Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/39322e3131342e342e302f32342d3234203d3e2033323537.roa
File: 39322e3131342e342e302f32342d3234203d3e2033323537.roa (raw, json)
Hash identifier: UgZxEXwT8pSE1VZlsjmylIMKCxlYqfPsjvkOXVK6PgE=
Subject key identifier: FB:98:4F:EB:0E:AB:6D:CB:0A:A3:FB:11:BA:A9:90:1C:9D:3F:46:1D
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 67BEFEBDE3566F207B43A0310946E1897B176EE0
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/39322e3131342e342e302f32342d3234203d3e2033323537.roa
Signing time: Tue 08 Oct 2024 17:03:08 +0000
ROA not before: Tue 08 Oct 2024 16:58:08 +0000
ROA not after: Tue 07 Oct 2025 17:03:08 +0000
asID: 3257
IP address blocks: 92.114.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:be:fe:bd:e3:56:6f:20:7b:43:a0:31:09:46:e1:89:7b:17:6e:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Oct 8 16:58:08 2024 GMT
Not After : Oct 7 17:03:08 2025 GMT
Subject: CN=FB984FEB0EAB6DCB0AA3FB11BAA9901C9D3F461D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:4a:54:22:5c:2e:e2:03:66:76:1e:a0:74:b2:
70:d7:9a:d2:83:2b:0b:5c:41:da:b4:8c:4a:25:7b:
5f:c8:ea:38:cf:0c:32:3c:17:b1:28:40:fd:de:38:
64:4d:20:2a:c3:a9:3c:08:3f:8f:66:19:3b:bd:7a:
18:b2:18:9f:04:ab:df:5e:7a:3d:c7:25:fd:c3:68:
b2:a6:85:00:ad:b3:4c:2f:af:e8:b9:e7:f7:5e:65:
8b:d6:cc:1c:ea:f9:a5:24:2d:b0:4f:e9:fd:0a:f2:
bc:bc:0f:cb:55:96:8c:4f:05:f4:fe:da:35:dd:fa:
8f:a7:59:23:d1:d2:63:6b:a9:ca:d8:ba:84:18:9c:
a0:95:60:42:9a:6c:85:e0:c6:6d:7a:08:7f:e9:33:
8c:fa:df:4f:f2:ba:99:78:ac:d4:d4:72:10:cd:4e:
f7:d6:ce:6d:53:68:9b:28:47:e3:f6:ef:0a:23:61:
60:96:04:cd:16:2e:e6:1d:8c:7c:4a:89:d7:fb:d8:
b6:77:6e:20:27:3c:bb:5e:b2:7e:e5:d5:1c:15:4c:
f6:7f:bf:ae:18:e4:6c:b6:9c:c9:64:98:21:a5:a0:
ce:fd:8b:5a:3d:0d:96:78:83:7a:75:39:db:ff:54:
64:a5:a9:b8:df:9d:12:a0:ac:b5:6b:6c:4e:84:c8:
6b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:98:4F:EB:0E:AB:6D:CB:0A:A3:FB:11:BA:A9:90:1C:9D:3F:46:1D
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/39322e3131342e342e302f32342d3234203d3e2033323537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.114.4.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:08:33:dc:f4:e2:6b:b5:96:fe:fd:a9:61:5a:4c:ee:38:16:
e1:4d:33:f5:57:23:91:80:a9:45:cb:58:e0:ff:86:b6:9b:36:
b6:33:95:ca:3b:34:f1:1e:da:cd:5d:fe:0c:a8:3a:28:f3:ff:
b7:ec:46:8d:21:88:51:a0:40:f3:5b:69:8d:c7:d4:42:ba:e4:
35:9c:e3:cb:44:e7:c4:8e:80:1b:49:28:0e:e7:0e:7e:a6:e6:
1f:48:8c:e6:f4:c6:60:94:86:34:74:d7:a7:c0:79:75:85:c9:
4f:d4:3b:91:cb:c3:c3:19:c6:2e:ce:a2:64:4f:50:75:63:f7:
de:b9:b6:72:f4:ea:3d:98:a9:e7:b2:51:30:c6:de:53:fa:c3:
a2:d6:24:1b:53:20:99:54:bc:a8:36:0c:cd:5b:0a:a8:d0:da:
86:03:a4:23:b1:81:c7:f7:22:4b:b5:a0:43:17:81:c1:54:28:
2e:f6:08:bd:41:68:36:8a:d6:e4:b5:d9:7d:36:cc:65:39:34:
27:e5:11:e2:a1:bd:85:f4:a5:9e:0e:04:1e:40:6e:8c:a6:2f:
81:05:fa:b8:97:b7:0b:ac:c3:0e:8e:22:3b:54:bf:4d:b7:53:
37:b8:82:24:ce:a4:d8:09:d7:86:8c:dc:cf:e2:f4:17:46:76:
c0:f5:19:23
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUZ77+veNWbyB7Q6AxCUbhiXsXbuAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDEwMDgxNjU4MDhaFw0yNTEwMDcxNzAzMDhaMDMxMTAvBgNV
BAMTKEZCOTg0RkVCMEVBQjZEQ0IwQUEzRkIxMUJBQTk5MDFDOUQzRjQ2MUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhSlQiXC7iA2Z2HqB0snDXmtKD
KwtcQdq0jEole1/I6jjPDDI8F7EoQP3eOGRNICrDqTwIP49mGTu9ehiyGJ8Eq99e
ej3HJf3DaLKmhQCts0wvr+i55/deZYvWzBzq+aUkLbBP6f0K8ry8D8tVloxPBfT+
2jXd+o+nWSPR0mNrqcrYuoQYnKCVYEKabIXgxm16CH/pM4z630/yupl4rNTUchDN
TvfWzm1TaJsoR+P27wojYWCWBM0WLuYdjHxKidf72LZ3biAnPLtesn7l1RwVTPZ/
v64Y5Gy2nMlkmCGloM79i1o9DZZ4g3p1Odv/VGSlqbjfnRKgrLVrbE6EyGs1AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU+5hP6w6rbcsKo/sRuqmQHJ0/Rh0wHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzkzMjJlMzEzMTM0MmUzNDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzIzNTM3LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXHIEMA0G
CSqGSIb3DQEBCwUAA4IBAQAaCDPc9OJrtZb+/alhWkzuOBbhTTP1VyORgKlFy1jg
/4a2mza2M5XKOzTxHtrNXf4MqDoo8/+37EaNIYhRoEDzW2mNx9RCuuQ1nOPLROfE
joAbSSgO5w5+puYfSIzm9MZglIY0dNenwHl1hclP1DuRy8PDGcYuzqJkT1B1Y/fe
ubZy9Oo9mKnnslEwxt5T+sOi1iQbUyCZVLyoNgzNWwqo0NqGA6QjsYHH9yJLtaBD
F4HBVCgu9gi9QWg2itbktdl9NsxlOTQn5RHiob2F9KWeDgQeQG6Mpi+BBfq4l7cL
rMMOjiI7VL9Nt1M3uIIkzqTYCdeGjNzP4vQXRnbA9Rkj
-----END CERTIFICATE-----
Generated at Thu Nov 21 17:13:50 2024 by rpki-client on console-ams.rpki-client.org