Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/3/323030313a3637633a326265383a3a2f34382d3438203d3e20323035333239.roa
File: 323030313a3637633a326265383a3a2f34382d3438203d3e20323035333239.roa (raw, json)
Hash identifier: Q3gUCQl36IAcgASgZpRNl+uoC3qIgC4n0ifLHKIktwU=
Subject key identifier: 71:8B:6C:12:E9:ED:39:A4:E9:77:C7:65:17:5A:AA:B9:82:24:4B:83
Certificate issuer: /CN=d642975f535f45fd9f6d8fea626bc6d24bc9d8d8
Certificate serial: 132F1A123294077ECFA8A70511CED13746A30183
Authority key identifier: D6:42:97:5F:53:5F:45:FD:9F:6D:8F:EA:62:6B:C6:D2:4B:C9:D8:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1kKXX1NfRf2fbY_qYmvG0kvJ2Ng.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/3/323030313a3637633a326265383a3a2f34382d3438203d3e20323035333239.roa
Signing time: Fri 13 Oct 2023 19:55:05 +0000
ROA not before: Fri 13 Oct 2023 19:50:05 +0000
ROA not after: Fri 11 Oct 2024 19:55:05 +0000
asID: 205329
IP address blocks: 2001:67c:2be8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/3/D642975F535F45FD9F6D8FEA626BC6D24BC9D8D8.crl
rsync://rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/3/D642975F535F45FD9F6D8FEA626BC6D24BC9D8D8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1kKXX1NfRf2fbY_qYmvG0kvJ2Ng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:2f:1a:12:32:94:07:7e:cf:a8:a7:05:11:ce:d1:37:46:a3:01:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d642975f535f45fd9f6d8fea626bc6d24bc9d8d8
Validity
Not Before: Oct 13 19:50:05 2023 GMT
Not After : Oct 11 19:55:05 2024 GMT
Subject: CN=718B6C12E9ED39A4E977C765175AAAB982244B83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:38:45:d0:bd:8d:ef:13:d2:88:8d:36:66:69:
9d:cd:b2:10:d1:81:04:75:4e:18:59:6a:f7:4a:90:
80:76:0b:cd:b6:f4:04:73:48:04:d0:f5:ec:98:e7:
aa:f3:46:2e:c6:96:1a:e7:ba:c6:c2:f7:24:78:1e:
3a:35:6b:14:7a:bc:a4:04:1f:ff:e4:c1:91:0d:0c:
06:01:21:1a:8d:2c:5a:72:4a:97:b4:98:5c:7f:e6:
7a:8d:54:55:42:85:ad:b9:df:a7:8e:eb:bf:0a:8a:
e1:a0:51:0d:5d:8e:53:7f:94:ed:24:7d:06:85:dc:
07:31:89:23:a3:cf:9b:32:3d:52:ea:d7:98:8e:95:
c0:b6:b5:0c:1b:00:85:05:81:53:d6:39:2d:49:bf:
ff:be:b1:56:e6:60:be:12:c7:14:6b:c0:90:ea:2e:
fb:ee:8f:0e:a7:1a:6d:0b:a9:69:5c:dd:99:fe:70:
a8:12:0d:92:da:b2:d9:09:c3:48:6b:33:34:76:e5:
93:de:c6:c1:bc:4e:57:0b:77:2b:e4:30:7e:b4:f3:
c9:e2:8e:10:73:5f:9d:70:6b:84:57:5f:56:b2:20:
38:70:7d:94:e0:b2:c4:41:27:11:25:41:3e:68:34:
c4:fa:a0:a0:24:e4:f6:f7:03:66:8e:55:92:17:ea:
ab:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:8B:6C:12:E9:ED:39:A4:E9:77:C7:65:17:5A:AA:B9:82:24:4B:83
X509v3 Authority Key Identifier:
keyid:D6:42:97:5F:53:5F:45:FD:9F:6D:8F:EA:62:6B:C6:D2:4B:C9:D8:D8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/3/D642975F535F45FD9F6D8FEA626BC6D24BC9D8D8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1kKXX1NfRf2fbY_qYmvG0kvJ2Ng.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/3/323030313a3637633a326265383a3a2f34382d3438203d3e20323035333239.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2be8::/48
Signature Algorithm: sha256WithRSAEncryption
dd:2d:bf:ef:68:f9:b2:1d:1b:bf:e6:20:7f:c3:6b:93:d7:6f:
54:aa:1c:90:07:33:2e:2c:4f:4f:1e:96:53:0b:45:9d:a7:d0:
66:d4:9e:f3:87:13:99:0c:26:ea:05:99:48:f2:a6:a7:48:0d:
7a:78:b2:4b:ae:e9:90:0d:86:2a:c6:0e:23:53:90:9a:53:94:
34:a6:36:ef:4f:c3:a2:1d:9e:e4:7c:d7:f7:9e:18:1a:34:a7:
2f:21:b2:da:87:68:68:36:ec:2f:9c:42:d0:97:65:f9:8d:33:
58:14:45:98:1e:03:4b:c0:db:a5:76:9f:f3:38:68:d0:2e:ab:
26:50:0a:a5:97:29:2d:9b:4b:dd:a1:b0:fc:47:b4:cd:fd:a7:
f9:ad:08:d9:b5:e1:4a:f7:e9:7b:4c:f0:4f:58:5d:cd:65:66:
30:a6:59:30:84:42:57:1d:73:56:44:6c:b4:84:76:73:14:45:
65:bf:a8:2d:d5:32:02:15:e0:68:28:a0:f8:e7:2f:81:c4:98:
90:04:78:5a:d8:a2:3d:c6:07:da:14:bf:85:49:c1:88:19:a3:
5b:c9:32:c1:3b:13:1b:96:f2:38:45:c6:3e:9a:c6:64:16:81:
78:4a:8d:9b:f8:54:06:e0:d2:a6:5f:3c:ff:db:5f:fe:20:0f:
af:c0:74:a7
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUEy8aEjKUB37PqKcFEc7RN0ajAYMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDY0Mjk3NWY1MzVmNDVmZDlmNmQ4ZmVhNjI2YmM2ZDI0
YmM5ZDhkODAeFw0yMzEwMTMxOTUwMDVaFw0yNDEwMTExOTU1MDVaMDMxMTAvBgNV
BAMTKDcxOEI2QzEyRTlFRDM5QTRFOTc3Qzc2NTE3NUFBQUI5ODIyNDRCODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYOEXQvY3vE9KIjTZmaZ3NshDR
gQR1ThhZavdKkIB2C8229ARzSATQ9eyY56rzRi7GlhrnusbC9yR4Hjo1axR6vKQE
H//kwZENDAYBIRqNLFpySpe0mFx/5nqNVFVCha2536eO678KiuGgUQ1djlN/lO0k
fQaF3AcxiSOjz5syPVLq15iOlcC2tQwbAIUFgVPWOS1Jv/++sVbmYL4SxxRrwJDq
Lvvujw6nGm0LqWlc3Zn+cKgSDZLastkJw0hrMzR25ZPexsG8TlcLdyvkMH6088ni
jhBzX51wa4RXX1ayIDhwfZTgssRBJxElQT5oNMT6oKAk5Pb3A2aOVZIX6qvlAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUcYtsEuntOaTpd8dlF1qquYIkS4MwHwYDVR0j
BBgwFoAU1kKXX1NfRf2fbY/qYmvG0kvJ2NgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDY5NzE2MGMtYWNjNS00YjUxLWJmNTUtMTBjN2E2ZTY2
OTgwLzMvRDY0Mjk3NUY1MzVGNDVGRDlGNkQ4RkVBNjI2QkM2RDI0QkM5RDhEOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFrS1hYMU5mUmYyZmJZX3FZbXZHMGt2
SjJOZy5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDY5NzE2MGMt
YWNjNS00YjUxLWJmNTUtMTBjN2E2ZTY2OTgwLzMvMzIzMDMwMzEzYTM2Mzc2MzNh
MzI2MjY1MzgzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMwMzUzMzMyMzkucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAgAQZ8K+gwDQYJKoZIhvcNAQELBQADggEBAN0tv+9o+bIdG7/mIH/D
a5PXb1SqHJAHMy4sT08ellMLRZ2n0GbUnvOHE5kMJuoFmUjypqdIDXp4skuu6ZAN
hirGDiNTkJpTlDSmNu9Pw6IdnuR81/eeGBo0py8hstqHaGg27C+cQtCXZfmNM1gU
RZgeA0vA26V2n/M4aNAuqyZQCqWXKS2bS92hsPxHtM39p/mtCNm14Ur36XtM8E9Y
Xc1lZjCmWTCEQlcdc1ZEbLSEdnMURWW/qC3VMgIV4GgooPjnL4HEmJAEeFrYoj3G
B9oUv4VJwYgZo1vJMsE7ExuW8jhFxj6axmQWgXhKjZv4VAbg0qZfPP/bX/4gD6/A
dKc=
-----END CERTIFICATE-----
Generated at Wed May 29 04:49:01 2024 by rpki-client on console-fra.rpki-client.org