Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e33312e302f32342d3234203d3e203134363138.roa
File: 38322e3131382e33312e302f32342d3234203d3e203134363138.roa (raw, json)
Hash identifier: kFhiNJlJof79iFCY+qFA675VZY6iId3gYsUEWyvvVtQ=
Subject key identifier: D6:20:F5:F8:CA:9C:CF:F7:C4:0E:D3:DF:7D:5E:98:02:25:F5:E2:89
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 1EE77E1B958FA59FA3EF0DD2A36CCBCE8B1A8A65
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e33312e302f32342d3234203d3e203134363138.roa
Signing time: Thu 04 Apr 2024 11:05:14 +0000
ROA not before: Thu 04 Apr 2024 11:00:14 +0000
ROA not after: Thu 03 Apr 2025 11:05:14 +0000
asID: 14618
IP address blocks: 82.118.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:e7:7e:1b:95:8f:a5:9f:a3:ef:0d:d2:a3:6c:cb:ce:8b:1a:8a:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Apr 4 11:00:14 2024 GMT
Not After : Apr 3 11:05:14 2025 GMT
Subject: CN=D620F5F8CA9CCFF7C40ED3DF7D5E980225F5E289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:da:be:a1:42:62:eb:f4:31:af:db:33:0c:e7:
0a:c4:c5:83:36:81:ad:7b:d2:ed:39:93:cd:07:75:
7e:12:7b:b7:00:bf:10:04:bb:44:a4:3b:37:32:6d:
4e:32:72:b3:de:12:65:0c:a1:ef:35:16:17:77:13:
0c:79:03:a3:5c:13:a2:f3:af:31:b0:1b:19:58:8f:
76:a1:d2:3f:00:ce:21:14:93:73:72:b5:95:16:4d:
07:d3:b8:b5:36:5a:b0:fc:63:d6:bb:30:b4:ee:d3:
91:07:96:3e:d3:9c:e2:39:bf:1a:18:31:11:59:88:
e2:42:1e:36:95:d0:25:9e:e9:2b:11:ac:37:3f:c9:
d2:92:73:e7:5b:98:57:46:04:df:6f:1a:0f:ac:57:
b4:49:fe:ca:61:65:93:ea:e8:75:b4:a0:72:48:60:
8a:97:01:17:af:74:16:a3:f5:89:ee:4d:5d:77:f2:
c9:3e:88:94:4d:ac:90:17:e3:74:8a:df:b8:66:5a:
29:18:ca:8d:3d:26:12:9f:be:24:ed:74:81:bf:8a:
a7:bc:72:03:e5:b5:3b:bf:b0:d4:f4:00:5e:7b:76:
39:e6:0f:b0:19:3a:04:c3:bb:00:04:68:88:97:7d:
8e:b3:7a:d2:10:82:e4:93:0e:2b:e0:b5:73:5c:5c:
9c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:20:F5:F8:CA:9C:CF:F7:C4:0E:D3:DF:7D:5E:98:02:25:F5:E2:89
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e33312e302f32342d3234203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.31.0/24
Signature Algorithm: sha256WithRSAEncryption
32:5b:cd:13:b2:9d:c3:a0:e0:e3:ed:f6:95:84:41:54:13:97:
b9:6e:1f:a1:8b:2b:cf:21:da:f4:40:d0:74:19:e1:64:75:48:
63:f2:8e:8f:d6:7e:8f:e2:18:d3:ec:59:7c:0f:10:21:d6:0a:
ee:3e:0c:97:c7:55:36:f1:65:63:8c:2b:f9:1e:9f:ee:4e:00:
ed:16:f4:dc:87:d1:cb:2d:c2:84:a8:41:21:f8:e8:7d:d7:47:
5f:26:1f:e5:cd:4c:05:2b:1b:d4:d2:f4:ae:a4:dc:80:54:64:
60:a9:16:3f:da:a5:69:ca:82:1f:bc:95:21:2a:af:a4:06:61:
f6:89:77:7a:2d:14:92:08:2b:e7:23:bb:ee:04:dd:45:a6:fc:
6e:5b:86:78:2b:60:bf:f8:9e:6c:42:dc:f8:06:7d:bb:69:a7:
1f:a9:54:64:f6:c0:78:c8:f0:2b:fb:cd:88:e2:47:0a:d3:3e:
d9:bd:02:20:a9:9d:b0:df:6e:c9:c1:7e:76:42:50:32:4b:c1:
51:43:ab:e2:d2:9a:d0:99:b7:a1:cd:34:29:b9:ff:45:67:e3:
99:2c:c1:e9:e9:8c:34:92:ee:09:06:84:2d:11:3d:2c:82:36:
e5:0b:b0:d4:d6:75:fd:f0:d7:08:6e:ee:b4:ff:13:1f:da:01:
61:0b:49:79
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUHud+G5WPpZ+j7w3So2zLzosaimUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDA0MDQxMTAwMTRaFw0yNTA0MDMxMTA1MTRaMDMxMTAvBgNV
BAMTKEQ2MjBGNUY4Q0E5Q0NGRjdDNDBFRDNERjdENUU5ODAyMjVGNUUyODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj2r6hQmLr9DGv2zMM5wrExYM2
ga170u05k80HdX4Se7cAvxAEu0SkOzcybU4ycrPeEmUMoe81Fhd3Ewx5A6NcE6Lz
rzGwGxlYj3ah0j8AziEUk3NytZUWTQfTuLU2WrD8Y9a7MLTu05EHlj7TnOI5vxoY
MRFZiOJCHjaV0CWe6SsRrDc/ydKSc+dbmFdGBN9vGg+sV7RJ/sphZZPq6HW0oHJI
YIqXARevdBaj9YnuTV138sk+iJRNrJAX43SK37hmWikYyo09JhKfviTtdIG/iqe8
cgPltTu/sNT0AF57djnmD7AZOgTDuwAEaIiXfY6zetIQguSTDivgtXNcXJwtAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU1iD1+Mqcz/fEDtPffV6YAiX14okwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzgzMjJlMzEzMTM4MmUzMzMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDM2MzEzOC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFJ2
HzANBgkqhkiG9w0BAQsFAAOCAQEAMlvNE7Kdw6Dg4+32lYRBVBOXuW4foYsrzyHa
9EDQdBnhZHVIY/KOj9Z+j+IY0+xZfA8QIdYK7j4Ml8dVNvFlY4wr+R6f7k4A7Rb0
3IfRyy3ChKhBIfjofddHXyYf5c1MBSsb1NL0rqTcgFRkYKkWP9qlacqCH7yVISqv
pAZh9ol3ei0Ukggr5yO77gTdRab8bluGeCtgv/iebELc+AZ9u2mnH6lUZPbAeMjw
K/vNiOJHCtM+2b0CIKmdsN9uycF+dkJQMkvBUUOr4tKa0Jm3oc00Kbn/RWfjmSzB
6emMNJLuCQaELRE9LII25Quw1NZ1/fDXCG7utP8TH9oBYQtJeQ==
-----END CERTIFICATE-----
Generated at Thu May 2 03:21:46 2024 by rpki-client on console-fra.rpki-client.org