Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a383030303a3a2f33362d3438203d3e20323135343730.roa
File: 326131343a373538303a383030303a3a2f33362d3438203d3e20323135343730.roa (raw, json)
Hash identifier: tXuVpPIeBj5T9IRfop7kG2JfmR/QjMuTL0uIcaq1B08=
Subject key identifier: D7:E9:9F:10:5B:25:A8:9D:72:12:F8:29:94:D1:08:E5:EB:F8:E8:2E
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 132512A346A988645D08ED1DA340DA024294ABC0
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a383030303a3a2f33362d3438203d3e20323135343730.roa
Signing time: Sun 13 Oct 2024 10:46:21 +0000
ROA not before: Sun 13 Oct 2024 10:41:21 +0000
ROA not after: Sun 12 Oct 2025 10:46:21 +0000
asID: 215470
IP address blocks: 2a14:7580:8000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:25:12:a3:46:a9:88:64:5d:08:ed:1d:a3:40:da:02:42:94:ab:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Oct 13 10:41:21 2024 GMT
Not After : Oct 12 10:46:21 2025 GMT
Subject: CN=D7E99F105B25A89D7212F82994D108E5EBF8E82E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fe:c5:06:c3:e1:66:be:94:1b:90:60:04:83:
1e:2f:6e:78:23:9c:46:85:29:3c:97:ff:5c:c9:06:
b2:09:6f:d3:64:8b:c4:f4:53:ee:f3:5e:e9:86:67:
e8:69:e8:af:9e:80:d3:6f:e9:3d:05:0a:4d:f9:6f:
45:c7:4d:ef:dc:2a:95:df:bb:9b:9b:93:17:34:9b:
3c:0e:0c:39:21:ed:3d:3d:07:32:a1:16:df:19:18:
26:36:43:38:fe:94:bb:cc:1d:7e:0f:9c:67:8b:bb:
8e:07:84:6e:12:9d:09:b3:2a:ba:99:53:0e:bc:b2:
a3:48:93:5f:99:ac:0c:fd:48:df:d3:a8:b5:c5:5f:
9c:21:ef:d5:8b:09:fa:49:bb:43:b1:99:89:11:2a:
ed:a1:9a:2a:86:2a:bd:df:7d:41:32:3f:0e:70:8c:
ba:33:e6:8c:2c:b8:51:3b:01:21:9d:db:0c:6b:27:
bc:21:27:73:47:77:e6:34:3b:ca:e7:35:41:6d:26:
e9:ee:ab:d4:19:fb:c7:66:c1:41:08:66:cf:b8:6c:
47:2e:b9:88:b6:3e:ba:29:f2:74:a9:cf:9b:eb:08:
36:1d:d1:3a:e0:5d:9e:5b:83:6e:87:45:8b:15:c2:
9a:e4:06:50:b4:01:63:17:e9:26:ad:f4:ff:56:dd:
b7:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:E9:9F:10:5B:25:A8:9D:72:12:F8:29:94:D1:08:E5:EB:F8:E8:2E
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a383030303a3a2f33362d3438203d3e20323135343730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:8000::/36
Signature Algorithm: sha256WithRSAEncryption
43:07:c2:43:1c:e3:cc:85:fd:36:17:e4:76:9a:f3:61:1f:a7:
35:12:cf:2c:b4:0f:6f:1d:35:fa:fc:70:94:40:52:12:a0:7e:
12:21:c3:25:a2:06:17:7c:b5:78:69:ff:e9:f0:95:32:66:25:
4e:a2:da:b1:39:2b:dd:ae:f0:78:de:c0:a4:e9:e3:89:95:6b:
85:56:20:e7:79:36:6f:79:39:4e:c8:44:d6:a3:ff:d0:6f:d6:
6b:b1:70:9b:c0:d7:70:17:dd:f1:25:16:91:92:c0:39:f5:b5:
a3:45:03:e0:64:7d:e7:0b:df:b8:72:d7:9b:b6:80:79:49:bb:
96:9c:c0:cb:2c:0b:69:7c:8a:00:fe:83:62:66:9e:21:11:9c:
27:72:3c:74:4e:24:2d:80:96:67:fb:48:14:d1:d7:44:22:d0:
08:ea:f1:7c:43:0b:d2:a0:85:25:d4:71:36:74:d0:a4:2a:41:
2f:c7:d2:20:cd:39:c3:2a:9c:4a:49:1c:d2:be:2e:96:3d:39:
11:29:6b:3b:28:94:7d:6b:aa:72:aa:59:92:3b:2e:d3:24:36:
5c:12:9f:df:9d:32:bb:3f:98:7a:b0:0f:bb:31:bf:07:57:24:
ed:bc:f4:bf:9a:ab:f9:1d:66:36:41:fc:78:ad:87:d5:8f:bb:
b2:b6:80:a0
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUEyUSo0apiGRdCO0do0DaAkKUq8AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDEwMTMxMDQxMjFaFw0yNTEwMTIxMDQ2MjFaMDMxMTAvBgNV
BAMTKEQ3RTk5RjEwNUIyNUE4OUQ3MjEyRjgyOTk0RDEwOEU1RUJGOEU4MkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy/sUGw+FmvpQbkGAEgx4vbngj
nEaFKTyX/1zJBrIJb9Nki8T0U+7zXumGZ+hp6K+egNNv6T0FCk35b0XHTe/cKpXf
u5ubkxc0mzwODDkh7T09BzKhFt8ZGCY2Qzj+lLvMHX4PnGeLu44HhG4SnQmzKrqZ
Uw68sqNIk1+ZrAz9SN/TqLXFX5wh79WLCfpJu0OxmYkRKu2hmiqGKr3ffUEyPw5w
jLoz5owsuFE7ASGd2wxrJ7whJ3NHd+Y0O8rnNUFtJunuq9QZ+8dmwUEIZs+4bEcu
uYi2Prop8nSpz5vrCDYd0TrgXZ5bg26HRYsVwprkBlC0AWMX6Sat9P9W3bfnAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQU1+mfEFslqJ1yEvgplNEI5ev46C4wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMw
M2EzODMwMzAzMDNhM2EyZjMzMzYyZDM0MzgyMDNkM2UyMDMyMzEzNTM0MzczMC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGBCoUdYCAMA0GCSqGSIb3DQEBCwUAA4IBAQBDB8JDHOPMhf02F+R2
mvNhH6c1Es8stA9vHTX6/HCUQFISoH4SIcMlogYXfLV4af/p8JUyZiVOotqxOSvd
rvB43sCk6eOJlWuFViDneTZveTlOyETWo//Qb9ZrsXCbwNdwF93xJRaRksA59bWj
RQPgZH3nC9+4ctebtoB5SbuWnMDLLAtpfIoA/oNiZp4hEZwncjx0TiQtgJZn+0gU
0ddEItAI6vF8QwvSoIUl1HE2dNCkKkEvx9IgzTnDKpxKSRzSvi6WPTkRKWs7KJR9
a6pyqlmSOy7TJDZcEp/fnTK7P5h6sA+7Mb8HVyTtvPS/mqv5HWY2Qfx4rYfVj7uy
toCg
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org