Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a663130303a3a2f34302d3438203d3e20323134313838.roa
File: 326131343a316563373a663130303a3a2f34302d3438203d3e20323134313838.roa (raw, json)
Hash identifier: gXY2AMFw8/+rSlIvUcyO+0lq7UArJ6lUsKRFR48Pbdc=
Subject key identifier: C9:60:A1:B4:9C:84:09:87:71:1E:95:1A:D0:27:88:EE:DC:DC:79:D8
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 11892B261886277F417C452E6C589C153D9F0F5A
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a663130303a3a2f34302d3438203d3e20323134313838.roa
Signing time: Mon 16 Sep 2024 11:03:04 +0000
ROA not before: Mon 16 Sep 2024 10:58:04 +0000
ROA not after: Mon 15 Sep 2025 11:03:04 +0000
asID: 214188
IP address blocks: 2a14:1ec7:f100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 20:57:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:89:2b:26:18:86:27:7f:41:7c:45:2e:6c:58:9c:15:3d:9f:0f:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: Sep 16 10:58:04 2024 GMT
Not After : Sep 15 11:03:04 2025 GMT
Subject: CN=C960A1B49C840987711E951AD02788EEDCDC79D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:6c:9a:db:7f:14:ed:ca:7b:ba:75:8e:36:a2:
54:62:49:87:c5:5d:6b:df:74:9a:3c:54:be:8f:f0:
22:cc:2e:5a:02:e7:f4:d1:aa:06:2d:aa:68:d6:53:
14:6f:10:d7:2d:34:a2:24:04:5d:1f:c2:9f:1f:34:
2e:ca:00:7e:b1:6d:22:2a:1b:cf:96:88:a3:b2:84:
31:9b:13:8b:07:f5:4b:fd:ab:90:01:5f:10:55:2a:
e9:7e:79:e1:f2:62:3c:2b:1c:31:0f:44:3c:ef:a5:
e6:c2:c6:5b:b2:31:62:a3:38:24:71:e3:b5:52:d0:
cd:2e:9f:e3:17:de:2b:f9:8b:88:65:03:a1:d3:f2:
66:47:a1:77:c2:73:ac:12:2d:b6:7b:4f:76:0d:f5:
5e:5f:9e:48:ed:26:cd:1f:02:5d:3a:4c:f0:af:7c:
17:2e:5a:90:a8:68:bd:a4:5f:8a:91:5c:ff:20:9a:
6b:7e:af:46:6e:8f:97:7c:04:7a:58:ca:84:18:fc:
a4:cb:33:21:e1:85:4f:6b:31:8e:9d:53:12:dd:13:
07:7c:90:0f:8c:60:0e:cb:e1:8e:fe:88:9e:5f:d1:
dc:4a:71:e4:ec:66:cf:cd:3f:92:a1:40:20:b7:e2:
78:ff:bc:23:0c:25:59:6f:8a:d7:fe:c0:fb:b4:ad:
65:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:60:A1:B4:9C:84:09:87:71:1E:95:1A:D0:27:88:EE:DC:DC:79:D8
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a663130303a3a2f34302d3438203d3e20323134313838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:f100::/40
Signature Algorithm: sha256WithRSAEncryption
14:0e:10:57:7d:5c:67:63:57:a1:ac:9d:3c:ea:1a:e0:60:c2:
a4:ac:aa:88:59:9a:64:ec:9e:8f:6d:a6:61:b4:20:b1:bc:51:
f5:00:f0:1b:be:ee:7c:9e:35:e7:c8:15:fa:ad:b1:0a:f0:91:
cf:9f:76:30:45:98:75:b2:c4:87:eb:e1:d7:d9:c5:6c:8d:7e:
9f:0e:a3:9c:11:25:03:ae:89:b5:fa:32:a0:b9:a3:40:b0:87:
22:62:68:c0:a5:a6:14:fd:be:bd:65:c2:76:9e:91:f1:eb:51:
77:ae:56:82:c7:c5:91:41:b2:a6:2e:13:c3:5b:00:0c:8e:e4:
5f:35:b3:05:50:d1:2d:17:91:a7:f5:9b:aa:a2:8a:f1:c0:93:
cd:f6:60:a4:cd:a9:2f:4c:ae:35:03:cd:8a:2c:26:b6:4d:b4:
1d:4b:92:af:7d:ea:ee:9c:62:4b:4e:78:1c:92:be:ca:e4:34:
40:eb:19:0a:87:3e:3a:0a:60:fd:17:56:bc:1e:a7:a6:01:c3:
a7:27:d5:ae:2d:81:d1:36:ad:81:37:3b:4b:91:5b:99:b0:45:
85:bb:47:82:b1:87:c2:ca:40:1a:4a:5c:c7:c0:9d:eb:21:c4:
97:b0:6e:26:08:db:61:c3:31:87:5c:96:e2:4b:38:41:d2:49:
bc:7c:d2:80
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUEYkrJhiGJ39BfEUubFicFT2fD1owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNDA5MTYxMDU4MDRaFw0yNTA5MTUxMTAzMDRaMDMxMTAvBgNV
BAMTKEM5NjBBMUI0OUM4NDA5ODc3MTFFOTUxQUQwMjc4OEVFRENEQzc5RDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYbJrbfxTtynu6dY42olRiSYfF
XWvfdJo8VL6P8CLMLloC5/TRqgYtqmjWUxRvENctNKIkBF0fwp8fNC7KAH6xbSIq
G8+WiKOyhDGbE4sH9Uv9q5ABXxBVKul+eeHyYjwrHDEPRDzvpebCxluyMWKjOCRx
47VS0M0un+MX3iv5i4hlA6HT8mZHoXfCc6wSLbZ7T3YN9V5fnkjtJs0fAl06TPCv
fBcuWpCoaL2kX4qRXP8gmmt+r0Zuj5d8BHpYyoQY/KTLMyHhhU9rMY6dUxLdEwd8
kA+MYA7L4Y7+iJ5f0dxKceTsZs/NP5KhQCC34nj/vCMMJVlvitf+wPu0rWXDAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUyWChtJyECYdxHpUa0CeI7tzcedgwHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2E2NjMxMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNDMxMzgzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoUHsfxMA0GCSqGSIb3DQEBCwUAA4IBAQAUDhBXfVxnY1ehrJ08
6hrgYMKkrKqIWZpk7J6PbaZhtCCxvFH1APAbvu58njXnyBX6rbEK8JHPn3YwRZh1
ssSH6+HX2cVsjX6fDqOcESUDrom1+jKguaNAsIciYmjApaYU/b69ZcJ2npHx61F3
rlaCx8WRQbKmLhPDWwAMjuRfNbMFUNEtF5Gn9ZuqoorxwJPN9mCkzakvTK41A82K
LCa2TbQdS5KvferunGJLTngckr7K5DRA6xkKhz46CmD9F1a8HqemAcOnJ9WuLYHR
Nq2BNztLkVuZsEWFu0eCsYfCykAaSlzHwJ3rIcSXsG4mCNthwzGHXJbiSzhB0km8
fNKA
-----END CERTIFICATE-----
Generated at Fri Mar 14 06:17:49 2025 by rpki-client