Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/39322e3131342e342e302f32342d3234203d3e20313734.roa
File: 39322e3131342e342e302f32342d3234203d3e20313734.roa (raw, json)
Hash identifier: uPREMuajWuOQnSvlbfawX4sZecgpYinL91SO2kiosCs=
Subject key identifier: BE:11:F9:35:FA:B7:D8:41:91:EE:31:A9:DC:3C:1B:E5:32:8C:73:97
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 31E7A7F889CA43C5B3D63AB94F584A967D3BBED6
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/39322e3131342e342e302f32342d3234203d3e20313734.roa
Signing time: Thu 04 Jan 2024 12:56:01 +0000
ROA not before: Thu 04 Jan 2024 12:51:01 +0000
ROA not after: Thu 02 Jan 2025 12:56:01 +0000
asID: 174
IP address blocks: 92.114.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 04:37:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:e7:a7:f8:89:ca:43:c5:b3:d6:3a:b9:4f:58:4a:96:7d:3b:be:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Jan 4 12:51:01 2024 GMT
Not After : Jan 2 12:56:01 2025 GMT
Subject: CN=BE11F935FAB7D84191EE31A9DC3C1BE5328C7397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:5a:a0:a9:e2:a8:77:21:bc:1c:52:1d:de:ef:
a5:3e:6e:d4:d9:e2:4e:eb:d4:16:bf:7b:c7:14:73:
de:08:5c:83:e7:01:4b:66:57:be:e9:df:0c:d7:b3:
a6:4c:b3:80:a7:79:81:ff:e9:2d:8a:2b:fb:1b:00:
b1:dc:fc:f3:da:43:fa:e6:4d:f2:8d:9e:fd:0a:4c:
69:80:00:8d:b1:b7:ac:9b:01:c7:a1:b4:0d:94:10:
8a:28:64:04:13:d9:f9:23:22:fa:96:fb:30:73:5e:
11:49:47:b9:7d:45:2b:6b:00:c9:de:78:53:7e:eb:
22:72:28:de:f8:97:a9:f6:ce:d5:a8:f1:e9:fa:b0:
9c:6d:12:09:61:2e:cf:62:92:e1:44:a7:5f:55:6c:
30:32:14:2d:89:06:9c:f7:e7:fd:8b:dc:17:e5:8e:
bb:a7:b5:95:3b:80:e7:f2:f8:88:cd:a9:f0:dc:0f:
62:07:da:5c:c6:38:25:a1:b8:fc:5e:56:2a:b5:a0:
22:2f:c5:a9:21:3f:92:3e:68:72:15:a3:38:1b:0d:
35:cf:3c:c8:ae:ca:c0:26:9e:de:54:ba:87:dc:37:
8e:8d:34:0e:de:a9:c6:84:f0:77:9d:a4:70:47:b4:
c0:00:24:6b:42:fc:13:b2:4f:86:a3:be:60:71:b2:
4c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:11:F9:35:FA:B7:D8:41:91:EE:31:A9:DC:3C:1B:E5:32:8C:73:97
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/39322e3131342e342e302f32342d3234203d3e20313734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.114.4.0/24
Signature Algorithm: sha256WithRSAEncryption
23:90:34:a3:a6:9c:63:f2:5d:84:9a:ea:68:74:3e:67:bd:0f:
ec:d6:33:b5:63:fa:4e:54:8f:83:08:a0:29:66:7a:42:90:1e:
ca:c9:bf:96:1b:ac:b8:94:f2:dd:50:a2:68:76:d8:4d:a1:5b:
77:3e:37:06:ca:93:6c:f0:7d:0c:73:e2:e7:a2:a5:ba:d3:6a:
cd:d7:be:00:ef:07:1e:37:50:1a:4d:35:a1:71:5c:e2:48:b1:
88:71:f5:65:30:06:e5:46:7a:08:77:dc:4f:a3:13:97:80:c1:
86:86:1c:ec:87:e8:e2:2c:da:58:c6:a7:84:d9:3a:c3:cd:3f:
53:03:d3:a6:dd:84:97:ce:1e:43:5d:10:56:e6:d2:8b:24:d9:
23:44:46:4c:f0:45:a4:32:df:c2:b8:62:ce:2e:bc:fc:25:5c:
cc:ab:25:3d:c2:26:c6:c4:4a:b0:40:13:b2:d2:a8:3a:f4:e2:
8e:c5:1b:55:d3:a5:43:1c:be:a0:92:8f:86:08:fe:84:2d:0f:
34:f4:56:8f:95:a9:bb:a9:ca:b5:29:98:10:a2:3e:58:35:a8:
76:72:d4:be:59:b8:cc:1b:6b:1c:3e:55:fe:ef:94:e8:a8:46:
21:11:de:9a:aa:97:40:3a:59:03:61:1e:69:a6:57:b5:b7:b1:
a0:f1:c0:75
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUMeen+InKQ8Wz1jq5T1hKln07vtYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDAxMDQxMjUxMDFaFw0yNTAxMDIxMjU2MDFaMDMxMTAvBgNV
BAMTKEJFMTFGOTM1RkFCN0Q4NDE5MUVFMzFBOURDM0MxQkU1MzI4QzczOTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCIWqCp4qh3IbwcUh3e76U+btTZ
4k7r1Ba/e8cUc94IXIPnAUtmV77p3wzXs6ZMs4CneYH/6S2KK/sbALHc/PPaQ/rm
TfKNnv0KTGmAAI2xt6ybAcehtA2UEIooZAQT2fkjIvqW+zBzXhFJR7l9RStrAMne
eFN+6yJyKN74l6n2ztWo8en6sJxtEglhLs9ikuFEp19VbDAyFC2JBpz35/2L3Bfl
jruntZU7gOfy+IjNqfDcD2IH2lzGOCWhuPxeViq1oCIvxakhP5I+aHIVozgbDTXP
PMiuysAmnt5UuofcN46NNA7eqcaE8HedpHBHtMAAJGtC/BOyT4ajvmBxskx1AgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUvhH5Nfq32EGR7jGp3Dwb5TKMc5cwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzkzMjJlMzEzMTM0MmUzNDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzczNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFxyBDANBgkq
hkiG9w0BAQsFAAOCAQEAI5A0o6acY/JdhJrqaHQ+Z70P7NYztWP6TlSPgwigKWZ6
QpAeysm/lhusuJTy3VCiaHbYTaFbdz43BsqTbPB9DHPi56KlutNqzde+AO8HHjdQ
Gk01oXFc4kixiHH1ZTAG5UZ6CHfcT6MTl4DBhoYc7Ifo4izaWManhNk6w80/UwPT
pt2El84eQ10QVubSiyTZI0RGTPBFpDLfwrhizi68/CVczKslPcImxsRKsEATstKo
OvTijsUbVdOlQxy+oJKPhgj+hC0PNPRWj5Wpu6nKtSmYEKI+WDWodnLUvlm4zBtr
HD5V/u+U6KhGIRHemqqXQDpZA2EeaaZXtbexoPHAdQ==
-----END CERTIFICATE-----
Generated at Sat Apr 27 14:13:53 2024 by rpki-client on console-ams.rpki-client.org