Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666230303a3a2f34302d3438203d3e20323134373435.roa
File: 326131343a316563373a666230303a3a2f34302d3438203d3e20323134373435.roa (raw, json)
Hash identifier: nezQHcq4MVb+lW9u+9DC3TKuGQsy0c5l+5+DxrvsPzo=
Subject key identifier: 3F:94:9C:DD:EF:BC:BC:DB:A4:47:D2:23:7C:8D:6C:A8:D8:01:F2:96
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 48A3C347F4733C1B9AD5DC6CB3E3FBE6F4A3E23C
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666230303a3a2f34302d3438203d3e20323134373435.roa
Signing time: Sun 22 Sep 2024 21:00:25 +0000
ROA not before: Sun 22 Sep 2024 20:55:25 +0000
ROA not after: Sun 21 Sep 2025 21:00:25 +0000
asID: 214745
IP address blocks: 2a14:1ec7:fb00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 07:03:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:a3:c3:47:f4:73:3c:1b:9a:d5:dc:6c:b3:e3:fb:e6:f4:a3:e2:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: Sep 22 20:55:25 2024 GMT
Not After : Sep 21 21:00:25 2025 GMT
Subject: CN=3F949CDDEFBCBCDBA447D2237C8D6CA8D801F296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:82:4f:45:a8:6a:cd:79:da:49:9f:78:5b:c7:
82:4c:23:0d:a2:57:8c:bc:e7:7e:09:16:df:60:ca:
57:42:00:8b:b5:71:28:a5:e9:53:97:08:c4:ec:c6:
98:15:0b:74:0e:87:28:86:8a:ed:dc:cf:c1:38:4d:
b5:cf:00:a3:62:45:60:9e:d9:0e:43:04:50:98:7e:
74:58:24:2f:d9:c2:41:2c:be:fd:9c:36:1f:f7:ab:
76:f2:84:66:47:e7:91:b7:9a:bf:2b:43:b0:63:0f:
a3:a6:39:ab:6b:cc:7c:44:e0:56:de:72:16:c7:cc:
44:3e:f8:4d:3d:fd:e6:31:2a:28:99:f7:fd:ea:8f:
b1:96:19:30:60:ce:cb:17:1b:49:fc:a7:eb:22:da:
75:96:06:8b:5c:ce:b4:18:ea:87:e7:14:9d:4e:74:
ad:2e:61:8f:05:af:91:29:2e:5b:76:79:1f:21:36:
98:d6:62:98:31:7f:54:1b:0c:4c:f3:aa:b5:37:de:
23:50:b1:66:4d:e7:a0:2d:66:7e:aa:46:6e:61:ee:
68:e0:00:05:5d:63:42:1a:25:a2:44:81:99:88:85:
b1:3a:26:70:29:ec:d1:34:92:7c:10:12:3e:2e:83:
66:56:b5:8d:6d:be:ca:1a:cf:75:97:6f:9a:71:9d:
8a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:94:9C:DD:EF:BC:BC:DB:A4:47:D2:23:7C:8D:6C:A8:D8:01:F2:96
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666230303a3a2f34302d3438203d3e20323134373435.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:fb00::/40
Signature Algorithm: sha256WithRSAEncryption
32:01:c0:49:97:b3:cf:95:05:cd:de:d7:22:6f:b8:87:77:8e:
b4:64:9c:9d:18:16:d3:79:22:e0:bc:56:fe:c7:a5:c2:49:5a:
9d:bc:d0:3b:92:5c:a8:34:83:e5:a1:de:8a:57:bf:44:f2:ee:
b2:ce:d0:0b:c3:50:05:50:15:64:4e:da:61:b0:b0:3a:df:8d:
83:6b:18:ac:e9:b9:d1:02:f6:d8:00:6a:55:aa:38:91:17:22:
25:59:eb:37:14:5a:25:61:e2:e9:77:72:3e:ac:f3:83:8d:d4:
7f:6a:08:8b:fc:a7:0b:1d:fb:a2:32:5a:bb:5c:2a:0b:7c:8d:
e8:bf:63:3c:59:83:8d:82:6a:1d:1e:28:a0:11:1b:de:99:80:
dc:89:c9:30:07:91:48:ad:62:54:b7:93:9d:af:cf:17:66:b2:
bc:a8:a7:eb:15:0c:d1:87:ca:0e:00:29:17:0d:f5:fb:5f:92:
d9:de:9d:56:f2:63:89:61:66:61:17:9a:1b:1f:53:55:48:32:
35:08:02:e6:ec:0c:6f:3e:21:e3:3a:3d:6f:3c:ee:05:b4:26:
22:5f:66:be:bd:24:e6:86:6e:5f:4d:e2:04:0c:fd:07:77:da:
1b:aa:b0:d7:3f:52:5b:24:f1:f8:ce:e1:e4:46:89:cd:6a:a6:
f4:d5:43:53
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUSKPDR/RzPBua1dxss+P75vSj4jwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNDA5MjIyMDU1MjVaFw0yNTA5MjEyMTAwMjVaMDMxMTAvBgNV
BAMTKDNGOTQ5Q0RERUZCQ0JDREJBNDQ3RDIyMzdDOEQ2Q0E4RDgwMUYyOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkgk9FqGrNedpJn3hbx4JMIw2i
V4y8534JFt9gyldCAIu1cSil6VOXCMTsxpgVC3QOhyiGiu3cz8E4TbXPAKNiRWCe
2Q5DBFCYfnRYJC/ZwkEsvv2cNh/3q3byhGZH55G3mr8rQ7BjD6OmOatrzHxE4Fbe
chbHzEQ++E09/eYxKiiZ9/3qj7GWGTBgzssXG0n8p+si2nWWBotczrQY6ofnFJ1O
dK0uYY8Fr5EpLlt2eR8hNpjWYpgxf1QbDEzzqrU33iNQsWZN56AtZn6qRm5h7mjg
AAVdY0IaJaJEgZmIhbE6JnAp7NE0knwQEj4ug2ZWtY1tvsoaz3WXb5pxnYr1AgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUP5Sc3e+8vNukR9IjfI1sqNgB8pYwHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2E2NjYyMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNDM3MzQzNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoUHsf7MA0GCSqGSIb3DQEBCwUAA4IBAQAyAcBJl7PPlQXN3tci
b7iHd460ZJydGBbTeSLgvFb+x6XCSVqdvNA7klyoNIPlod6KV79E8u6yztALw1AF
UBVkTtphsLA6342Daxis6bnRAvbYAGpVqjiRFyIlWes3FFolYeLpd3I+rPODjdR/
agiL/KcLHfuiMlq7XCoLfI3ov2M8WYONgmodHiigERvemYDcickwB5FIrWJUt5Od
r88XZrK8qKfrFQzRh8oOACkXDfX7X5LZ3p1W8mOJYWZhF5obH1NVSDI1CALm7Axv
PiHjOj1vPO4FtCYiX2a+vSTmhm5fTeIEDP0Hd9obqrDXP1JbJPH4zuHkRonNaqb0
1UNT
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:17:48 2025 by rpki-client