Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/326130623a346530343a626565663a3a2f34382d3438203d3e20323135373531.roa
File: 326130623a346530343a626565663a3a2f34382d3438203d3e20323135373531.roa (raw, json)
Hash identifier: pp5dluoWAlvwSsAcdfBtk6QtidffMQIErBn+rNV4dXM=
Subject key identifier: DE:AF:21:A1:96:1D:6D:52:4A:BC:B1:C8:27:EB:08:71:86:F3:6B:F0
Certificate issuer: /CN=42e508fba8960f48071b119accbf57bdbf3a8057
Certificate serial: 068B1C61300504A002592A54CC9D05450E04479E
Authority key identifier: 42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/326130623a346530343a626565663a3a2f34382d3438203d3e20323135373531.roa
Signing time: Tue 23 Jul 2024 02:27:18 +0000
ROA not before: Tue 23 Jul 2024 02:22:18 +0000
ROA not after: Tue 22 Jul 2025 02:27:18 +0000
asID: 215751
IP address blocks: 2a0b:4e04:beef::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft
rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 02:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:8b:1c:61:30:05:04:a0:02:59:2a:54:cc:9d:05:45:0e:04:47:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42e508fba8960f48071b119accbf57bdbf3a8057
Validity
Not Before: Jul 23 02:22:18 2024 GMT
Not After : Jul 22 02:27:18 2025 GMT
Subject: CN=DEAF21A1961D6D524ABCB1C827EB087186F36BF0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:16:a4:75:a8:2b:ce:9d:89:2b:b7:4d:c4:9d:
ed:79:cc:bf:24:18:78:20:b0:04:f8:b4:81:ac:26:
8b:e8:28:ea:16:42:e6:25:42:fd:cc:b4:57:cf:3d:
63:d5:9c:98:1f:c0:90:d4:ec:16:a1:79:d2:8c:e8:
3d:80:c2:50:31:5b:f5:65:06:8e:7c:64:3e:13:a3:
3d:d2:72:ee:16:28:1a:5d:74:88:27:d2:32:fd:44:
95:ad:5a:eb:7d:f6:59:73:de:78:63:09:68:ce:28:
15:93:d3:68:07:5c:97:58:f9:b3:df:77:de:58:4e:
85:cb:09:55:b8:83:9b:a0:6b:63:99:88:01:9e:81:
4a:57:02:bc:b8:72:f3:77:50:6a:eb:fa:d1:04:1c:
bd:80:d7:d7:a6:4c:9a:b8:bf:3f:ab:5b:4d:eb:89:
72:7b:e1:19:5f:e8:27:2e:9d:77:00:d5:9d:b8:13:
89:ee:e8:b3:56:2d:05:be:a7:fd:0d:7e:4f:8f:58:
5e:f7:15:62:d6:e9:08:0c:1f:33:9f:40:c3:ed:ae:
7a:f0:d6:90:05:52:59:50:b8:c1:2d:8b:1a:bc:61:
e0:0e:58:40:0b:1c:20:33:be:5b:81:e4:10:19:75:
8c:a9:80:fb:57:1d:b6:28:44:d7:7f:0c:3b:62:79:
d3:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:AF:21:A1:96:1D:6D:52:4A:BC:B1:C8:27:EB:08:71:86:F3:6B:F0
X509v3 Authority Key Identifier:
keyid:42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/326130623a346530343a626565663a3a2f34382d3438203d3e20323135373531.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:4e04:beef::/48
Signature Algorithm: sha256WithRSAEncryption
45:a6:99:bd:37:5c:38:9b:5e:04:11:4e:84:fa:4b:b0:9f:7c:
11:1c:b3:6f:c7:0b:9a:08:2b:59:07:80:79:84:c0:81:ef:a6:
bc:35:8a:d9:a4:cc:46:5c:3d:68:54:ff:f0:7e:cf:a7:09:c5:
ff:89:ff:cd:40:36:4f:1c:c2:a4:52:82:26:12:e7:9a:bc:94:
c7:90:8d:e0:1d:49:2d:83:40:f6:1c:76:5c:91:26:fe:36:f9:
94:80:57:69:1d:90:b1:18:b3:db:d4:0e:ff:bf:4c:45:fc:e4:
e6:25:25:2d:69:82:cf:98:67:29:ee:32:b9:8d:0d:e4:df:85:
27:a7:a7:df:2a:4f:44:56:c7:d5:87:29:aa:ff:fe:6f:e0:35:
1f:d1:2c:b1:93:02:47:a0:78:78:e9:14:a0:b4:cb:25:a9:ea:
53:16:5c:68:a0:23:6a:60:34:e2:83:05:fc:1a:e9:1e:09:d4:
30:5e:52:29:af:54:5f:17:d1:45:29:c8:01:27:c8:aa:f5:63:
5f:a3:3b:05:ae:2c:23:3c:c0:81:be:de:90:34:6b:40:7d:28:
6d:62:1f:ac:1a:90:8f:35:a4:f9:6b:80:df:c3:f2:b8:09:34:
f1:8e:2d:c1:86:c2:04:b6:96:ab:f4:6a:c9:98:cf:dd:cd:cb:
0e:6c:17:25
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUBoscYTAFBKACWSpUzJ0FRQ4ER54wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDJlNTA4ZmJhODk2MGY0ODA3MWIxMTlhY2NiZjU3YmRi
ZjNhODA1NzAeFw0yNDA3MjMwMjIyMThaFw0yNTA3MjIwMjI3MThaMDMxMTAvBgNV
BAMTKERFQUYyMUExOTYxRDZENTI0QUJDQjFDODI3RUIwODcxODZGMzZCRjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfFqR1qCvOnYkrt03Ene15zL8k
GHggsAT4tIGsJovoKOoWQuYlQv3MtFfPPWPVnJgfwJDU7BahedKM6D2AwlAxW/Vl
Bo58ZD4Toz3Scu4WKBpddIgn0jL9RJWtWut99llz3nhjCWjOKBWT02gHXJdY+bPf
d95YToXLCVW4g5uga2OZiAGegUpXAry4cvN3UGrr+tEEHL2A19emTJq4vz+rW03r
iXJ74Rlf6CcunXcA1Z24E4nu6LNWLQW+p/0Nfk+PWF73FWLW6QgMHzOfQMPtrnrw
1pAFUllQuMEtixq8YeAOWEALHCAzvluB5BAZdYypgPtXHbYoRNd/DDtiedOFAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU3q8hoZYdbVJKvLHIJ+sIcYbza/AwHwYDVR0j
BBgwFoAUQuUI+6iWD0gHGxGazL9Xvb86gFcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzNiOGVjMDEtOGJhNS00NzlmLWEyMjktMGFiNzBlNDgx
NWJiLzAvNDJFNTA4RkJBODk2MEY0ODA3MUIxMTlBQ0NCRjU3QkRCRjNBODA1Ny5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1F1VUktNmlXRDBnSEd4R2F6TDlYdmI4
NmdGYy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzNiOGVjMDEt
OGJhNS00NzlmLWEyMjktMGFiNzBlNDgxNWJiLzAvMzI2MTMwNjIzYTM0NjUzMDM0
M2E2MjY1NjU2NjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNTM3MzUzMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoLTgS+7zANBgkqhkiG9w0BAQsFAAOCAQEARaaZvTdcOJteBBFO
hPpLsJ98ERyzb8cLmggrWQeAeYTAge+mvDWK2aTMRlw9aFT/8H7PpwnF/4n/zUA2
TxzCpFKCJhLnmryUx5CN4B1JLYNA9hx2XJEm/jb5lIBXaR2QsRiz29QO/79MRfzk
5iUlLWmCz5hnKe4yuY0N5N+FJ6en3ypPRFbH1Ycpqv/+b+A1H9EssZMCR6B4eOkU
oLTLJanqUxZcaKAjamA04oMF/BrpHgnUMF5SKa9UXxfRRSnIASfIqvVjX6M7Ba4s
IzzAgb7ekDRrQH0obWIfrBqQjzWk+WuA38PyuAk08Y4twYbCBLaWq/RqyZjP3c3L
DmwXJQ==
-----END CERTIFICATE-----
Generated at Wed Sep 18 08:50:49 2024 by rpki-client on console-ams.rpki-client.org