Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a333a3a2f34382d3438203d3e203538323032.roa
File: 326131343a373538303a333a3a2f34382d3438203d3e203538323032.roa (raw, json)
Hash identifier: hGzxp2nw2W4/xel3qmVMLIko5JzzXi3qpMkgzbGLDjc=
Subject key identifier: 98:22:54:69:A5:42:07:DF:D1:98:E8:2D:7D:41:B5:21:FF:DE:47:D4
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 3FED9794403C7DE619BBE39C73C5AD5C5E39C4CA
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a333a3a2f34382d3438203d3e203538323032.roa
Signing time: Sun 06 Oct 2024 09:32:28 +0000
ROA not before: Sun 06 Oct 2024 09:27:28 +0000
ROA not after: Sun 05 Oct 2025 09:32:28 +0000
asID: 58202
IP address blocks: 2a14:7580:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:ed:97:94:40:3c:7d:e6:19:bb:e3:9c:73:c5:ad:5c:5e:39:c4:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Oct 6 09:27:28 2024 GMT
Not After : Oct 5 09:32:28 2025 GMT
Subject: CN=98225469A54207DFD198E82D7D41B521FFDE47D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b0:a9:b5:e1:02:71:15:fd:01:55:b8:66:c8:
1f:7f:71:f6:c1:16:2f:2c:89:ea:26:1c:fd:8c:f6:
82:61:2a:3b:c8:6d:62:f2:bc:67:90:23:b2:3b:92:
66:fc:b5:3c:1e:fc:e6:fd:0b:59:61:ca:32:ab:8c:
16:c3:c7:71:17:44:35:73:a4:7c:4a:20:e9:4f:ed:
7b:2a:8c:af:2f:59:a6:42:39:09:ab:56:34:ed:69:
21:1e:c5:01:65:f7:18:24:2d:70:35:d4:4a:b7:aa:
f8:be:cf:ce:35:b2:a6:7f:1c:01:3e:39:dd:d3:88:
94:21:4d:1c:2a:c6:b3:0f:80:32:55:aa:c5:6c:1e:
37:6d:27:25:3e:73:8b:31:e8:33:f7:66:a8:aa:66:
db:6f:48:a9:c6:ef:2e:1a:78:df:a5:c9:fb:fb:53:
ea:33:93:ba:b8:81:36:75:33:8a:66:ba:26:8e:f9:
d6:e3:37:12:d4:17:ec:a4:59:3b:76:4f:97:bd:6d:
a4:ff:d3:f6:17:85:ed:16:21:a2:a8:5c:99:fe:83:
9e:4f:1d:81:1e:62:b4:fa:c0:7a:ed:84:cf:da:63:
cb:46:2f:4b:d4:ac:51:18:52:0d:79:75:c9:85:72:
28:01:f2:8d:72:bc:45:4f:d7:9a:37:c7:33:f9:e4:
30:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:22:54:69:A5:42:07:DF:D1:98:E8:2D:7D:41:B5:21:FF:DE:47:D4
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a333a3a2f34382d3438203d3e203538323032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:3::/48
Signature Algorithm: sha256WithRSAEncryption
08:f0:50:34:42:b2:e7:ed:23:74:5b:dc:e6:b7:97:67:17:0a:
f5:a0:45:ae:00:9a:2c:4f:7c:b4:23:5b:17:31:59:7c:5e:3e:
dc:90:68:4d:40:39:12:38:48:e1:dc:77:c4:d5:53:4a:8a:6d:
99:74:63:60:a8:b4:9e:aa:80:6c:20:5d:89:db:ed:3d:af:11:
0a:c2:7f:07:62:dc:e9:f5:21:55:c5:d6:2b:71:12:c7:99:dc:
6e:2a:65:cf:cc:0a:72:a5:1f:ec:e0:b7:93:38:57:2f:e1:62:
39:90:4c:e7:ad:2c:10:e4:0e:99:3b:76:71:5a:77:ec:c7:a2:
48:06:34:7f:e4:fa:03:37:1f:ee:77:0e:a3:bb:52:49:5f:a2:
2b:a1:2b:c3:fd:64:72:be:ad:e9:d9:3e:fe:83:93:50:33:5a:
ac:62:47:59:6a:d9:ca:e9:a0:2d:5f:8d:87:24:eb:46:99:34:
c8:f7:ac:81:57:3c:62:79:5e:6f:e9:30:f9:99:73:50:cb:8d:
4e:b1:32:00:5b:8c:ca:1a:47:ab:da:41:42:64:81:ec:1d:9c:
bc:87:fb:93:fd:ae:28:db:67:16:1f:27:3f:bf:c8:d9:e5:e4:
3a:a3:56:ab:0e:1d:3e:18:16:44:c9:40:7c:6a:21:cc:a8:ec:
a6:45:0e:20
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUP+2XlEA8feYZu+Occ8WtXF45xMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDEwMDYwOTI3MjhaFw0yNTEwMDUwOTMyMjhaMDMxMTAvBgNV
BAMTKDk4MjI1NDY5QTU0MjA3REZEMTk4RTgyRDdENDFCNTIxRkZERTQ3RDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJsKm14QJxFf0BVbhmyB9/cfbB
Fi8sieomHP2M9oJhKjvIbWLyvGeQI7I7kmb8tTwe/Ob9C1lhyjKrjBbDx3EXRDVz
pHxKIOlP7XsqjK8vWaZCOQmrVjTtaSEexQFl9xgkLXA11Eq3qvi+z841sqZ/HAE+
Od3TiJQhTRwqxrMPgDJVqsVsHjdtJyU+c4sx6DP3ZqiqZttvSKnG7y4aeN+lyfv7
U+ozk7q4gTZ1M4pmuiaO+dbjNxLUF+ykWTt2T5e9baT/0/YXhe0WIaKoXJn+g55P
HYEeYrT6wHrthM/aY8tGL0vUrFEYUg15dcmFcigB8o1yvEVP15o3xzP55DAJAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUmCJUaaVCB9/RmOgtfUG1If/eR9QwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMw
M2EzMzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDM1MzgzMjMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqFHWAAAMwDQYJKoZIhvcNAQELBQADggEBAAjwUDRCsuftI3Rb3Oa3l2cXCvWg
Ra4AmixPfLQjWxcxWXxePtyQaE1AORI4SOHcd8TVU0qKbZl0Y2CotJ6qgGwgXYnb
7T2vEQrCfwdi3On1IVXF1itxEseZ3G4qZc/MCnKlH+zgt5M4Vy/hYjmQTOetLBDk
Dpk7dnFad+zHokgGNH/k+gM3H+53DqO7UklfoiuhK8P9ZHK+renZPv6Dk1AzWqxi
R1lq2crpoC1fjYck60aZNMj3rIFXPGJ5Xm/pMPmZc1DLjU6xMgBbjMoaR6vaQUJk
gewdnLyH+5P9rijbZxYfJz+/yNnl5DqjVqsOHT4YFkTJQHxqIcyo7KZFDiA=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org