Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e33312e302f32342d3234203d3e20313431313538.roa
File: 38322e3131382e33312e302f32342d3234203d3e20313431313538.roa (raw, json)
Hash identifier: LsFTl/kkclLnXGVAOnhI1QjalE+07xRLUihbF17vqI4=
Subject key identifier: AB:9F:F4:25:18:66:BA:59:E7:E2:87:7D:CB:FF:D8:C0:11:0A:B1:99
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 3E4187EDD14F3B7A92417AAEDB364C2CE93C2D8A
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e33312e302f32342d3234203d3e20313431313538.roa
Signing time: Thu 06 Mar 2025 11:53:55 +0000
ROA not before: Thu 06 Mar 2025 11:48:55 +0000
ROA not after: Thu 05 Mar 2026 11:53:55 +0000
asID: 141158
IP address blocks: 82.118.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:41:87:ed:d1:4f:3b:7a:92:41:7a:ae:db:36:4c:2c:e9:3c:2d:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Mar 6 11:48:55 2025 GMT
Not After : Mar 5 11:53:55 2026 GMT
Subject: CN=AB9FF4251866BA59E7E2877DCBFFD8C0110AB199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:d6:ca:d1:70:f0:7e:72:9d:eb:77:9c:f8:e2:
37:35:d7:9a:8d:36:cd:32:35:0d:a5:63:6d:4c:58:
59:cd:f1:1c:2c:de:b7:88:21:4c:9a:a1:df:18:1e:
db:6b:62:9d:5d:16:66:12:2a:41:12:0d:0a:fe:ea:
84:04:b2:22:03:4c:da:ca:f1:4c:da:3c:25:c1:9e:
74:f4:57:ee:b2:7b:78:2b:ee:13:bb:24:b5:04:ff:
ef:7e:eb:e5:20:9f:91:f8:1f:8c:fe:eb:38:12:86:
81:b4:75:38:35:b4:91:0f:52:4c:2b:b7:fc:72:79:
c6:6d:a3:6d:4b:0a:6e:37:7b:c3:9c:ae:4c:da:95:
ea:a9:ab:06:0d:0c:27:94:92:40:13:57:7c:9a:3d:
45:a0:9d:ea:dd:09:5a:be:d9:4e:b7:68:9f:b9:bf:
19:69:7f:2d:59:70:71:50:28:2e:fb:4d:63:50:eb:
91:4f:ed:01:04:8b:ee:32:4b:d9:39:6e:41:41:bd:
f0:5d:b1:ab:41:f6:8d:ac:12:6b:f9:1d:1f:dc:94:
d7:7d:21:0a:8a:45:fd:58:24:00:bf:b3:87:bf:9a:
4c:d8:c5:99:d4:1c:ff:ec:3f:c5:78:fa:8b:30:31:
50:07:a3:6d:8f:6d:ff:da:eb:22:43:78:b6:50:32:
d9:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:9F:F4:25:18:66:BA:59:E7:E2:87:7D:CB:FF:D8:C0:11:0A:B1:99
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e33312e302f32342d3234203d3e20313431313538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.31.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:4b:53:61:a6:9d:a6:d3:0c:e9:e8:d6:4e:71:c5:51:e0:05:
7d:21:d9:bc:70:f1:23:8f:39:3d:fc:5d:5d:1f:84:5c:95:06:
43:be:aa:f1:66:80:cf:dd:e1:80:7d:14:ba:ce:e5:55:5c:b7:
18:5e:7d:f9:93:00:96:d1:7c:8a:82:4f:e3:43:2c:ba:e8:c2:
fe:d5:ee:8d:c3:fa:e2:6a:fa:e9:77:7a:73:06:b4:50:fa:f5:
9c:c7:ba:e9:62:bd:ed:09:d3:4d:a4:5d:bb:57:b6:53:b9:31:
72:31:97:5b:4f:c2:0e:bb:12:c8:eb:83:68:f5:f9:78:7f:c0:
6d:c6:1e:44:65:9a:fa:99:46:9a:83:88:80:de:b0:e5:50:15:
5b:f9:31:0a:68:85:dc:ad:d4:d8:3f:41:68:4b:25:54:c5:0a:
94:d7:f0:1e:dd:f3:1b:4c:21:55:91:cf:cf:34:27:69:a5:36:
ab:f0:af:d0:84:f8:61:cf:27:21:db:eb:13:bf:d3:cf:e9:68:
96:9c:c2:cc:93:a4:1e:b4:d4:28:5c:50:57:2a:0d:e3:f3:0c:
05:52:e2:c1:2f:2e:1e:f6:cc:25:70:e0:7d:b5:ee:18:c5:92:
21:84:f9:13:f9:32:3a:d2:e1:d2:4d:aa:c8:48:f8:4d:20:41:
91:30:b0:78
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUPkGH7dFPO3qSQXqu2zZMLOk8LYowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNTAzMDYxMTQ4NTVaFw0yNjAzMDUxMTUzNTVaMDMxMTAvBgNV
BAMTKEFCOUZGNDI1MTg2NkJBNTlFN0UyODc3RENCRkZEOEMwMTEwQUIxOTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDz1srRcPB+cp3rd5z44jc115qN
Ns0yNQ2lY21MWFnN8Rws3reIIUyaod8YHttrYp1dFmYSKkESDQr+6oQEsiIDTNrK
8UzaPCXBnnT0V+6ye3gr7hO7JLUE/+9+6+Ugn5H4H4z+6zgShoG0dTg1tJEPUkwr
t/xyecZto21LCm43e8OcrkzaleqpqwYNDCeUkkATV3yaPUWgnerdCVq+2U63aJ+5
vxlpfy1ZcHFQKC77TWNQ65FP7QEEi+4yS9k5bkFBvfBdsatB9o2sEmv5HR/clNd9
IQqKRf1YJAC/s4e/mkzYxZnUHP/sP8V4+oswMVAHo22Pbf/a6yJDeLZQMtkdAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUq5/0JRhmulnn4od9y//YwBEKsZkwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzgzMjJlMzEzMTM4MmUzMzMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDMxMzEzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UnYfMA0GCSqGSIb3DQEBCwUAA4IBAQDKS1Nhpp2m0wzp6NZOccVR4AV9Idm8cPEj
jzk9/F1dH4RclQZDvqrxZoDP3eGAfRS6zuVVXLcYXn35kwCW0XyKgk/jQyy66ML+
1e6Nw/riavrpd3pzBrRQ+vWcx7rpYr3tCdNNpF27V7ZTuTFyMZdbT8IOuxLI64No
9fl4f8Btxh5EZZr6mUaag4iA3rDlUBVb+TEKaIXcrdTYP0FoSyVUxQqU1/Ae3fMb
TCFVkc/PNCdppTar8K/QhPhhzych2+sTv9PP6WiWnMLMk6QetNQoXFBXKg3j8wwF
UuLBLy4e9swlcOB9te4YxZIhhPkT+TI60uHSTarISPhNIEGRMLB4
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:15:37 2025 by rpki-client