygZEtbc39nizpc81
ymt7nMP+QzrJ4UiIX1ZZRQV+9+udQ/MD2BJIB9+xDsZe8mW5pYK/4EQD02BTu95N
w7HZmpdAOG3k2tj5He49ycYheqorBPHJyYAhVgORxOVX9wTp3VTKrrRTWSMMijD5
0GXwlrSbXemNa1B3Lb0X7Iyy8r0blYkR8vyy6PiIIdUiTZrAynQB9xHwz9chYrIu
ivrOUCwovAw7zJx/dfeHq4W08RaD0hvZWSCQ8MtLwC78/Tu3pxijWtK7z9t30cXd
UV3WyYCe0YILQEzVRsX9EeVCTs5UeX4NmQuOlMzbO4cP0ovv4jyS5CGNPIAHAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUQH+BQeYXM0SBNe1+ewUUKqBqzI4wHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzgzMjJlMzEzMTM4MmUzMzMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM2MzAzOTMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UnYeMA0GCSqGSIb3DQEBCwUAA4IBAQAa4+f5aeZVyXBr4AqhjTd1j0lhCN9zHZJk
6cWjPtq0b0cstgRHab1D8QR89SbNnyw3oCDx9/xrTqj6j+aKX5UfD7Z5MxoyAiYF
tAo1JE8A8QlGh/bXdwC4Un/8fEPRyZwgd1mdBbsLGt4WH44EuxMuclz1GbG/ImMA
hjPvNITzFnriiEDD5MTayGrLUZZBu0TZ3COve0Pg1bMjpoYg53/jlkACuTebzoyY
9CFy18PKeVHoSAa4yz/6TCOD6Y20w23XfhGhkh4CN7gZthswfSUk6twmL1zflgvh
6WqWnevEy7lJHMXLKlGKJa1DyAsRqopXjmn+wMW91/jYEp4MWp0a
-----END CERTIFICATE-----
Generated at Thu Apr 10 11:33:59 2025 by rpki-client