Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/323030313a3637633a6439303a3a2f34382d313238203d3e203437323732.roa
File: 323030313a3637633a6439303a3a2f34382d313238203d3e203437323732.roa (raw, json)
Hash identifier: uTPUCQz9NM7RIGhzUG6MCKkG039JfAOexvVnJkgzTF8=
Subject key identifier: 96:BE:27:24:44:96:C3:04:07:C4:C4:4A:DD:DD:3B:84:5D:47:C4:A5
Certificate issuer: /CN=1ec805e37c5b53351c6a182763530a50d9308c7e
Certificate serial: 7129C44A41B2316F3919AEC21F2CAA3079283908
Authority key identifier: 1E:C8:05:E3:7C:5B:53:35:1C:6A:18:27:63:53:0A:50:D9:30:8C:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HsgF43xbUzUcahgnY1MKUNkwjH4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/323030313a3637633a6439303a3a2f34382d313238203d3e203437323732.roa
Signing time: Wed 24 Jan 2024 11:00:03 +0000
ROA not before: Wed 24 Jan 2024 10:55:03 +0000
ROA not after: Wed 22 Jan 2025 11:00:03 +0000
asID: 47272
IP address blocks: 2001:67c:d90::/48 maxlen: 128
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/1EC805E37C5B53351C6A182763530A50D9308C7E.crl
rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/1EC805E37C5B53351C6A182763530A50D9308C7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/HsgF43xbUzUcahgnY1MKUNkwjH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Nov 2024 15:27:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:29:c4:4a:41:b2:31:6f:39:19:ae:c2:1f:2c:aa:30:79:28:39:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ec805e37c5b53351c6a182763530a50d9308c7e
Validity
Not Before: Jan 24 10:55:03 2024 GMT
Not After : Jan 22 11:00:03 2025 GMT
Subject: CN=96BE27244496C30407C4C44ADDDD3B845D47C4A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:22:da:00:d1:4e:ce:5d:2c:2d:c8:c9:3e:d1:
07:05:3d:c7:c0:71:6f:6c:97:2e:78:c2:cf:50:34:
69:2a:d6:4c:c4:c2:62:5a:74:78:b1:e5:b1:10:46:
bc:4b:b1:be:d1:a7:4f:95:33:6f:2d:32:15:a7:ea:
41:20:c6:1b:90:bc:20:d7:e9:54:7f:79:85:d4:7b:
09:92:59:e5:16:91:56:6e:77:5d:d5:8e:da:f7:84:
f4:56:76:43:9b:b1:71:f3:7d:cf:b1:4e:36:42:30:
20:35:57:0b:cf:90:b1:ac:63:b7:40:d3:f3:0c:21:
a1:69:b6:89:45:46:b6:bd:b9:8c:97:9a:7d:7f:05:
ec:57:cd:a9:d2:f4:2e:50:32:c4:e3:a1:dc:3d:65:
25:51:08:ad:0b:ae:af:ec:8c:d8:e3:07:1f:ae:62:
d0:00:cd:b9:d1:60:ae:81:e4:5c:c0:07:a8:5a:e6:
d6:38:92:b5:57:b5:10:0c:ae:2c:e1:8c:63:61:6f:
ef:55:c0:62:80:14:f5:ff:07:0e:08:24:25:a5:ab:
07:06:f3:53:d5:10:c6:fd:50:e8:42:44:44:6c:b3:
d1:48:88:ea:69:e6:19:84:02:80:a3:75:a1:50:90:
58:39:67:d7:c3:af:2a:0d:1f:bc:f1:e3:43:fa:39:
d9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:BE:27:24:44:96:C3:04:07:C4:C4:4A:DD:DD:3B:84:5D:47:C4:A5
X509v3 Authority Key Identifier:
keyid:1E:C8:05:E3:7C:5B:53:35:1C:6A:18:27:63:53:0A:50:D9:30:8C:7E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/1EC805E37C5B53351C6A182763530A50D9308C7E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HsgF43xbUzUcahgnY1MKUNkwjH4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/323030313a3637633a6439303a3a2f34382d313238203d3e203437323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:d90::/48
Signature Algorithm: sha256WithRSAEncryption
13:43:a2:11:9d:5e:29:e6:2a:f3:1a:d8:1c:a7:6f:31:75:f8:
65:26:38:7d:1f:d1:59:10:d0:9a:b3:10:d5:29:94:38:c8:e3:
75:62:de:29:ff:d3:ca:9a:8a:c0:d9:34:b1:bc:ac:59:cb:a4:
22:59:cf:1d:28:98:b5:c3:0b:2e:8f:a5:42:cd:c8:2d:15:3a:
4a:cd:18:5c:ca:ee:91:cf:a5:69:ac:76:f7:71:ea:75:86:57:
fd:2b:d2:30:b6:c6:e3:d3:a1:4e:e8:5a:b5:7d:3e:7f:e9:68:
cd:de:3f:ef:bd:af:55:98:74:b7:78:7e:3f:b3:f9:71:c4:6c:
1c:73:5a:20:b9:3c:ca:e5:a7:78:bd:dd:ba:aa:e1:f6:4c:f1:
87:cc:ed:22:13:3b:79:99:f5:10:5f:23:f0:18:1f:02:cd:01:
5a:3b:46:7e:ff:5f:51:10:10:8f:a7:ac:e9:1f:bd:53:c7:8a:
8c:6d:23:95:90:f9:20:9a:d6:68:5c:8c:48:29:24:bd:88:c9:
23:1d:99:6d:f8:eb:69:d8:a6:56:88:15:29:c2:fc:0c:b5:c1:
0a:eb:1b:fe:49:72:b4:2b:9f:5a:df:36:64:70:08:e3:81:56:
38:e8:27:ca:b1:1f:e9:10:94:c0:d5:42:94:c3:02:82:bf:cc:
c9:05:2d:0f
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUcSnESkGyMW85Ga7CHyyqMHkoOQgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWVjODA1ZTM3YzViNTMzNTFjNmExODI3NjM1MzBhNTBk
OTMwOGM3ZTAeFw0yNDAxMjQxMDU1MDNaFw0yNTAxMjIxMTAwMDNaMDMxMTAvBgNV
BAMTKDk2QkUyNzI0NDQ5NkMzMDQwN0M0QzQ0QUREREQzQjg0NUQ0N0M0QTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPItoA0U7OXSwtyMk+0QcFPcfA
cW9sly54ws9QNGkq1kzEwmJadHix5bEQRrxLsb7Rp0+VM28tMhWn6kEgxhuQvCDX
6VR/eYXUewmSWeUWkVZud13Vjtr3hPRWdkObsXHzfc+xTjZCMCA1VwvPkLGsY7dA
0/MMIaFptolFRra9uYyXmn1/BexXzanS9C5QMsTjodw9ZSVRCK0Lrq/sjNjjBx+u
YtAAzbnRYK6B5FzAB6ha5tY4krVXtRAMrizhjGNhb+9VwGKAFPX/Bw4IJCWlqwcG
81PVEMb9UOhCRERss9FIiOpp5hmEAoCjdaFQkFg5Z9fDryoNH7zx40P6OdnDAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUlr4nJESWwwQHxMRK3d07hF1HxKUwHwYDVR0j
BBgwFoAUHsgF43xbUzUcahgnY1MKUNkwjH4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzMvMUVDODA1RTM3QzVCNTMzNTFDNkExODI3NjM1MzBBNTBEOTMwOEM3RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0hzZ0Y0M3hiVXpVY2FoZ25ZMU1LVU5r
d2pINC5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzMvMzIzMDMwMzEzYTM2Mzc2MzNh
NjQzOTMwM2EzYTJmMzQzODJkMzEzMjM4MjAzZDNlMjAzNDM3MzIzNzMyLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAIAEGfA2QMA0GCSqGSIb3DQEBCwUAA4IBAQATQ6IRnV4p5irzGtgcp28x
dfhlJjh9H9FZENCasxDVKZQ4yON1Yt4p/9PKmorA2TSxvKxZy6QiWc8dKJi1wwsu
j6VCzcgtFTpKzRhcyu6Rz6VprHb3cep1hlf9K9Iwtsbj06FO6Fq1fT5/6WjN3j/v
va9VmHS3eH4/s/lxxGwcc1oguTzK5ad4vd26quH2TPGHzO0iEzt5mfUQXyPwGB8C
zQFaO0Z+/19REBCPp6zpH71Tx4qMbSOVkPkgmtZoXIxIKSS9iMkjHZlt+Otp2KZW
iBUpwvwMtcEK6xv+SXK0K59a3zZkcAjjgVY46CfKsR/pEJTA1UKUwwKCv8zJBS0P
-----END CERTIFICATE-----
Generated at Wed Nov 20 20:46:07 2024 by rpki-client on console-fra.rpki-client.org