Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/326131343a313463313a313a3a2f34382d3438203d3e20323135353133.roa
File: 326131343a313463313a313a3a2f34382d3438203d3e20323135353133.roa (raw, json)
Hash identifier: a6Mhvmm/Ku5eIjq2ZnRS3F2KxCd3f1F6D7ctM0zUaow=
Subject key identifier: 4F:BC:0B:6A:1E:FE:ED:CB:2D:DD:2B:65:21:B3:10:FF:92:0C:8F:D0
Certificate issuer: /CN=25827d84056b8444cc2a7842759035354b8416bc
Certificate serial: 749918C9A3FBA5D3ED5DED5878A7BC29007CCB08
Authority key identifier: 25:82:7D:84:05:6B:84:44:CC:2A:78:42:75:90:35:35:4B:84:16:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/326131343a313463313a313a3a2f34382d3438203d3e20323135353133.roa
Signing time: Fri 03 May 2024 00:10:34 +0000
ROA not before: Fri 03 May 2024 00:05:34 +0000
ROA not after: Fri 02 May 2025 00:10:34 +0000
asID: 215513
IP address blocks: 2a14:14c1:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.crl
rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.mft
rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Nov 2024 18:58:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:99:18:c9:a3:fb:a5:d3:ed:5d:ed:58:78:a7:bc:29:00:7c:cb:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25827d84056b8444cc2a7842759035354b8416bc
Validity
Not Before: May 3 00:05:34 2024 GMT
Not After : May 2 00:10:34 2025 GMT
Subject: CN=4FBC0B6A1EFEEDCB2DDD2B6521B310FF920C8FD0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d3:ff:05:0b:05:0a:b7:fe:67:16:44:5f:1a:
39:33:ea:f5:b1:41:00:49:c8:46:33:9e:f9:4c:93:
e4:92:90:28:d9:8f:ee:69:af:90:e9:bd:ff:b8:59:
e1:b8:c5:3d:74:ee:63:05:e8:f7:85:14:c0:86:11:
30:ca:50:77:63:92:44:72:45:6f:5b:61:ef:0d:bd:
19:bc:0d:91:3a:93:0d:b6:61:fb:9a:3e:0e:a3:cc:
1f:f0:6e:d7:7a:b7:d4:1b:c6:01:8d:11:c3:f9:a2:
35:ee:92:d7:f8:5a:e0:31:d0:0a:de:a8:66:00:bd:
35:29:4a:73:1b:02:34:ea:2f:b6:9b:b7:c9:34:1c:
06:eb:2b:f8:0e:d9:da:d1:53:99:00:d8:33:2c:c1:
9b:68:86:9a:31:de:2f:f5:9f:64:17:32:a3:57:16:
e8:8c:11:81:4f:ba:4e:75:62:15:4c:d1:ae:55:85:
d0:10:fd:47:0d:da:3c:13:5c:68:ad:71:63:c2:19:
0d:bf:b2:5a:4a:6e:7d:d6:b8:01:c6:e9:8e:67:7d:
cb:e4:dc:37:3d:5e:d4:a9:83:85:50:27:c6:de:80:
3f:45:1a:8e:0b:30:0c:4d:08:1a:4d:8e:dd:90:1c:
bd:6b:d6:3a:b3:17:45:d7:10:7e:26:d9:14:1f:c6:
a6:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:BC:0B:6A:1E:FE:ED:CB:2D:DD:2B:65:21:B3:10:FF:92:0C:8F:D0
X509v3 Authority Key Identifier:
keyid:25:82:7D:84:05:6B:84:44:CC:2A:78:42:75:90:35:35:4B:84:16:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/326131343a313463313a313a3a2f34382d3438203d3e20323135353133.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:14c1:1::/48
Signature Algorithm: sha256WithRSAEncryption
5b:fc:82:2c:1c:e4:fe:91:62:66:39:6a:37:c9:09:f8:ff:ff:
56:3b:92:c9:ac:4a:7c:d4:3e:23:2d:ce:4a:11:a6:0d:91:ca:
c2:b5:2c:89:6f:b3:ec:e6:a6:01:ce:a1:22:43:fb:c2:50:06:
ae:68:70:82:08:d1:1e:d4:23:b4:da:70:37:18:d8:bf:08:8e:
81:bd:1d:bb:01:54:a1:62:6d:de:e5:9e:60:f9:a6:49:13:22:
18:40:b7:5e:d3:de:e9:65:9e:59:42:4f:a2:05:5e:ae:ba:e6:
ad:05:9a:36:2c:a5:60:a5:34:a7:6e:9a:ae:fb:19:a5:0b:b5:
af:91:85:77:d0:98:5a:8f:87:0d:2b:ad:e1:5b:e5:4c:41:d5:
e8:1c:fb:eb:bd:f5:22:5e:e9:78:dd:d2:ea:33:21:5f:6c:db:
f9:b3:a1:07:93:0a:8c:92:3b:ad:a4:fc:89:14:df:0f:4b:13:
9c:c5:d6:b7:4e:dc:10:3b:48:f0:1b:5e:b3:66:f0:77:90:64:
60:33:d2:36:fa:1a:e0:c3:c2:eb:aa:7c:6c:21:e7:0e:22:51:
7d:cb:e0:e6:c0:d7:06:a2:7e:0d:7e:e0:6c:cf:dc:d9:f1:eb:
45:a6:2d:bd:3e:bf:f6:19:64:97:97:ca:be:cd:0c:3a:23:cd:
12:95:86:bf
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUdJkYyaP7pdPtXe1YeKe8KQB8ywgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjU4MjdkODQwNTZiODQ0NGNjMmE3ODQyNzU5MDM1MzU0
Yjg0MTZiYzAeFw0yNDA1MDMwMDA1MzRaFw0yNTA1MDIwMDEwMzRaMDMxMTAvBgNV
BAMTKDRGQkMwQjZBMUVGRUVEQ0IyREREMkI2NTIxQjMxMEZGOTIwQzhGRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC00/8FCwUKt/5nFkRfGjkz6vWx
QQBJyEYznvlMk+SSkCjZj+5pr5Dpvf+4WeG4xT107mMF6PeFFMCGETDKUHdjkkRy
RW9bYe8NvRm8DZE6kw22YfuaPg6jzB/wbtd6t9QbxgGNEcP5ojXuktf4WuAx0Are
qGYAvTUpSnMbAjTqL7abt8k0HAbrK/gO2drRU5kA2DMswZtohpox3i/1n2QXMqNX
FuiMEYFPuk51YhVM0a5VhdAQ/UcN2jwTXGitcWPCGQ2/slpKbn3WuAHG6Y5nfcvk
3Dc9XtSpg4VQJ8begD9FGo4LMAxNCBpNjt2QHL1r1jqzF0XXEH4m2RQfxqbVAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUT7wLah7+7cst3StlIbMQ/5IMj9AwHwYDVR0j
BBgwFoAUJYJ9hAVrhETMKnhCdZA1NUuEFrwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjliYmZkY2YtMzVjZC00NTI0LThmZmEtMzAwNWIwYjY5
YTI5LzAvMjU4MjdEODQwNTZCODQ0NENDMkE3ODQyNzU5MDM1MzU0Qjg0MTZCQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0pZSjloQVZyaEVUTUtuaENkWkExTlV1
RUZydy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjliYmZkY2Yt
MzVjZC00NTI0LThmZmEtMzAwNWIwYjY5YTI5LzAvMzI2MTMxMzQzYTMxMzQ2MzMx
M2EzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNTM1MzEzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoUFMEAATANBgkqhkiG9w0BAQsFAAOCAQEAW/yCLBzk/pFiZjlqN8kJ+P//
VjuSyaxKfNQ+Iy3OShGmDZHKwrUsiW+z7OamAc6hIkP7wlAGrmhwggjRHtQjtNpw
NxjYvwiOgb0duwFUoWJt3uWeYPmmSRMiGEC3XtPe6WWeWUJPogVerrrmrQWaNiyl
YKU0p26arvsZpQu1r5GFd9CYWo+HDSut4VvlTEHV6Bz76731Il7peN3S6jMhX2zb
+bOhB5MKjJI7raT8iRTfD0sTnMXWt07cEDtI8Btes2bwd5BkYDPSNvoa4MPC66p8
bCHnDiJRfcvg5sDXBqJ+DX7gbM/c2fHrRaYtvT6/9hlkl5fKvs0MOiPNEpWGvw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 04:08:11 2024 by rpki-client on console-ams.rpki-client.org