Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a373030303a3a2f33362d3438203d3e20313734.roa
File: 326131343a373538303a373030303a3a2f33362d3438203d3e20313734.roa (raw, json)
Hash identifier: ZmuKD5BqRa3BPw/aEOnXVYriyfnjtMMFxFo+//sJAxA=
Subject key identifier: 77:42:CA:50:B3:41:DE:7C:FF:93:D4:E9:EF:06:44:27:67:46:45:70
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 2CD79BE4D43CC9A0721EE73985F57EF9D54F5D9D
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a373030303a3a2f33362d3438203d3e20313734.roa
Signing time: Fri 27 Sep 2024 12:07:49 +0000
ROA not before: Fri 27 Sep 2024 12:02:49 +0000
ROA not after: Fri 26 Sep 2025 12:07:49 +0000
asID: 174
IP address blocks: 2a14:7580:7000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 13:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:d7:9b:e4:d4:3c:c9:a0:72:1e:e7:39:85:f5:7e:f9:d5:4f:5d:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Sep 27 12:02:49 2024 GMT
Not After : Sep 26 12:07:49 2025 GMT
Subject: CN=7742CA50B341DE7CFF93D4E9EF06442767464570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:da:f4:78:8f:03:63:eb:66:af:97:8c:0f:d8:
07:1d:7c:ba:b5:d3:a8:ed:5d:6d:7f:b8:fc:16:58:
3f:12:bb:a3:08:cf:25:9c:c6:0e:c1:8f:42:17:69:
91:cb:e4:72:fb:ca:af:0f:fd:f5:0c:e4:c0:28:21:
d8:5d:fe:da:81:3d:bb:44:59:fd:8a:b2:ac:67:fd:
12:53:92:51:6c:8e:5f:68:e4:8b:61:f6:21:c1:43:
8c:9f:c5:19:8e:25:66:0d:62:4f:31:17:3c:e8:f1:
ef:3c:aa:a3:08:1f:f3:38:9f:a0:f2:1d:d7:07:2c:
de:53:a9:e8:89:ef:c0:f8:b6:aa:53:fb:38:17:9f:
b6:e8:d9:02:ed:91:5e:b4:d5:13:27:dc:cc:4e:89:
2f:69:5c:a8:cc:64:b6:5f:34:0b:45:fd:98:5c:52:
1c:a8:d3:84:09:e4:ea:55:a9:e4:b3:1d:24:d6:0f:
0c:bd:ad:03:e6:20:98:1c:ff:12:ae:ed:43:11:f9:
a1:47:3c:a9:e8:93:21:be:f6:55:e9:b1:71:d0:16:
c0:14:0e:9c:b0:fc:1d:55:93:c5:85:a9:7d:a9:dd:
71:01:a8:93:78:4c:6e:f0:ab:d6:30:56:fd:33:51:
36:a3:18:77:ea:f9:49:6a:b3:92:ed:f5:ac:96:14:
39:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:42:CA:50:B3:41:DE:7C:FF:93:D4:E9:EF:06:44:27:67:46:45:70
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a373030303a3a2f33362d3438203d3e20313734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:7000::/36
Signature Algorithm: sha256WithRSAEncryption
6a:25:d7:74:08:f8:11:fb:6c:6b:21:cb:d3:48:67:48:f6:83:
c4:38:59:75:bb:3f:5a:b1:d9:a0:0c:45:c9:46:27:7b:84:f2:
2f:4c:af:3d:f9:4f:9a:01:06:fc:ef:c5:99:75:8b:b6:32:56:
5f:87:87:d5:b0:c2:23:6a:6e:77:ef:e8:88:88:e9:56:58:00:
a6:88:3b:fc:95:14:7a:ea:3d:26:23:56:e2:b1:09:32:7a:e5:
7f:48:27:73:47:67:d6:98:d6:23:ff:bc:56:83:1e:e5:23:ee:
3b:76:af:dd:8c:04:af:45:01:aa:b8:d1:87:5b:61:aa:bd:ea:
9c:0a:b4:be:77:f2:c3:09:3c:1e:12:46:c9:10:07:e4:30:68:
e8:82:34:d1:b8:30:24:4c:23:a3:4d:96:1a:54:f7:63:28:7a:
9f:dd:93:ef:23:1a:0f:4f:df:ca:a1:65:8e:cb:45:29:cf:5d:
c7:f8:41:93:b1:91:46:0a:34:c6:c0:5e:0d:6d:eb:3a:0f:39:
d0:bf:96:52:36:72:52:b5:cf:13:f9:6e:a0:ea:cb:58:50:89:
ed:0c:7a:6f:35:0c:45:a3:ae:da:d8:94:d3:bd:09:08:5d:bb:
4e:b4:e5:0e:f1:8d:50:c4:0e:b1:0d:58:cb:66:dc:95:e2:b3:
bc:a4:14:7d
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIULNeb5NQ8yaByHuc5hfV++dVPXZ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDA5MjcxMjAyNDlaFw0yNTA5MjYxMjA3NDlaMDMxMTAvBgNV
BAMTKDc3NDJDQTUwQjM0MURFN0NGRjkzRDRFOUVGMDY0NDI3Njc0NjQ1NzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa2vR4jwNj62avl4wP2AcdfLq1
06jtXW1/uPwWWD8Su6MIzyWcxg7Bj0IXaZHL5HL7yq8P/fUM5MAoIdhd/tqBPbtE
Wf2Ksqxn/RJTklFsjl9o5Ith9iHBQ4yfxRmOJWYNYk8xFzzo8e88qqMIH/M4n6Dy
HdcHLN5TqeiJ78D4tqpT+zgXn7bo2QLtkV601RMn3MxOiS9pXKjMZLZfNAtF/Zhc
Uhyo04QJ5OpVqeSzHSTWDwy9rQPmIJgc/xKu7UMR+aFHPKnokyG+9lXpsXHQFsAU
Dpyw/B1Vk8WFqX2p3XEBqJN4TG7wq9YwVv0zUTajGHfq+Ulqs5Lt9ayWFDkDAgMB
AAGjggJDMIICPzAdBgNVHQ4EFgQUd0LKULNB3nz/k9Tp7wZEJ2dGRXAwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMw
M2EzNzMwMzAzMDNhM2EyZjMzMzYyZDM0MzgyMDNkM2UyMDMxMzczNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIw
CAMGBCoUdYBwMA0GCSqGSIb3DQEBCwUAA4IBAQBqJdd0CPgR+2xrIcvTSGdI9oPE
OFl1uz9asdmgDEXJRid7hPIvTK89+U+aAQb878WZdYu2MlZfh4fVsMIjam537+iI
iOlWWACmiDv8lRR66j0mI1bisQkyeuV/SCdzR2fWmNYj/7xWgx7lI+47dq/djASv
RQGquNGHW2GqveqcCrS+d/LDCTweEkbJEAfkMGjogjTRuDAkTCOjTZYaVPdjKHqf
3ZPvIxoPT9/KoWWOy0Upz13H+EGTsZFGCjTGwF4Nbes6DznQv5ZSNnJStc8T+W6g
6stYUIntDHpvNQxFo67a2JTTvQkIXbtOtOUO8Y1QxA6xDVjLZtyV4rO8pBR9
-----END CERTIFICATE-----
Generated at Tue Oct 22 16:10:16 2024 by rpki-client on console-fra.rpki-client.org