Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3231343a3a2f34382d3438203d3e20323136333234.roa
File: 326131343a373538313a3231343a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier: YyvDC0iGDK7WMIyikcKeF+HBMKGKnYJMZjhfOdSqD1A=
Subject key identifier: 14:85:F3:61:CC:90:F0:93:90:AC:55:73:46:ED:BA:5E:C0:E6:69:3D
Certificate issuer: /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial: 0FF9C57589818A9A3738514FBC2985184814858E
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3231343a3a2f34382d3438203d3e20323136333234.roa
Signing time: Fri 13 Sep 2024 05:23:47 +0000
ROA not before: Fri 13 Sep 2024 05:18:47 +0000
ROA not after: Fri 12 Sep 2025 05:23:47 +0000
asID: 216324
IP address blocks: 2a14:7581:214::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.mft
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 03:46:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:f9:c5:75:89:81:8a:9a:37:38:51:4f:bc:29:85:18:48:14:85:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
Validity
Not Before: Sep 13 05:18:47 2024 GMT
Not After : Sep 12 05:23:47 2025 GMT
Subject: CN=1485F361CC90F09390AC557346EDBA5EC0E6693D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:63:53:6e:3c:6b:7e:7f:02:93:bb:37:0f:db:
20:8a:01:c0:c3:57:6c:cc:04:65:82:2c:09:f9:ff:
f0:ff:db:ea:1c:15:2c:b8:63:e2:55:08:e6:e7:b4:
95:85:00:71:7c:26:bf:dd:e9:e6:05:12:e3:0d:ef:
a7:ea:75:8d:3e:49:0e:a6:19:a9:10:7a:a8:4f:17:
a3:56:de:a0:12:24:63:98:88:21:2a:19:52:89:6e:
bd:84:60:2d:7b:0a:49:0b:a0:21:36:f7:6d:ef:73:
3d:86:b1:61:d8:2b:19:0f:22:da:01:30:1e:51:98:
ee:af:80:90:24:1e:98:e5:98:64:7e:ce:56:f0:76:
1f:93:21:3a:be:df:d6:59:2e:00:c0:c1:c7:69:3a:
19:aa:5e:de:09:23:bb:17:98:82:61:ee:ac:a6:cc:
fb:3b:6f:32:1e:fa:75:97:db:26:44:9f:1c:5c:d2:
6d:71:30:da:39:ed:a6:48:02:9f:3e:2e:75:25:aa:
04:d7:df:cd:37:05:02:42:6f:47:9f:bd:a4:7c:6b:
42:79:17:45:9a:a1:e2:da:32:69:8c:ea:50:9d:50:
c9:22:a3:e5:fa:be:17:47:b4:17:db:dd:e5:23:fc:
6f:c1:88:4c:ea:1e:1d:9f:de:b9:b7:20:8f:9f:e0:
de:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:85:F3:61:CC:90:F0:93:90:AC:55:73:46:ED:BA:5E:C0:E6:69:3D
X509v3 Authority Key Identifier:
keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3231343a3a2f34382d3438203d3e20323136333234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:214::/48
Signature Algorithm: sha256WithRSAEncryption
27:f9:43:ef:25:58:8d:24:5b:ca:fd:a2:77:f1:1c:7d:5f:4e:
c5:ce:10:ce:bf:f7:89:a2:2b:82:e8:97:f5:c3:4c:28:48:1d:
39:21:f8:a6:50:cf:18:a8:70:09:46:c6:d3:fd:97:c8:af:29:
6b:61:a6:64:84:cd:75:53:a6:be:0a:40:04:ce:e7:ed:4c:74:
73:34:fa:91:ec:e4:3f:3d:9e:66:9e:cf:fd:8c:cf:6d:ee:2c:
b2:48:b6:48:6d:9d:41:b5:2e:36:00:c5:30:d5:c9:02:09:4d:
84:2d:48:53:d2:2e:85:83:a7:96:92:d4:bf:29:6e:d9:03:11:
d1:a7:c1:df:4d:b9:38:0b:8d:a0:00:e5:54:0b:b9:ff:0a:6e:
27:ff:07:d4:de:6e:1d:92:a3:63:76:d4:13:88:f6:5e:6e:87:
2b:30:eb:42:9b:eb:13:06:e9:3f:07:f7:1c:d0:de:ae:3e:29:
76:8d:57:91:63:49:37:fd:23:38:86:0e:00:ea:e7:14:7b:c0:
31:05:17:26:3c:63:2a:f3:9d:76:d5:3f:74:39:52:de:01:85:
af:b7:cd:3f:62:00:e4:f2:1d:de:1d:b4:c1:01:f5:a1:58:0d:
53:4d:f1:5b:59:28:91:fe:9b:19:a4:2b:df:ad:a9:7d:f8:51:
81:4f:fb:c5
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUD/nFdYmBipo3OFFPvCmFGEgUhY4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDA5MTMwNTE4NDdaFw0yNTA5MTIwNTIzNDdaMDMxMTAvBgNV
BAMTKDE0ODVGMzYxQ0M5MEYwOTM5MEFDNTU3MzQ2RURCQTVFQzBFNjY5M0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdY1NuPGt+fwKTuzcP2yCKAcDD
V2zMBGWCLAn5//D/2+ocFSy4Y+JVCObntJWFAHF8Jr/d6eYFEuMN76fqdY0+SQ6m
GakQeqhPF6NW3qASJGOYiCEqGVKJbr2EYC17CkkLoCE2923vcz2GsWHYKxkPItoB
MB5RmO6vgJAkHpjlmGR+zlbwdh+TITq+39ZZLgDAwcdpOhmqXt4JI7sXmIJh7qym
zPs7bzIe+nWX2yZEnxxc0m1xMNo57aZIAp8+LnUlqgTX3803BQJCb0efvaR8a0J5
F0WaoeLaMmmM6lCdUMkio+X6vhdHtBfb3eUj/G/BiEzqHh2f3rm3II+f4N4HAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUFIXzYcyQ8JOQrFVzRu26XsDmaT0wHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyMzEzNDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NjMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoUdYECFDANBgkqhkiG9w0BAQsFAAOCAQEAJ/lD
7yVYjSRbyv2id/EcfV9Oxc4Qzr/3iaIrguiX9cNMKEgdOSH4plDPGKhwCUbG0/2X
yK8pa2GmZITNdVOmvgpABM7n7Ux0czT6kezkPz2eZp7P/YzPbe4sski2SG2dQbUu
NgDFMNXJAglNhC1IU9IuhYOnlpLUvylu2QMR0afB3025OAuNoADlVAu5/wpuJ/8H
1N5uHZKjY3bUE4j2Xm6HKzDrQpvrEwbpPwf3HNDerj4pdo1XkWNJN/0jOIYOAOrn
FHvAMQUXJjxjKvOddtU/dDlS3gGFr7fNP2IA5PId3h20wQH1oVgNU03xW1kokf6b
GaQr362pffhRgU/7xQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:17:53 2025 by rpki-client