Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a333030303a3a2f33362d3438203d3e203434383232.roa
File: 326131343a373538303a333030303a3a2f33362d3438203d3e203434383232.roa (raw, json)
Hash identifier: S9wgLuChaWhsOf8U02Ykhl6iBmzjzAjTqqVNSms0KTo=
Subject key identifier: EC:DC:68:31:B6:4D:F5:A8:DF:C8:58:71:8D:E7:D5:45:E9:A7:9B:72
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 754144D5DAA54DEE31CB076A443081CE70A1F3B8
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a333030303a3a2f33362d3438203d3e203434383232.roa
Signing time: Sat 03 Aug 2024 12:09:35 +0000
ROA not before: Sat 03 Aug 2024 12:04:35 +0000
ROA not after: Sat 02 Aug 2025 12:09:35 +0000
asID: 44822
IP address blocks: 2a14:7580:3000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:41:44:d5:da:a5:4d:ee:31:cb:07:6a:44:30:81:ce:70:a1:f3:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Aug 3 12:04:35 2024 GMT
Not After : Aug 2 12:09:35 2025 GMT
Subject: CN=ECDC6831B64DF5A8DFC858718DE7D545E9A79B72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:c3:e7:d2:65:3c:9a:6e:43:d4:13:81:a6:24:
19:55:80:a7:ca:b3:c3:66:e6:23:0c:98:3b:c6:42:
f1:b9:aa:f9:f3:f2:d7:89:40:4b:6a:d4:bc:c5:47:
a3:63:8d:c6:86:39:11:c4:96:6c:b7:ac:e2:69:ae:
2f:a9:6e:d9:dc:db:ba:da:78:fb:05:e3:d3:54:b8:
dc:4e:db:b2:7e:1b:42:b8:f0:c7:3a:7d:a0:8d:69:
f8:31:57:22:c4:06:ac:65:56:1e:25:d8:df:73:d7:
8b:ab:15:15:80:21:22:3c:b9:ba:8b:df:4f:16:d8:
f1:bb:9a:9e:64:76:51:ba:e9:d7:5d:f3:54:88:04:
f6:23:34:53:61:60:ed:a8:37:32:8b:52:b7:e5:73:
2d:50:96:eb:1f:5b:15:0b:e4:ff:a0:4a:2a:2c:7c:
0c:f1:3a:88:38:df:bf:0f:9a:39:5c:22:54:9d:50:
ae:8a:ce:c1:a7:27:7b:97:bb:4e:39:cd:e3:fb:41:
0f:fe:47:b3:49:31:6c:f2:8b:40:0c:d6:ad:d1:bf:
eb:ca:bf:fc:37:96:a5:70:a8:d4:62:ee:77:84:94:
99:23:05:df:13:ba:ed:13:05:ac:05:04:2b:43:1c:
82:42:1a:19:da:b8:5b:6f:44:7f:37:18:eb:f7:cb:
7f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:DC:68:31:B6:4D:F5:A8:DF:C8:58:71:8D:E7:D5:45:E9:A7:9B:72
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a333030303a3a2f33362d3438203d3e203434383232.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:3000::/36
Signature Algorithm: sha256WithRSAEncryption
0d:b4:db:17:84:2e:a4:54:f6:8b:0b:10:36:26:72:d2:9c:45:
da:5b:2f:7e:06:43:e1:d2:12:79:dd:f1:62:d0:d7:79:25:13:
2e:66:f8:df:2e:aa:36:a7:cb:a3:c4:39:39:66:9f:da:c4:22:
f9:81:87:1e:a8:d6:1d:97:86:28:3d:20:01:98:a6:b7:f7:f3:
83:4f:8c:c5:18:b1:74:08:e2:9e:32:e7:ca:f6:ea:18:0e:c2:
8f:8a:8e:6d:21:1c:8b:71:d2:88:b6:25:b7:86:6a:37:39:f3:
65:18:3a:5e:12:92:51:0b:ba:5b:d0:3e:ea:f6:6f:8b:78:fd:
95:11:f3:6e:50:9a:97:49:45:93:6d:0b:ab:54:a9:64:5d:b5:
c5:77:e9:31:65:9e:73:01:1f:6a:e1:48:9b:cc:e1:0f:73:0b:
af:d1:92:6f:ad:a7:b8:88:05:61:81:da:9d:9d:bc:be:56:31:
99:22:4a:f0:8b:b2:36:d0:c7:cd:2a:0c:de:c1:24:41:34:4f:
a1:d6:a4:25:e9:d3:b1:75:5c:97:ca:f7:84:20:3a:a7:d9:31:
df:2e:0b:5a:b7:bb:da:d1:76:02:14:b8:98:85:02:41:10:67:
64:ab:f3:f0:39:9b:d9:d2:df:74:61:17:50:9a:f7:8d:95:07:
b9:a7:c3:75
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUdUFE1dqlTe4xywdqRDCBznCh87gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDA4MDMxMjA0MzVaFw0yNTA4MDIxMjA5MzVaMDMxMTAvBgNV
BAMTKEVDREM2ODMxQjY0REY1QThERkM4NTg3MThERTdENTQ1RTlBNzlCNzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDuw+fSZTyabkPUE4GmJBlVgKfK
s8Nm5iMMmDvGQvG5qvnz8teJQEtq1LzFR6NjjcaGORHElmy3rOJpri+pbtnc27ra
ePsF49NUuNxO27J+G0K48Mc6faCNafgxVyLEBqxlVh4l2N9z14urFRWAISI8ubqL
308W2PG7mp5kdlG66ddd81SIBPYjNFNhYO2oNzKLUrflcy1QlusfWxUL5P+gSios
fAzxOog4378PmjlcIlSdUK6KzsGnJ3uXu045zeP7QQ/+R7NJMWzyi0AM1q3Rv+vK
v/w3lqVwqNRi7neElJkjBd8Tuu0TBawFBCtDHIJCGhnauFtvRH83GOv3y38JAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQU7NxoMbZN9ajfyFhxjefVRemnm3IwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMw
M2EzMzMwMzAzMDNhM2EyZjMzMzYyZDM0MzgyMDNkM2UyMDM0MzQzODMyMzIucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgQqFHWAMDANBgkqhkiG9w0BAQsFAAOCAQEADbTbF4QupFT2iwsQNiZy
0pxF2lsvfgZD4dISed3xYtDXeSUTLmb43y6qNqfLo8Q5OWaf2sQi+YGHHqjWHZeG
KD0gAZimt/fzg0+MxRixdAjinjLnyvbqGA7Cj4qObSEci3HSiLYlt4ZqNznzZRg6
XhKSUQu6W9A+6vZvi3j9lRHzblCal0lFk20Lq1SpZF21xXfpMWWecwEfauFIm8zh
D3MLr9GSb62nuIgFYYHanZ28vlYxmSJK8IuyNtDHzSoM3sEkQTRPodakJenTsXVc
l8r3hCA6p9kx3y4LWre72tF2AhS4mIUCQRBnZKvz8Dmb2dLfdGEXUJr3jZUHuafD
dQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org