Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/39322e3131342e342e302f32342d3234203d3e2036343533.roa
File: 39322e3131342e342e302f32342d3234203d3e2036343533.roa (raw, json)
Hash identifier: /6ZM4bpwKUeSgbnYynZscm1hi5VCQdd3UqvZEAv9aqs=
Subject key identifier: D4:07:E0:BE:6F:12:70:90:27:26:50:40:85:66:98:FD:40:BE:B2:1F
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 6428F03D7E3DEDED73F2955C78E9DF5BF710EA80
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/39322e3131342e342e302f32342d3234203d3e2036343533.roa
Signing time: Tue 08 Oct 2024 17:03:08 +0000
ROA not before: Tue 08 Oct 2024 16:58:08 +0000
ROA not after: Tue 07 Oct 2025 17:03:08 +0000
asID: 6453
IP address blocks: 92.114.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:28:f0:3d:7e:3d:ed:ed:73:f2:95:5c:78:e9:df:5b:f7:10:ea:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Oct 8 16:58:08 2024 GMT
Not After : Oct 7 17:03:08 2025 GMT
Subject: CN=D407E0BE6F12709027265040856698FD40BEB21F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:81:9b:c5:7b:a5:2d:12:a7:22:a0:80:84:6d:
d3:ed:78:50:49:9e:2e:ad:a5:af:86:2d:cd:2f:73:
82:f5:0f:db:b4:b2:0b:5e:74:d1:d7:64:cf:1e:1f:
d8:c0:94:de:75:84:dd:6f:39:7b:77:d1:a3:aa:3d:
a9:8d:99:e4:01:da:5b:f4:b5:32:c3:fe:5c:15:14:
e2:8b:db:75:db:a2:14:a7:a7:67:27:71:c7:c8:ba:
fd:12:f2:10:94:1c:56:5c:57:2d:0d:cb:48:ba:5d:
d1:c2:7c:77:f5:69:0e:d8:14:e7:a3:b0:40:93:4a:
64:7b:9f:58:38:fb:b2:83:e9:12:63:d0:1e:a3:d5:
65:f8:c7:00:40:a9:28:b9:e3:d3:e7:51:a0:c8:4f:
28:8e:87:64:7c:c0:e4:c7:98:8a:2c:44:44:d5:c6:
42:12:c5:ca:17:d4:9c:54:ef:6c:a3:8f:39:97:6c:
97:eb:12:cc:b5:1c:ae:cd:89:7a:bb:4c:00:43:af:
4c:74:9e:c1:e9:f8:f2:cf:a0:d0:00:cd:0d:ec:26:
de:7a:96:7f:c3:cc:9e:86:4c:bc:3e:f6:1c:5c:b2:
7e:73:92:16:84:fe:56:ce:df:f0:fe:e0:1b:89:b6:
b5:ec:4e:68:27:36:e6:18:41:06:41:1a:fd:08:e3:
2f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:07:E0:BE:6F:12:70:90:27:26:50:40:85:66:98:FD:40:BE:B2:1F
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/39322e3131342e342e302f32342d3234203d3e2036343533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.114.4.0/24
Signature Algorithm: sha256WithRSAEncryption
97:71:2c:13:96:b3:23:bd:db:ec:92:9d:96:66:fe:e9:32:da:
6d:23:c8:eb:ab:f4:d8:d8:64:05:11:37:15:96:ec:97:96:94:
08:60:fe:42:1d:36:fc:b1:5c:98:a5:a8:3c:16:b9:7f:2e:f4:
80:46:53:9d:a2:bb:93:b9:6d:87:1f:e5:f5:70:62:d4:60:98:
b0:78:7e:1b:2d:ca:84:fa:88:20:4b:b7:c7:12:16:c7:4b:b4:
ab:51:dd:a2:58:69:21:b7:77:b4:e6:b4:7b:7d:e8:59:f2:0b:
4d:fa:65:ae:e1:81:b8:e9:f5:93:a7:ee:a7:12:03:dc:5d:35:
57:da:76:80:be:52:38:ba:d4:8d:5c:a8:b0:05:b9:29:25:b0:
9c:fd:35:05:12:e5:bc:fb:8b:87:8c:1a:fe:eb:88:37:07:55:
24:1f:d1:e8:6f:b7:b3:6a:c8:b6:03:17:36:5a:fc:ff:ca:14:
b3:9d:3e:d7:08:3a:0d:a7:86:36:6d:39:c0:31:97:29:ee:51:
fa:6e:24:40:5d:3a:13:44:1b:c5:51:95:31:de:b8:55:8e:23:
de:0e:49:79:48:43:65:3e:9f:7e:96:b3:31:36:ad:09:6f:39:
e4:0b:65:86:a7:6c:5f:ef:13:14:92:f8:eb:21:4a:da:4f:8c:
f2:2b:f4:42
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUZCjwPX497e1z8pVceOnfW/cQ6oAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDEwMDgxNjU4MDhaFw0yNTEwMDcxNzAzMDhaMDMxMTAvBgNV
BAMTKEQ0MDdFMEJFNkYxMjcwOTAyNzI2NTA0MDg1NjY5OEZENDBCRUIyMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9gZvFe6UtEqcioICEbdPteFBJ
ni6tpa+GLc0vc4L1D9u0sgtedNHXZM8eH9jAlN51hN1vOXt30aOqPamNmeQB2lv0
tTLD/lwVFOKL23XbohSnp2cnccfIuv0S8hCUHFZcVy0Ny0i6XdHCfHf1aQ7YFOej
sECTSmR7n1g4+7KD6RJj0B6j1WX4xwBAqSi549PnUaDITyiOh2R8wOTHmIosRETV
xkISxcoX1JxU72yjjzmXbJfrEsy1HK7NiXq7TABDr0x0nsHp+PLPoNAAzQ3sJt56
ln/DzJ6GTLw+9hxcsn5zkhaE/lbO3/D+4BuJtrXsTmgnNuYYQQZBGv0I4y/NAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU1Afgvm8ScJAnJlBAhWaY/UC+sh8wHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzkzMjJlMzEzMTM0MmUzNDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzQzNTMzLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXHIEMA0G
CSqGSIb3DQEBCwUAA4IBAQCXcSwTlrMjvdvskp2WZv7pMtptI8jrq/TY2GQFETcV
luyXlpQIYP5CHTb8sVyYpag8Frl/LvSARlOdoruTuW2HH+X1cGLUYJiweH4bLcqE
+oggS7fHEhbHS7SrUd2iWGkht3e05rR7fehZ8gtN+mWu4YG46fWTp+6nEgPcXTVX
2naAvlI4utSNXKiwBbkpJbCc/TUFEuW8+4uHjBr+64g3B1UkH9Hob7ezasi2Axc2
Wvz/yhSznT7XCDoNp4Y2bTnAMZcp7lH6biRAXToTRBvFUZUx3rhVjiPeDkl5SENl
Pp9+lrMxNq0JbznkC2WGp2xf7xMUkvjrIUraT4zyK/RC
-----END CERTIFICATE-----
Generated at Mon Nov 25 09:40:56 2024 by rpki-client on console-ams.rpki-client.org