Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634303a3a2f33322d3438203d3e20323030323432.roa
File: 326131343a366634303a3a2f33322d3438203d3e20323030323432.roa (raw, json)
Hash identifier: qhoj8vou0d4ZtC5V1DKyyM7rrTWsmPFrHxQlmlsE9nQ=
Subject key identifier: B0:35:95:E2:FD:E7:CF:7A:DA:CC:7A:F4:CF:5C:0E:31:EE:30:DD:0D
Certificate issuer: /CN=3eeebb946a8d21d4083c93dc09cee557bb2ac32e
Certificate serial: 7F385E6590FBBE30499E55FF6233AD26942496B2
Authority key identifier: 3E:EE:BB:94:6A:8D:21:D4:08:3C:93:DC:09:CE:E5:57:BB:2A:C3:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634303a3a2f33322d3438203d3e20323030323432.roa
Signing time: Tue 30 Jul 2024 17:21:59 +0000
ROA not before: Tue 30 Jul 2024 17:16:59 +0000
ROA not after: Tue 29 Jul 2025 17:21:59 +0000
asID: 200242
IP address blocks: 2a14:6f40::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Dec 2024 00:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:38:5e:65:90:fb:be:30:49:9e:55:ff:62:33:ad:26:94:24:96:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eeebb946a8d21d4083c93dc09cee557bb2ac32e
Validity
Not Before: Jul 30 17:16:59 2024 GMT
Not After : Jul 29 17:21:59 2025 GMT
Subject: CN=B03595E2FDE7CF7ADACC7AF4CF5C0E31EE30DD0D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:4b:fc:f3:a2:d2:eb:94:c2:d4:fe:10:af:80:
ce:0c:72:00:d8:80:a6:5d:6e:de:31:4a:e7:f7:a2:
81:e5:87:7d:6d:bb:6e:1f:01:ff:9b:de:d6:6e:30:
ca:ba:af:38:8c:0e:c7:78:3a:68:e5:f9:e5:99:c2:
6e:a1:75:05:9a:df:99:38:4b:f9:31:40:ec:a1:17:
e2:bb:20:17:5d:9c:8f:53:0f:fb:e3:6c:d0:67:0d:
82:54:99:f4:02:42:aa:4d:7c:de:78:83:05:11:51:
4f:e0:4a:ad:d9:13:5d:74:d9:12:3f:60:d0:c4:3d:
86:b8:28:50:5c:d9:dd:a1:ef:bd:1b:e9:e9:e9:2f:
f2:72:f5:32:94:0f:38:a5:74:2a:c1:92:a5:b7:05:
07:01:a1:49:56:1a:60:ab:d5:93:94:f0:60:80:8f:
c5:f1:59:d5:1d:4d:26:da:4a:d3:54:f9:d6:74:41:
6b:90:ba:be:21:ed:89:05:b0:a7:6c:75:c9:e5:e5:
d5:65:fe:bf:a2:a4:9e:c3:d8:bf:93:52:f6:9a:dd:
3a:28:65:9d:af:c6:72:f8:5f:f9:67:8c:1c:c9:de:
47:f5:54:04:5f:5e:55:af:0c:25:ad:97:23:ac:18:
cd:84:23:e7:22:8b:c5:63:a6:8b:10:b0:ef:f0:20:
14:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:35:95:E2:FD:E7:CF:7A:DA:CC:7A:F4:CF:5C:0E:31:EE:30:DD:0D
X509v3 Authority Key Identifier:
keyid:3E:EE:BB:94:6A:8D:21:D4:08:3C:93:DC:09:CE:E5:57:BB:2A:C3:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634303a3a2f33322d3438203d3e20323030323432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:6f40::/32
Signature Algorithm: sha256WithRSAEncryption
16:d2:d3:1b:87:b7:a4:ef:0a:f2:e0:e9:c6:95:4c:27:b3:22:
47:86:db:8b:58:74:d4:05:56:d6:3a:f5:1e:d4:28:3c:95:4b:
5d:24:7e:1e:04:01:34:ae:e0:98:3d:96:6d:18:5f:a3:7a:81:
04:78:4b:5c:5f:d6:27:e0:e4:47:19:fd:62:11:40:c6:12:66:
04:85:2d:e2:e4:00:03:d1:56:e8:ed:e8:03:4e:af:47:23:93:
d5:42:9a:93:db:e1:75:6d:a8:a3:52:80:7d:97:a0:f1:99:8e:
d3:96:16:81:d9:b7:ad:2b:88:2d:3e:3e:3c:7e:4d:a9:76:17:
80:1c:dc:58:9a:f3:29:14:f4:66:38:0b:ac:69:7c:22:83:1a:
54:41:29:91:86:48:0b:f0:c7:af:bf:3f:cb:42:71:a7:e2:1e:
c6:51:5b:4a:48:76:45:a5:7c:ef:ad:ba:1d:f6:9b:e1:8f:a8:
7f:14:ea:d2:5e:ad:7c:8f:ce:9d:db:92:47:8d:94:69:25:32:
6d:5e:67:38:70:c6:3f:34:4f:9d:b0:8f:90:22:c4:bd:db:3a:
fe:62:b5:27:3e:37:2d:67:d5:bc:a9:4e:c0:b6:4e:77:16:ad:
31:5a:13:c2:45:86:13:52:02:46:a1:3b:9c:5f:c4:99:77:9e:
6f:f0:dc:1a
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUfzheZZD7vjBJnlX/YjOtJpQklrIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2VlZWJiOTQ2YThkMjFkNDA4M2M5M2RjMDljZWU1NTdi
YjJhYzMyZTAeFw0yNDA3MzAxNzE2NTlaFw0yNTA3MjkxNzIxNTlaMDMxMTAvBgNV
BAMTKEIwMzU5NUUyRkRFN0NGN0FEQUNDN0FGNENGNUMwRTMxRUUzMEREMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDuS/zzotLrlMLU/hCvgM4McgDY
gKZdbt4xSuf3ooHlh31tu24fAf+b3tZuMMq6rziMDsd4Omjl+eWZwm6hdQWa35k4
S/kxQOyhF+K7IBddnI9TD/vjbNBnDYJUmfQCQqpNfN54gwURUU/gSq3ZE1102RI/
YNDEPYa4KFBc2d2h770b6enpL/Jy9TKUDzildCrBkqW3BQcBoUlWGmCr1ZOU8GCA
j8XxWdUdTSbaStNU+dZ0QWuQur4h7YkFsKdsdcnl5dVl/r+ipJ7D2L+TUvaa3Too
ZZ2vxnL4X/lnjBzJ3kf1VARfXlWvDCWtlyOsGM2EI+cii8VjposQsO/wIBTlAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUsDWV4v3nz3razHr0z1wOMe4w3Q0wHwYDVR0j
BBgwFoAUPu67lGqNIdQIPJPcCc7lV7sqwy4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmZmN2E5ODktZWNkZi00M2Q2LTg2ZTEtZjZjMzkzNWI5
YjNkLzQvM0VFRUJCOTQ2QThEMjFENDA4M0M5M0RDMDlDRUU1NTdCQjJBQzMyRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1B1NjdsR3FOSWRRSVBKUGNDYzdsVjdz
cXd5NC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmZmN2E5ODkt
ZWNkZi00M2Q2LTg2ZTEtZjZjMzkzNWI5YjNkLzQvMzI2MTMxMzQzYTM2NjYzNDMw
M2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzIzMDMwMzIzNDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KhRvQDANBgkqhkiG9w0BAQsFAAOCAQEAFtLTG4e3pO8K8uDpxpVMJ7MiR4bbi1h0
1AVW1jr1HtQoPJVLXSR+HgQBNK7gmD2WbRhfo3qBBHhLXF/WJ+DkRxn9YhFAxhJm
BIUt4uQAA9FW6O3oA06vRyOT1UKak9vhdW2oo1KAfZeg8ZmO05YWgdm3rSuILT4+
PH5NqXYXgBzcWJrzKRT0ZjgLrGl8IoMaVEEpkYZIC/DHr78/y0Jxp+IexlFbSkh2
RaV87626Hfab4Y+ofxTq0l6tfI/OnduSR42UaSUybV5nOHDGPzRPnbCPkCLEvds6
/mK1Jz43LWfVvKlOwLZOdxatMVoTwkWGE1ICRqE7nF/EmXeeb/DcGg==
-----END CERTIFICATE-----
Generated at Tue Dec 3 03:27:16 2024 by rpki-client on console-fra.rpki-client.org