Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/323030313a3637633a6438343a3a2f34382d313238203d3e203437323732.roa
File: 323030313a3637633a6438343a3a2f34382d313238203d3e203437323732.roa (raw, json)
Hash identifier: rpwEvtHGqRDPmWV6bNZj3oMTb9CX92RBOVpgwihR8pI=
Subject key identifier: E4:48:1E:DE:C0:0E:B9:C5:45:1A:CA:01:D5:D1:99:19:CF:5A:82:4A
Certificate issuer: /CN=1ec805e37c5b53351c6a182763530a50d9308c7e
Certificate serial: 1289E92543FEED952B0B4E585260473EA0EB81BC
Authority key identifier: 1E:C8:05:E3:7C:5B:53:35:1C:6A:18:27:63:53:0A:50:D9:30:8C:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HsgF43xbUzUcahgnY1MKUNkwjH4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/323030313a3637633a6438343a3a2f34382d313238203d3e203437323732.roa
Signing time: Wed 24 Jan 2024 10:58:39 +0000
ROA not before: Wed 24 Jan 2024 10:53:39 +0000
ROA not after: Wed 22 Jan 2025 10:58:39 +0000
asID: 47272
IP address blocks: 2001:67c:d84::/48 maxlen: 128
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/1EC805E37C5B53351C6A182763530A50D9308C7E.crl
rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/1EC805E37C5B53351C6A182763530A50D9308C7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/HsgF43xbUzUcahgnY1MKUNkwjH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Nov 2024 15:27:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:89:e9:25:43:fe:ed:95:2b:0b:4e:58:52:60:47:3e:a0:eb:81:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ec805e37c5b53351c6a182763530a50d9308c7e
Validity
Not Before: Jan 24 10:53:39 2024 GMT
Not After : Jan 22 10:58:39 2025 GMT
Subject: CN=E4481EDEC00EB9C5451ACA01D5D19919CF5A824A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e9:bc:1a:e5:29:da:73:72:6d:64:61:69:b7:
01:04:35:37:31:68:d9:8f:16:26:6a:96:a0:32:8a:
07:95:8d:74:4c:a0:ef:35:da:8c:bb:ec:53:7f:6e:
88:7d:48:d1:52:33:e8:d0:a6:24:29:f9:47:65:c8:
43:65:d0:73:cd:18:59:ee:67:d8:4d:03:e3:c4:16:
95:a6:a8:29:ec:b1:7e:76:cd:d9:f7:6d:fb:fe:b2:
0e:7f:a1:2e:ab:b8:70:11:89:e7:9b:91:73:10:2f:
0f:bd:df:fb:ba:6b:b7:59:1a:86:a4:da:b4:97:55:
b6:4c:bb:9c:ad:90:1a:a1:e9:f9:0c:21:cd:9e:4f:
52:51:37:be:97:2a:8b:9d:9c:b0:13:72:40:3d:b9:
ff:ff:77:cd:d4:bf:e2:65:81:16:ad:b2:0e:05:e3:
8e:13:85:34:a2:a0:c5:b0:21:1c:3a:8d:6a:fa:79:
a1:b0:95:8e:d0:79:53:a6:cc:1f:6d:c9:e9:97:56:
76:dc:35:82:a1:bf:0e:50:12:73:ef:f5:24:07:b8:
0c:0b:0a:8a:e5:3a:32:45:cc:cc:85:57:40:7b:1d:
32:11:be:a7:00:84:6d:e4:eb:7f:26:0d:8b:00:cf:
e1:f8:55:8b:70:d6:60:fd:65:74:53:6b:49:b0:ed:
07:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:48:1E:DE:C0:0E:B9:C5:45:1A:CA:01:D5:D1:99:19:CF:5A:82:4A
X509v3 Authority Key Identifier:
keyid:1E:C8:05:E3:7C:5B:53:35:1C:6A:18:27:63:53:0A:50:D9:30:8C:7E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/1EC805E37C5B53351C6A182763530A50D9308C7E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HsgF43xbUzUcahgnY1MKUNkwjH4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/323030313a3637633a6438343a3a2f34382d313238203d3e203437323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:d84::/48
Signature Algorithm: sha256WithRSAEncryption
5c:69:4a:07:71:53:2b:68:f8:d1:a8:cf:a7:ee:4e:87:af:ba:
43:74:a9:2d:b1:63:3a:18:73:f2:bc:17:d1:f2:71:b5:65:b6:
ca:6e:d6:2d:b8:cb:eb:26:5b:30:4b:0d:54:19:a1:00:72:ae:
63:3d:ad:73:59:2f:f5:c1:32:98:83:83:90:7e:88:ae:1f:c1:
8d:c8:70:f0:02:49:48:fd:f4:0a:19:ae:17:2c:cf:df:fe:2e:
35:1d:fd:55:5f:b5:48:db:82:1a:28:6d:49:ae:37:b3:9f:ee:
ad:e2:42:85:a1:9f:04:f3:4d:c8:76:6c:23:29:8a:93:88:a6:
ec:7a:18:d0:8a:2d:5d:11:64:be:5f:28:6c:29:47:e2:36:e5:
e2:40:9e:24:c4:e3:e9:6e:36:32:b3:0e:7e:1c:ba:d7:b5:e0:
28:a5:64:26:6c:3b:e9:e6:ac:2d:03:5f:47:8b:26:b6:4c:63:
4d:c0:b2:d6:51:4f:54:2a:98:53:d1:a6:4d:be:4d:f5:b8:64:
74:72:aa:2e:20:4f:18:8f:d3:12:e0:89:fc:af:34:7a:60:67:
98:17:00:87:18:98:ba:3a:79:cd:d4:10:fc:84:b9:a8:41:cf:
51:7a:06:8a:aa:d8:90:ba:6f:c8:03:bc:10:81:f6:ac:9a:8f:
19:44:5f:e4
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUEonpJUP+7ZUrC05YUmBHPqDrgbwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWVjODA1ZTM3YzViNTMzNTFjNmExODI3NjM1MzBhNTBk
OTMwOGM3ZTAeFw0yNDAxMjQxMDUzMzlaFw0yNTAxMjIxMDU4MzlaMDMxMTAvBgNV
BAMTKEU0NDgxRURFQzAwRUI5QzU0NTFBQ0EwMUQ1RDE5OTE5Q0Y1QTgyNEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDE6bwa5Snac3JtZGFptwEENTcx
aNmPFiZqlqAyigeVjXRMoO812oy77FN/boh9SNFSM+jQpiQp+UdlyENl0HPNGFnu
Z9hNA+PEFpWmqCnssX52zdn3bfv+sg5/oS6ruHARieebkXMQLw+93/u6a7dZGoak
2rSXVbZMu5ytkBqh6fkMIc2eT1JRN76XKoudnLATckA9uf//d83Uv+JlgRatsg4F
444ThTSioMWwIRw6jWr6eaGwlY7QeVOmzB9tyemXVnbcNYKhvw5QEnPv9SQHuAwL
CorlOjJFzMyFV0B7HTIRvqcAhG3k638mDYsAz+H4VYtw1mD9ZXRTa0mw7QflAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU5Ege3sAOucVFGsoB1dGZGc9agkowHwYDVR0j
BBgwFoAUHsgF43xbUzUcahgnY1MKUNkwjH4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzMvMUVDODA1RTM3QzVCNTMzNTFDNkExODI3NjM1MzBBNTBEOTMwOEM3RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0hzZ0Y0M3hiVXpVY2FoZ25ZMU1LVU5r
d2pINC5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzMvMzIzMDMwMzEzYTM2Mzc2MzNh
NjQzODM0M2EzYTJmMzQzODJkMzEzMjM4MjAzZDNlMjAzNDM3MzIzNzMyLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAIAEGfA2EMA0GCSqGSIb3DQEBCwUAA4IBAQBcaUoHcVMraPjRqM+n7k6H
r7pDdKktsWM6GHPyvBfR8nG1ZbbKbtYtuMvrJlswSw1UGaEAcq5jPa1zWS/1wTKY
g4OQfoiuH8GNyHDwAklI/fQKGa4XLM/f/i41Hf1VX7VI24IaKG1Jrjezn+6t4kKF
oZ8E803IdmwjKYqTiKbsehjQii1dEWS+XyhsKUfiNuXiQJ4kxOPpbjYysw5+HLrX
teAopWQmbDvp5qwtA19Hiya2TGNNwLLWUU9UKphT0aZNvk31uGR0cqouIE8Yj9MS
4In8rzR6YGeYFwCHGJi6OnnN1BD8hLmoQc9RegaKqtiQum/IA7wQgfasmo8ZRF/k
-----END CERTIFICATE-----
Generated at Wed Nov 20 22:20:26 2024 by rpki-client on console-ams.rpki-client.org